chore: added safe (create2 via CreateX) and ignition (create) deployment scripts (#4)

* chore: added safe (create2 via CreateX) and ignition (create) deployment scripts

Author: 0xridwanobafunso

README.md

@@ -62,6 +62,13 @@ constructor(
 )
 ```
 
+## Acknowledgments
+
+- Smart contracts: [Solidity](https://soliditylang.org)
+- Permit standards: [EIP-2612](https://eips.ethereum.org/EIPS/eip-2612), [Permit2](https://github.com/Uniswap/permit2)
+- Request signing: [EIP-712](https://eips.ethereum.org/EIPS/eip-712)
+- Relayer infrastructure: [Openzeppelin Relayer](https://github.com/OpenZeppelin/openzeppelin-relayer)
+
 ## License
 
 MIT License - Copyright (c) 2025 Cosine Labs Inc.

ignition/README.md

@@ -0,0 +1,13 @@
+import { buildModule } from '@nomicfoundation/hardhat-ignition/modules';
+
+const HandoffModule = buildModule('HandoffModule', (instance) => {
+  const SAFE_ADDRESS = process.env.SAFE_ADDRESS as string;
+  const Handoff = instance.contract('Handoff', [
+    ['0xFcDcD01BCaB08C9551Dd87eF552f3916F9875b12', '0xf3207f8BB31c9c27FaBebFFaeb69F060BfC37171'],
+    '0x000000000022D473030F116dDEE9F6B43aC78BA3',
+    SAFE_ADDRESS
+  ]);
+  return { Handoff };
+});
+
+export default HandoffModule;

ignition/modules/Handoff.ts

@@ -0,0 +1,71 @@
+import { ethers } from 'hardhat';
+import SafeApiKit from '@safe-global/api-kit';
+import Safe from '@safe-global/protocol-kit';
+import { OperationType } from '@safe-global/types-kit';
+import { deployViaCreateX } from './utils/deployViaCreateX';
+import { getTransactionReceipt, stripAddressPadding } from './utils/helpers';
+
+/**
+ * Deployment script
+ */
+async function deploy() {
+  const [signer] = await ethers.getSigners();
+
+  const CHAIN_ID = BigInt(process.env.CHAIN_ID as string);
+  const CHAIN_RPC_URL = process.env.CHAIN_RPC_URL as string;
+  const PRIVATE_KEY = process.env.PRIVATE_KEY as string;
+  const SAFE_ADDRESS = process.env.SAFE_ADDRESS as string;
+  const SAFE_API_KEY = process.env.SAFE_API_KEY as string;
+
+  const protocolKit = await Safe.init({
+    provider: CHAIN_RPC_URL,
+    signer: PRIVATE_KEY,
+    safeAddress: SAFE_ADDRESS
+  });
+  const apiKit = new SafeApiKit({
+    chainId: CHAIN_ID,
+    apiKey: SAFE_API_KEY
+  });
+
+  const trx = await deployViaCreateX();
+  const safeTransaction = await protocolKit.createTransaction({
+    transactions: [{ ...trx, value: '0', operation: OperationType.Call }]
+  });
+  const safeTxHash = await protocolKit.getTransactionHash(safeTransaction);
+  const signature = await protocolKit.signHash(safeTxHash);
+
+  await apiKit.proposeTransaction({
+    safeAddress: SAFE_ADDRESS,
+    safeTransactionData: safeTransaction.data,
+    safeTxHash,
+    senderAddress: signer.address,
+    senderSignature: signature.data
+  });
+
+  const threshold = await protocolKit.getThreshold();
+  const confirmations = await apiKit.getTransactionConfirmations(safeTxHash);
+  console.log(`Current signatures: ${confirmations.count}, Required: ${threshold}`);
+
+  if (confirmations.count >= threshold) {
+    const safeTransaction = await apiKit.getTransaction(safeTxHash);
+    const { hash } = await protocolKit.executeTransaction(safeTransaction);
+    const receipt = await getTransactionReceipt(hash);
+    const createX = receipt?.logs.find((log: any) => log.address.toLowerCase() == trx.to.toLowerCase());
+    const deployedAt = createX?.topics[1];
+    if (deployedAt) {
+      console.log('Transaction hash: ', hash);
+      console.log('Contract successfully deployed at: ', stripAddressPadding(deployedAt));
+    }
+  } else {
+    console.log(`Waiting for atleast ${threshold - confirmations.count} more signature(s) before execution`);
+    console.log(`Share this transaction hash with other Safe owners: ${safeTxHash}`);
+  }
+}
+
+deploy()
+  .then(() => process.exit(0))
+  .catch((error) => {
+    console.error('Deployment failed:');
+    console.error(error);
+    process.exit(1);
+  });

scripts/README.md

@@ -0,0 +1,30 @@
+import { ethers } from 'hardhat';
+import { getDeployment } from './getDeployment';
+
+/**
+ * Get deployment data and constructor arguments
+ * See CreateX: https://createx.rocks/deployments
+ */
+export const deployViaCreateX = async () => {
+  const CreateXFactory = '0xba5Ed099633D3B313e4D5F7bdc1305d3c28ba5Ed';
+  const SAFE_ADDRESS = process.env.SAFE_ADDRESS as string;
+  const { data } = await getDeployment();
+  const CreateXABI = [
+    {
+      inputs: [
+        { internalType: 'bytes32', name: 'salt', type: 'bytes32' },
+        { internalType: 'bytes', name: 'initCode', type: 'bytes' }
+      ],
+      name: 'deployCreate2',
+      outputs: [{ internalType: 'address', name: 'newContract', type: 'address' }],
+      stateMutability: 'payable',
+      type: 'function'
+    }
+  ];
+  const iface = new ethers.Interface(CreateXABI);
+  const encodedData = iface.encodeFunctionData('deployCreate2', [
+    ethers.solidityPacked(['address', 'uint8', 'bytes11'], [SAFE_ADDRESS, 0x00, '0xa10f771643cef3d62934f1']),
+    data
+  ]);
+  return { to: CreateXFactory, data: encodedData };
+};

scripts/safe/deploy.ts

@@ -0,0 +1,16 @@
+import { ethers } from 'hardhat';
+
+/**
+ * Get deployment data and constructor arguments
+ */
+export const getDeployment = async () => {
+  const SAFE_ADDRESS = process.env.SAFE_ADDRESS as string;
+  const Handoff = await ethers.getContractFactory('Handoff');
+  const args = {
+    relayers: ['0xFcDcD01BCaB08C9551Dd87eF552f3916F9875b12', '0xf3207f8BB31c9c27FaBebFFaeb69F060BfC37171'],
+    permit2: '0x000000000022D473030F116dDEE9F6B43aC78BA3',
+    owner: SAFE_ADDRESS
+  };
+  const { data } = await Handoff.getDeployTransaction(args.relayers, args.permit2, args.owner);
+  return { data, args };
+};

scripts/safe/utils/deployViaCreateX.ts

@@ -0,0 +1,39 @@
+import { ethers } from 'hardhat';
+
+/**
+ * Pauses execution for the specified number of milliseconds.
+ */
+const sleep = (ms: number) => new Promise((r) => setTimeout(r, ms));
+
+/**
+ * Strips the 12-byte zero-padding from a 32-byte ABI-encoded address such as those found in transaction logs.
+ * E.g:
+ *   Input:  0x00000000000000000000000002831ae5c600cfbf3fb5a9521313868f546a7ea4
+ *   Output: 0x02831aE5C600cFBF3FB5a9521313868F546A7ea4
+ */
+export const stripAddressPadding = (address: string) => {
+  const rawAddress = '0x' + address.slice(26);
+  return ethers.getAddress(rawAddress);
+};
+
+/**
+ * Repeatedly fetches a transaction receipt until it is found or the maximum number of retries is reached.
+ */
+export const getTransactionReceipt = async (hash: string, retries = 15): Promise<any> => {
+  try {
+    const receipt = await ethers.provider.getTransactionReceipt(hash);
+    if (!receipt || receipt?.logs?.length == 0) {
+      if (retries <= 0) throw new Error(`Max retries reached for ${hash}`);
+      await sleep(5000);
+      return getTransactionReceipt(hash, retries - 1);
+    }
+    return receipt;
+  } catch (error: any) {
+    if (error.name === 'TransactionReceiptNotFoundError') {
+      if (retries <= 0) throw new Error(`Max retries reached for ${hash}`);
+      await sleep(5000);
+      return getTransactionReceipt(hash, retries - 1);
+    }
+    throw error;
+  }
+};

scripts/safe/utils/getDeployment.ts

@@ -0,0 +1,22 @@
+import { run } from 'hardhat';
+import { getDeployment } from './utils/getDeployment';
+
+/**
+ * Verification script
+ */
+async function verify() {
+  const DEPLOYED_ADDRESS = process.env.DEPLOYED_ADDRESS;
+  const { args } = await getDeployment();
+  await run('verify:verify', {
+    address: DEPLOYED_ADDRESS,
+    constructorArguments: [args.relayers, args.permit2, args.owner]
+  });
+}
+
+verify()
+  .then(() => process.exit(0))
+  .catch((error) => {
+    console.error('Verification failed:');
+    console.error(error);
+    process.exit(1);
+  });