name

smart-contract

description

Multi-chain smart contract development skill for Ethereum, Solana, and Move-based chains. This skill should be used when: writing smart contracts (ERC20/ERC721/ERC1155/esToken/custom), auditing contract security vulnerabilities, generating Foundry test cases, optimizing gas usage, or automating deployment workflows. Triggers on queries like "write a contract", "audit this contract", "generate tests", "optimize gas", or "deploy contract".

Smart Contract Development Skill

Multi-chain smart contract development with security-first approach.

Capabilities

Capability	Description
Contract Writing	ERC20, ERC721, ERC1155, esToken (vesting/locking), custom logic
Security Audit	Reentrancy, overflow, access control, flash loan attacks, etc.
Test Generation	Foundry test cases with fuzz testing and invariant tests
Gas Optimization	Storage packing, calldata optimization, assembly tricks
Deployment	Multi-chain deployment scripts with verification

Supported Chains

EVM: Ethereum, Polygon, Arbitrum, Optimism, BSC, Avalanche
Solana: Anchor framework
Move: Aptos, Sui

Workflow

Contract Development

Clarify requirements (token type, features, chain)
Load appropriate template from assets/templates/
Implement with OpenZeppelin base contracts where applicable
Apply gas optimizations from references/gas-optimization.md
Generate Foundry tests using patterns from references/foundry-patterns.md

Security Audit

Run scripts/security_scan.py for automated detection
Manual review using references/vulnerabilities.md checklist
Report findings with severity levels (Critical/High/Medium/Low/Info)
Suggest fixes with code examples

Test Generation

Identify contract functions and state transitions
Apply patterns from references/foundry-patterns.md
Include fuzz tests for numeric inputs
Include invariant tests for protocol properties

Resources

References (load as needed)

File	Purpose	When to load
`references/vulnerabilities.md`	Common vulnerability patterns	During security audits
`references/best-practices.md`	Solidity/Rust best practices	During contract writing
`references/gas-optimization.md`	Gas optimization techniques	When optimizing contracts
`references/foundry-patterns.md`	Test patterns and examples	When generating tests

Templates (copy and modify)

Template	Use Case
`assets/templates/erc20-base.sol`	Fungible token contracts
`assets/templates/erc721-base.sol`	NFT contracts
`assets/templates/estoken-base.sol`	Vesting/locking token (esToken)
`assets/templates/test-base.t.sol`	Foundry test scaffold

Scripts

Script	Purpose
`scripts/security_scan.py`	Automated vulnerability detection

Security Audit Checklist

When auditing, check each category from references/vulnerabilities.md:

Reentrancy: External calls before state updates
Access Control: Missing modifiers, centralization risks
Integer Issues: Overflow/underflow (pre-0.8.0), division by zero
Flash Loan Attacks: Price manipulation, governance attacks
Front-running: MEV vulnerabilities, commit-reveal patterns
Logic Errors: Off-by-one, incorrect comparisons
Denial of Service: Unbounded loops, block gas limit

Output Format

Claude responds in Chinese per CLAUDE.md.

Audit Report Structure

## Security Audit Report

### Summary
- Contracts audited: [list]
- Lines of code: [count]
- Findings: [X Critical, Y High, Z Medium, W Low]

### Findings

#### [C-01] Critical: [Title]
- **Location**: `Contract.sol:L42`
- **Impact**: [description]
- **Proof of Concept**: [code]
- **Recommendation**: [fix]

Contract Delivery Structure

## Contract: [Name]

### Features
- [list features]

### Deployment
1. [steps]

### Files
- `src/[Contract].sol` - Main contract
- `test/[Contract].t.sol` - Tests
- `script/Deploy[Contract].s.sol` - Deployment script

Gas Optimization Priority

Apply optimizations in this order (from references/gas-optimization.md):

Storage layout (packing, cold/warm slots)
Calldata vs memory
Unchecked blocks for safe math
Custom errors vs require strings
Assembly for critical paths (last resort)