deploying-contracts-on-base

Original🇺🇸 English
Not Translated

Deploys smart contracts to Base using Foundry. Covers forge create commands, contract verification, testnet faucet setup via CDP, and BaseScan API key configuration. Use when deploying Solidity contracts to Base Mainnet or Sepolia testnet. Covers phrases like "deploy contract to Base", "forge create on Base", "verify contract on BaseScan", "get testnet ETH", "Base Sepolia faucet", "how do I deploy to Base", or "publish my contract".

1installs
Sourcebase/skills
Added on

NPX Install

npx skill4agent add base/skills deploying-contracts-on-base

SKILL.md Content

Deploying Contracts on Base

Prerequisites

  1. Configure RPC endpoint (testnet: 
    sepolia.base.org
    , mainnet: 
    mainnet.base.org
    )
  2. Store private keys in Foundry's encrypted keystore — never commit keys
  3. Obtain testnet ETH from CDP faucet (testnet only)
  4. Get a BaseScan API key for contract verification

Security

  • Never commit private keys to version control — use Foundry's encrypted keystore (
    cast wallet import
    )
  • Never hardcode API keys in source files — use environment variables or 
    foundry.toml
    with 
    ${ENV_VAR}
    references
  • Never expose 
    .env
    files     — add 
    .env
    to 
    .gitignore
  • Use production RPC providers (not public endpoints) for mainnet deployments to avoid rate limits and data leaks
  • Verify contracts on BaseScan to enable public audit of deployed code

Input Validation

Before constructing shell commands, validate all user-provided values:
  • contract-path: Must match 
    ^[a-zA-Z0-9_/.-]+\.sol:[a-zA-Z0-9_]+$
    . Reject paths with spaces, semicolons, pipes, or backticks.
  • rpc-url: Must be a valid HTTPS URL (
    ^https://[^\s;|&]+$
    ). Reject non-HTTPS or malformed URLs.
  • keystore-account: Must be alphanumeric with hyphens/underscores (
    ^[a-zA-Z0-9_-]+$
    ).
  • etherscan-api-key: Must be alphanumeric (
    ^[a-zA-Z0-9]+$
    ).
Do not pass unvalidated user input into shell commands.

Obtaining Testnet ETH via CDP Faucet

Testnet ETH is required to pay gas on Base Sepolia. Use the CDP Faucet to claim it. Supported tokens: ETH, USDC, EURC, cbBTC. ETH claims are capped at 0.0001 ETH per claim, 1000 claims per 24 hours.

Option A: CDP Portal UI (recommended for quick setup)

Agent behavior: If you have browser access, navigate to the portal and claim directly. Otherwise, ask the user to complete these steps and provide the funded wallet address.
  1. Sign in to CDP Portal (create an account at portal.cdp.coinbase.com/create-account if needed)
  2. Go to Faucets
  3. Select Base Sepolia network
  4. Select ETH token
  5. Enter the wallet address and click Claim
  6. Verify on sepolia.basescan.org that the funds arrived

Option B: Programmatic via CDP SDK

Requires a CDP API key and Wallet Secret.
bash
npm install @coinbase/cdp-sdk dotenv
typescript
import { CdpClient } from "@coinbase/cdp-sdk";
import dotenv from "dotenv";
dotenv.config();

const cdp = new CdpClient();
const account = await cdp.evm.createAccount();

const faucetResponse = await cdp.evm.requestFaucet({
  address: account.address,
  network: "base-sepolia",
  token: "eth",
});

console.log(`Funded: https://sepolia.basescan.org/tx/${faucetResponse.transactionHash}`);
Environment variables needed in 
.env
:
CDP_API_KEY_ID=your-api-key-id
CDP_API_KEY_SECRET=your-api-key-secret
CDP_WALLET_SECRET=your-wallet-secret
To fund an existing wallet instead of creating a new one, pass its address directly to 
requestFaucet
.

Obtaining a BaseScan API Key

A BaseScan API key is required for the 
--verify
flag to auto-verify contracts on BaseScan. BaseScan uses the same account system as Etherscan.
Agent behavior: If you have browser access, navigate to the BaseScan site and create the key. Otherwise, ask the user to complete these steps and provide the API key.
  1. Go to basescan.org/myapikey (or etherscan.io/myapikey — same account works)
  2. Sign in or create a free account
  3. Click Add to create a new API key
  4. Copy the key and set it in your environment:
bash
export ETHERSCAN_API_KEY=your-basescan-api-key
Alternatively, pass it directly to forge:
bash
forge create ... --etherscan-api-key <your-key>
Or add it to 
foundry.toml
:
toml
[etherscan]
base-sepolia = { key = "${ETHERSCAN_API_KEY}", url = "https://api-sepolia.basescan.org/api" }
base = { key = "${ETHERSCAN_API_KEY}", url = "https://api.basescan.org/api" }

Deployment Commands

Testnet

bash
forge create src/MyContract.sol:MyContract \
  --rpc-url https://sepolia.base.org \
  --account <keystore-account> \
  --verify \
  --etherscan-api-key $ETHERSCAN_API_KEY

Mainnet

bash
forge create src/MyContract.sol:MyContract \
  --rpc-url https://mainnet.base.org \
  --account <keystore-account> \
  --verify \
  --etherscan-api-key $ETHERSCAN_API_KEY

Key Notes

  • Contract format: 
    <contract-path>:<contract-name>
  • --verify
    flag auto-verifies on BaseScan (requires API key)
  • Explorers: basescan.org (mainnet), sepolia.basescan.org (testnet)
  • CDP Faucet docs: docs.cdp.coinbase.com/faucets

Common Issues

ErrorCause
nonce has already been used
Node sync incomplete
Transaction failsInsufficient ETH for gas — claim from faucet
Verification failsWrong RPC endpoint for target network
Verification 403/unauthorizedMissing or invalid BaseScan API key