https://github.com/arec1b0/fortifysol

FortifySol: A flexible open-source Solidity template providing secure, upgradeable, and governance-ready contracts. Ideal for small prototypes or complex productions, it’s an all-in-one starting point for your decentralized applications.
https://github.com/arec1b0/fortifysol

dapps-development harhat smart-contracts solidity solidity-contracts

Last synced: about 2 months ago
JSON representation

FortifySol: A flexible open-source Solidity template providing secure, upgradeable, and governance-ready contracts. Ideal for small prototypes or complex productions, it’s an all-in-one starting point for your decentralized applications.

• Host: GitHub
• URL: https://github.com/arec1b0/fortifysol
• Owner: arec1b0
• License: mit
• Created: 2024-12-07T14:57:07.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-12-07T15:41:23.000Z (over 1 year ago)
• Last Synced: 2025-03-20T23:33:59.574Z (about 1 year ago)
• Topics: dapps-development, harhat, smart-contracts, solidity, solidity-contracts
• Language: JavaScript
• Homepage:
• Size: 22.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# FortifySol

**FortifySol** is a flexible, open-source Solidity template designed to help you build secure, upgradeable, and governance-ready smart contract systems. Whether you’re prototyping a single contract or orchestrating a complex decentralized application (dApp), FortifySol serves as a robust starting point, offering a collection of well-structured contracts, best practices, and supporting scripts.

## Key Features

- **Modular Architecture:** A well-organized folder structure with dedicated directories for access control, security, upgrades, tokens, and utility libraries.

- **Security-Focused:** Implements role-based access control, timelock controllers, multi-signature wallets, escrow, pausability, and reentrancy guards—all inspired by industry standards and official Solidity security recommendations.

- **Upgradeable Contracts:** Includes a proxy pattern (EIP-1967/EIP-1822 compatible) and upgradeable logic contracts for future-proofing your code.

- **Governance-Ready:** Offers a governance token template and integration with timelocks and multi-sig wallets to support community-driven decision-making.

- **Comprehensive Tooling:** Uses Hardhat, Mocha/Chai tests, and optional plugins for coverage, gas reporting, linting, and static analysis to ensure code quality and reliability.

- **Open-Source & Extensible:** Provided under the MIT License, with documentation and contribution guidelines encouraging community involvement.

## Project Structure

```

FortifySol/

├── contracts/

│   ├── access/

│   │   └── RoleManager.sol

│   ├── security/

│   │   ├── MultiSigWallet.sol

│   │   ├── TimeLockController.sol

│   │   └── SafeEscrow.sol

│   ├── upgrades/

│   │   ├── UpgradeableProxy.sol

│   │   └── MyUpgradableLogic.sol

│   ├── tokens/

│   │   └── GovernanceToken.sol

│   ├── utilities/

│   │   ├── ReentrancyGuarded.sol

│   │   └── SafeIncrement.sol

│   ├── PausableContract.sol

│   └── Vault.sol

├── test/

│   ├── test_RoleManager.js

│   ├── test_MultiSigWallet.js

│   ├── test_TimeLockController.js

│   ├── test_SafeEscrow.js

│   ├── test_UpgradeableProxy.js

│   ├── test_GovernanceToken.js

│   ├── test_PausableContract.js

│   └── test_Vault.js

├── scripts/

│   ├── deploy_all.js

│   ├── deploy_upgradeable.js

│   └── verify_all.js

├── docs/

│   ├── Architecture.md

│   ├── CONTRIBUTING.md

│   └── README.md (You are here)

├── .github/

│   └── workflows/

│       └── ci.yml

├── .gitignore

├── LICENSE

├── hardhat.config.js

└── package.json

```

## Getting Started

1. **Install Dependencies:**

   ```bash

   npm install

   ```

2. **Compile Contracts:**

   ```bash

   npx hardhat compile

   ```

3. **Run Tests:**

   ```bash

   npx hardhat test

   ```

4. **Local Deployment:**

   ```bash

   npx hardhat run scripts/deploy_all.js

   ```

5. **Public Testnet Deployment & Verification (e.g., Goerli):**

   - Configure your `.env` with private keys and API keys.

   - Deploy:

     ```bash

     npx hardhat run scripts/deploy_all.js --network goerli

     ```

   - Verify:

     ```bash

     npx hardhat run scripts/verify_all.js --network goerli

     ```

## Customization & Scalability

- Start small: Use just the `Vault.sol` or `PausableContract.sol` for quick proofs-of-concept.

- Scale up: Integrate the `TimeLockController`, `MultiSigWallet`, and governance mechanisms for production-ready solutions.

- Extend functionality: Add your own contracts, interfaces, or libraries following the provided structure and best practices.

## Security & Best Practices

- **Static Analysis & Audits:** Use tools like `solhint`, `slither`, and `mythril` to detect potential issues early.

- **Gas Optimization:** Consider integrating `hardhat-gas-reporter` and follow Solidity gas-saving guidelines.

- **Test Thoroughly:** Expand tests for edge cases, fuzzing inputs, and integrating differential testing techniques if needed.

- **Review Access Controls:** Regularly audit roles, permissions, and upgrade paths to ensure minimal trust assumptions.

## Contributing

We welcome contributions! Please review [CONTRIBUTING.md](docs/CONTRIBUTING.md) for guidance on reporting issues, submitting pull requests, and following coding standards.

## License

FortifySol is released under the [MIT License](LICENSE).

## Further Reading

- **Official Solidity Documentation:**  

  [https://docs.soliditylang.org](https://docs.soliditylang.org)

- **Hardhat Documentation:**  

  [https://hardhat.org](https://hardhat.org)

- **OpenZeppelin Contracts:**  

  [https://docs.openzeppelin.com/contracts](https://docs.openzeppelin.com/contracts)

Harness the power of FortifySol to accelerate your decentralized development journey, from quick experimentation to production-scale, security-focused dApps.