# Contract Next Steps and Recommendations — Complete
**Last updated:** 2026-02-12
**Purpose:** Single reference for all next steps (completed, operator action, pending) and all recommendations/suggestions for smart contracts across chains and projects.
### Completed in repo (documentation and code alignment)
| Step | Status | Notes |
|------|--------|--------|
| Deprecated bridge removed from defaults | Done | All active scripts/configs use `0x971c...`; only archive and intentional "deprecated" doc string keep `0x89dd...`. |
| CCIP Router address corrected in .env.example and terraform | Done | `smom-dbis-138/.env.example` and `terraform/phases/phase1/config/env.chain138.example` use Chain 138 addresses. |
| Full contract inventory (all chains, all projects) | Done | [SMART_CONTRACTS_INVENTORY_ALL_CHAINS](SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md). |
| Canonical source of truth and .env reconciliation | Done | [CONTRACT_ADDRESSES_REFERENCE § Canonical source of truth](CONTRACT_ADDRESSES_REFERENCE.md#-canonical-source-of-truth-chain-138): single canonical address per contract; note to remove duplicate keys in `.env`. |
| Confirm every Chain 138 contract on-chain | Done via VMID 2101 | All 36 addresses checked (run `./scripts/verify/check-contracts-on-chain-138.sh`; uses `RPC_URL_138`). Re-run when new contracts are deployed. |
| Run Blockscout source verification | From host that can reach Blockscout (e.g. LAN) | `source smom-dbis-138/.env 2>/dev/null; ./scripts/verify/run-contract-verification-with-proxy.sh` |
| Reconcile .env (single source of truth) | **Done 2026-02-12:** CCIPWETH9_BRIDGE_CHAIN138 set to canonical `0x971c...`; added RPC_URL_138 (standard), MERCHANT_SETTLEMENT_REGISTRY, SETTLEMENT_REGISTRY_ADDRESS, WITHDRAWAL_ESCROW_ADDRESS, RESERVE_TOKEN_INTEGRATION, REGULATED_ENTITY_REGISTRY. One entry per variable. | [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md). Re-run reconciliation if new contracts are deployed. |
| Verify Multicall vs Oracle Aggregator at same slot | Check explorer.d-bis.org for `0x99b3511a2d315a497c8112c1fdd8d508d4b1e506` | CONTRACT_ADDRESSES_REFERENCE notes both; confirm on explorer and document which contract is at this slot. |
| Deploy phased core (138) | **Done 2026-02-11** | UniversalAssetRegistry, GovernanceController, UniversalCCIPBridge, BridgeOrchestrator deployed (proxies). Addresses in [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md); re-run 01/02 only if redeploying. |
| Optional: deploy trustless bridge | If using trustless bridge stack | Deploy from `script/bridge/trustless/`; replace placeholders in `config/production/.env.production.example`. |
| Optional: mainnet/multichain deployments | If deploying to other chains | Use `DeployAll.s.sol` or chain-specific scripts; document addresses per chain. |
| eMoney / smart accounts | When eMoney or account abstraction needed | `script/emoney/`, `script/smart-accounts/` |
| Firefly | Auto-deployed by Firefly | VMID 6200; no repo action. |
| AddressMapper / MirrorManager (Chain 138) | **Done 2026-02-12** | Deployed at `0x439Fcb2d2ab2f890DCcAE50461Fa7d978F9Ffe1A`, `0x6eD905A30c552a6e003061A38FD52A5A427beE56`. TransactionMirror: use `forge create` with `--with-gas-price 1000000000` if script fails. |
| PaymentChannelManager / GenericStateChannelManager | When channel features needed on Mainnet or Chain-138 | Deploy via smom-dbis-138 `script/DeployPaymentChannelManager.s.sol`, `script/DeployGenericStateChannelManager.s.sol`; **Chain 138:** use `--with-gas-price 1000000000`. See smom-dbis-138 `docs/deployment/PAYMENT_CHANNELS_DEPLOYMENT.md`. |
Run from repo root. Requires `cast` (Foundry) and RPC access to Chain 138. Set `RPC_URL_138` (e.g. http://192.168.11.211:8545 or https://rpc-core.d-bis.org). Then: `./scripts/verify/check-contracts-on-chain-138.sh`.
- **Verify every deployed contract on Blockscout** so source is public and matches bytecode. Use [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md) and the Forge Verification Proxy.
- **Single source of truth:** Keep [CONTRACT_ADDRESSES_REFERENCE](CONTRACT_ADDRESSES_REFERENCE.md) and [SMART_CONTRACTS_INVENTORY_ALL_CHAINS](SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md) updated when new contracts are deployed or deprecated. Reconcile duplicate entries in .env (e.g. multiple ComplianceRegistry addresses) into one canonical list.
- **On-chain confirmation:** Periodically run the on-chain checklist (or `check-contracts-on-chain-138.sh`) and fix any MISSING/EMPTY.
- **Do not use** CCIPWETH9Bridge at `0x89dd12025bfCD38A168455A44B400e913ED33BE2`. Use only `0xcacfd227A040002e49e2e01626363071324f820a` and set `CCIPWETH9_BRIDGE_CHAIN138` in env.
- **Secrets:** Never commit `.env` or private keys. Use [MASTER_SECRETS_INVENTORY](../04-configuration/MASTER_SECRETS_INVENTORY.md) and rotate any exposed keys.
- **RPC for deploy (Chain 138):** Set `RPC_URL_138` (e.g. `http://192.168.11.211:8545` or `https://rpc-core.d-bis.org`). Run from LAN or VPN if 192.168.11.x is not reachable.
- **Gas:** If you hit min-gas-price errors, use `GAS_PRICE=1000000000` (or current network minimum). See [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md).
- **Order:** For phased core, run `01_DeployCore.s.sol` first, set `UNIVERSAL_ASSET_REGISTRY` and `GOVERNANCE_CONTROLLER`, then run `02_DeployBridges.s.sol`. For alltra-lifi-settlement, deploy MerchantSettlementRegistry before WithdrawalEscrow.
- **Nonce:** If transactions are stuck, manage nonce explicitly and avoid reusing nonces. See [DEPLOYMENT_STRATEGY_EVALUATION](../06-besu/DEPLOYMENT_STRATEGY_EVALUATION.md).
### 3.4 Documentation and runbooks
- **Runbooks:** Keep [CONTRACT_DEPLOYMENT_RUNBOOK](../03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md), [BLOCKSCOUT_VERIFICATION_GUIDE](../08-monitoring/BLOCKSCOUT_VERIFICATION_GUIDE.md), and [BLOCKSCOUT_FIX_RUNBOOK](../03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md) in sync with scripts and Blockscout URL (e.g. 192.168.11.140:4000 or explorer.d-bis.org).
- **Per-chain addresses:** When deploying to mainnet or other chains, document addresses in a dedicated section or file (e.g. CONTRACT_ADDRESSES_REFERENCE or a chain-specific doc) and link from [SMART_CONTRACTS_INVENTORY_ALL_CHAINS](SMART_CONTRACTS_INVENTORY_ALL_CHAINS.md).
### 3.5 Automation and CI/CD (suggestions)
- **Verification in pipeline:** Run `run-contract-verification-with-proxy.sh` (or Blockscout verification) after deployments when Blockscout is reachable from CI.
- **Deployment automation:** Consider a single script that checks env, deploys, verifies, and updates config (see [COMPREHENSIVE_RECOMMENDATIONS](../06-besu/COMPREHENSIVE_RECOMMENDATIONS.md) § Infrastructure).
- **Config by environment:** Use `.env.development` / `.env.staging` / `.env.production` or JSON configs per chain to avoid mixing addresses.
### 3.6 Monitoring and operations
- **Event monitoring:** Monitor critical bridge/oracle events (e.g. TransferInitiated, TransferCompleted, price updates) where applicable. See [COMPREHENSIVE_RECOMMENDATIONS](../06-besu/COMPREHENSIVE_RECOMMENDATIONS.md) § Monitoring.
- **Explorer health:** Ensure Blockscout (VMID 5000, 192.168.11.140) is up and `/api` is reachable so verification and explorer.d-bis.org work. See [EXPLORER_API_ACCESS](../../explorer-monorepo/docs/EXPLORER_API_ACCESS.md) and [BLOCKSCOUT_FIX_RUNBOOK](../03-deployment/BLOCKSCOUT_FIX_RUNBOOK.md).
### 3.7 Testing and quality
- **Test before deploy:** Run `forge test` in `smom-dbis-138` and `alltra-lifi-settlement` before deploying. Run integration tests where available.
- **NatSpec:** Add NatSpec to public contract functions for better verification and tooling (see [COMPREHENSIVE_RECOMMENDATIONS](../06-besu/COMPREHENSIVE_RECOMMENDATIONS.md) § Code Quality).
### 3.8 Other chains and projects
- **ALL Mainnet (651940):** No deployment in repo; use [ALL_MAINNET_TOKEN_ADDRESSES](ALL_MAINNET_TOKEN_ADDRESSES.md) for integration only.
- **Mainnet / multichain:** Use `DeployAll.s.sol` or chain-specific scripts with correct RPC and env; document addresses per chain in CONTRACT_ADDRESSES_REFERENCE or SMART_CONTRACTS_INVENTORY_ALL_CHAINS.
- **Tezos / GRU:** Documented in inventory for reference; no EVM deployment steps in this repo.
---
## Part 4 — Quick reference commands
| Task | Command |
|------|--------|
| On-chain check (Chain 138) | `./scripts/verify/check-contracts-on-chain-138.sh [RPC_URL]` (26 addresses; use `SKIP_EXIT=1` for report-only when RPC unreachable) |
| **Deploy all phases (138)** | `cd smom-dbis-138 && ./scripts/deployment/deploy-all-phases.sh` — Skips when env set; `--all` run every phase; `--phase N` one phase; `--dry-run` preview. |
| **Run all commands on Proxmox via SSH** | `./scripts/run-on-proxmox-via-ssh.sh` (optionally `--sync` to rsync repo first). Runs: on-chain check, deploy-all-phases, phoenix-deploy-api install, Blockscout verification. Set PROXMOX_HOST, PROXMOX_REPO_PATH if needed. |
