Did you know that BuildBear now helps you find bugs in your smart contracts?
By using our platform, you can take advantage of our recent partnership with CredShield, which enables vulnerability scans through SolidityScan on all contracts deployed to your personalized Testnet.
To learn more about this exciting development, check out our recent announcement with CredShield here.
In this article, we’ll walk you through the steps of getting your contract audited using BuildBear.
Let’s begin
Step 1: Create a Hardhat project.
If you’re new to this process, you can refer to the hardhat documentation here. Once you’ve created your project, navigate to the contract folder and add your contract code, or use the smart contract provided here.
Step 2: Creating a Testnet using BuildBear.
If you’re new to BuildBear, please refer to our guide on how to create a Testnet using BuildBear.
Once you’ve created your Testnet, the next step is to add BuildBear to your networks.
Click on Verify Contracts
To add BuildBear to your networks, you’ll need to copy the first code and add it to the networks object in your hardhat.config.js or hardhat.config.ts file. Similarly, you'll need to copy the second code and paste it into the same file.
Now that your Testnet is set up and BuildBear is added to your networks, let’s move on to step 3.
Step 3: Deployment and contract verification.
Navigate to the scripts folder and create a new file called verify.js. Add the verification code after the contract deployment scripts, using a format similar to the following:
const { ethers } = require('hardhat');
async function main() {
const [deployer] = await ethers.getSigners();
console.log("Deploying contracts with the account:", deployer.address);
const Contract = await ethers.getContractFactory("Hack");
const contract = await contract.deploy();
}
await run(`verify:verify`, {
address: contract.address,
});
main()
.then(() => process.exit(0))
.catch((error) => {
console.error(error);
process.exit(1);
});
To tell Hardhat to connect to BuildBear Testnet, we can use the --networkparameter when running any task, like this:
npx hardhat run scripts/verify.js --network buildbear
After the successful verification of the contract, you will see this.
Click on the link provided in the terminal that will redirect you to the contract page you can view the vulnerability count and Solidity score directly on the contract page, as shown below: contract Page
Clicking on the links provided in the Vulenerability Count or Solidity Score will take you to the SolidityScan page which will provide you with the details. Screenshot below:
To access more details about the vulnerability, click on “view detailed results” and sign up on SolidityScan. Select Verified Contracts, enter the contract address, select BuildBear, and enter the Node ID (which can be found on the home page). Click on “Start Scan” to initiate the scan.
After the scan is complete a detailed report is generated as shown below.
In conclusion, getting your contract audited is crucial to ensure its security and reliability. With BuildBear’s integration with CredShield, you can easily deploy your smart contracts to a customized Testnet and have them scanned for vulnerabilities through SolidityScan.
What are you waiting for Use Buildbear.io and get your contracts audited now.