v4 Hook Generator
Generate Uniswap v4 hook contracts via the OpenZeppelin Contracts Wizard MCP tool. This skill
guides you through selecting the right hook type, configuring permissions and utilities, assembling
the canonical MCP JSON, and invoking the MCP tool to produce ready-to-compile Solidity code.
Security companion: Generated hook code touches fund-handling contracts. Always apply the
skill immediately after generation to audit permissions, delta
accounting, and access control before deploying to any network.
When to Use This Skill
Use this skill when you need to:
- Scaffold a new Uniswap v4 hook contract from scratch
- Select the right base hook type for a specific use case (fees, MEV protection, oracles, etc.)
- Configure hook permissions, utility libraries, shares, and access control
- Produce the canonical MCP tool call JSON to invoke the OpenZeppelin Contracts Wizard
- Understand trade-offs between hook configuration options before committing to an implementation
Prerequisite / companion skill:
— run it before writing custom logic
and again before deployment. Hook misconfiguration can drain user funds.
Hook Type Decision Table
Choose the base hook type that matches your primary goal. If your hook has multiple goals, choose
the type that covers the most critical concern and layer additional logic on top.
| Goal | Use Hook |
|---|
| Custom swap logic | |
| Async/delayed swaps | |
| Hook-owned liquidity | |
| Custom curve | |
| Dynamic LP fees | |
| Dynamic swap fees | |
| Post-swap fees | |
| Fixed hook fees | |
| MEV protection | |
| JIT protection | |
| Limit orders | |
| Yield on idle | |
| Oracle | |
| V3-compatible oracle | |
Selection tips:
- is the general-purpose starting point — choose a specialized type only when the
built-in logic provides concrete value.
- replaces the entire AMM math; only use it if you are implementing a novel
pricing algorithm.
- and both address MEV but target different actors
(traders vs. JIT LPs). Clarify which attack vector you are mitigating.
- is appropriate when downstream integrations expect a Uniswap v3
-compatible oracle interface.
Minimal Decision Checklist
Before calling the MCP tool, confirm all six decisions:
- Hook type — chosen from the decision table above
- Permissions to enable — only the callbacks your logic actually uses (, , etc.)
- Utility libraries — , , as needed
- Shares — , , , or
- Access control — , , or
- Hook inputs — , (only for hook types that use them)
Permission Configuration
All 14 permission flags with guidance on when to enable each. Start with all flags
and
enable only what your hook logic requires. Every enabled permission increases the hook's attack
surface and requires a specific bit to be set in the hook's deployed address (see address encoding
note below).
| Permission Flag | Enable When | Risk |
|---|
| You need to validate or restrict pool creation params | LOW |
| You need to set up state after a pool is created | LOW |
| You need to gate or transform LP deposits | MEDIUM |
| You track LP positions or distribute rewards | LOW |
| You need lock-up periods or fee-on-exit logic | HIGH |
| You track position removals for accounting | LOW |
| You modify swap behavior, apply dynamic fees, or block | HIGH |
| You observe final swap state for oracles or accounting | MEDIUM |
| You restrict who may donate to the pool | LOW |
| You track donation events | LOW |
| You implement custom AMM curves or JIT liquidity (CRITICAL: NoOp attack vector — see ) | CRITICAL |
| You extract a hook fee from swap output | HIGH |
afterAddLiquidityReturnDelta
| You adjust LP token amounts on deposit | HIGH |
afterRemoveLiquidityReturnDelta
| You adjust withdrawal amounts | HIGH |
Address encoding note: Permissions are encoded as bits in the hook contract's deployed address.
The address must have the correct bits set at deployment time or the PoolManager will revert. Use
(from
) to mine a salt that produces an address with the correct bit
pattern. Never change permissions after deployment — the address is immutable.
Utility Library Selection
Three optional utility libraries can be included in the generated hook. Include only what your
hook logic uses.
| Library | Include When |
|---|
| Your hook moves tokens between itself and the PoolManager (e.g., custom accounting, fee collection) |
| Your hook performs arithmetic that could overflow when casting between integer types |
| Your hook needs to pass data between callbacks within a single transaction without persisting to storage (requires EVM Cancun or later, Solidity >= 0.8.24) |
Guidance:
- is almost always needed when ,
,
afterAddLiquidityReturnDelta
afterRemoveLiquidityReturnDelta
- is a gas-efficient alternative to storage slots for intra-transaction state.
Use it to pass a flag or value from to without paying 20k gas for a
cold SSTORE.
- is advisable whenever you compute amounts derived from / conversions,
especially for fee calculations.
Shares Configuration
The
option controls whether the generated hook issues a token representing user shares
(e.g., LP positions in hook-owned liquidity pools).
| Option | Description | Use When |
|---|
| No share token — hook does not track ownership of deposited assets | Simple hooks that do not hold user funds |
| Fungible share token — one token represents proportional ownership of all hook-held assets | Hook-managed liquidity pools with interchangeable shares |
| Multi-token (minimal) — one contract manages many token IDs with lower overhead than ERC1155 | Hook manages multiple distinct asset classes efficiently |
| Multi-token (standard) — full ERC1155 with metadata URI support | Hook needs broad wallet and marketplace compatibility |
Trade-offs:
- : smallest bytecode, no share accounting overhead; appropriate for fee hooks and oracles.
- : simplest fungible share; good DeFi composability (e.g., used as collateral).
- : gas-efficient multi-token with a minimal interface; preferred for new protocol designs.
- : widest ecosystem support (wallets, explorers, NFT marketplaces); higher gas cost per
transfer than ERC6909.
Access Control Options
The
option shapes the constructor and administrative interface of the generated hook.
| Option | Constructor Shape | Use When |
|---|
| constructor(IPoolManager, address initialOwner)
| Single owner controls all admin functions |
| constructor(IPoolManager, address admin)
| Multiple roles with granular permissions (OpenZeppelin AccessControl) |
| constructor(IPoolManager, address authority)
| External authority contract governs permissions (OpenZeppelin AccessManaged) |
Guidance:
- is the simplest — one address can perform all privileged operations. Suitable for
early-stage hooks and personal tools.
- adds , , etc. via OpenZeppelin . Use when
different team members need different privileges (e.g., a keeper bot that can update fees but
cannot upgrade the contract).
- delegates all permission checks to a separate contract. Use when
you need a unified governance layer across multiple contracts or want timelocked admin actions.
Note: Changing the
option changes the constructor signature. Update deployment
scripts and initialization logic accordingly. When using
, ensure the
is not the zero address — OpenZeppelin's
reverts on zero address since v5.
Hook Inputs Reference
Some hook types accept numeric configuration inputs that tune behavior. These are passed as the
object in the MCP tool call.
| Input | Type | Used By | Description |
|---|
| | , | Number of blocks before sandwich/JIT detection window opens |
| | | Maximum tick movement allowed per block before MEV protection triggers |
For hook types that do not use these inputs, omit the
field or pass an empty object
.
Passing unsupported inputs to the MCP tool will not cause an error but the values will be ignored.
MCP Tool Call (Canonical)
The OpenZeppelin Contracts Wizard exposes a
MCP tool. The following is the
canonical JSON schema — populate each field according to your decisions from the sections above,
then pass this object as the tool's argument.
json
{
"hook": "BaseHook",
"name": "MyHook",
"pausable": false,
"currencySettler": true,
"safeCast": true,
"transientStorage": false,
"shares": { "options": false },
"permissions": {
"beforeInitialize": false,
"afterInitialize": false,
"beforeAddLiquidity": false,
"beforeRemoveLiquidity": false,
"afterAddLiquidity": false,
"afterRemoveLiquidity": false,
"beforeSwap": true,
"afterSwap": false,
"beforeDonate": false,
"afterDonate": false,
"beforeSwapReturnDelta": false,
"afterSwapReturnDelta": false,
"afterAddLiquidityReturnDelta": false,
"afterRemoveLiquidityReturnDelta": false
},
"inputs": {
"blockNumberOffset": 1,
"maxAbsTickDelta": 100
},
"access": "ownable",
"info": { "license": "MIT" }
}
Field notes:
- : string — one of the 14 hook types from the decision table
- : string — the Solidity contract name (PascalCase, no spaces)
- : boolean — wraps the hook in OpenZeppelin ; adds / admin functions
- : | | |
- : | |
- : SPDX license identifier — use for open-source hooks
- : omit or pass for hook types that do not use /
Workflow: Gather → Configure → Generate → Secure
Follow these steps in order every time you use this skill.
Step 1: Gather Requirements
Ask the user (or infer from context):
- What is the hook's primary goal? (Map to the decision table.)
- Which lifecycle events does the hook need to intercept? (Map to permissions.)
- Does the hook hold or move user funds? (Determines and .)
- Who administers the hook? (Single owner, role-based team, or external governance?)
- Does the hook need to pass state between callbacks within a single transaction?
- Is this for a chain with EVM Cancun support? (Required for .)
Step 2: Select Hook Type
Using the decision table, identify the single best hook type. If the user's goal maps to multiple
types, explain the trade-offs and ask them to confirm. Document the chosen type and the reasoning.
Step 3: Configure All Six Decisions
Work through the minimal decision checklist:
- Set to the chosen type.
- Set each permission flag — default , enable only what the logic requires.
- Set , , based on utility library guidance.
- Set based on shares guidance.
- Set based on access control guidance.
- Set only if the hook type uses or .
Step 4: Assemble and Call the MCP Tool
Construct the JSON object from Step 3 and call the OpenZeppelin Contracts Wizard MCP tool with it.
The tool returns Solidity source code — it does not write files automatically.
After receiving the generated code:
- Display the code to the user.
- Explain the key generated sections (constructor, , enabled callbacks).
- Note any manual steps required (HookMiner for address mining, deployment script updates for
constructor args if is or ).
Step 5: Apply Security Foundations
Always remind the user — and invoke
— before the code is deployed:
- Verify all enabled callbacks check
msg.sender == address(poolManager)
- Review any enabled permissions for NoOp attack exposure.
- Confirm delta accounting sums to zero for every execution path.
- Run the full pre-deployment audit checklist from .
Important Notes
- Access control changes constructor shape: Choosing adds an parameter;
adds an parameter; adds an parameter. Update deployment
scripts and factory contracts accordingly.
- Permissions encode in the hook address: Each enabled permission flag corresponds to a specific
bit in the lower bytes of the hook's deployed address. The PoolManager validates these bits on
every callback. Use from to mine a deployment salt that produces a
matching address.
- MCP returns code only — it does not write files: The generated Solidity is returned as a
string. You must write it to disk yourself (e.g.,
packages/contracts/src/hooks/MyHook.sol
Related Skills
- — Run this after generation. Security audit for Uniswap v4 hooks:
permission risk matrix, NoOp attack patterns, delta accounting, access control verification,
and the full pre-deployment audit checklist. Generated hook code should never be deployed without
completing this review.
- — Deploy generated hook contracts and interact with them using viem/wagmi
- — Interact with deployed hooks via the Uniswap v4 SDK