From 6941cc92b70677f21eb67419c05d958522591c5e Mon Sep 17 00:00:00 2001 From: Hades Date: Wed, 21 Jan 2026 16:24:34 +0800 Subject: [PATCH 1/2] sunhat skills --- skills/sunhat/SKILL.md | 26 +++++++++++ skills/sunhat/workflows/sunhat-audit.md | 49 +++++++++++++++++++++ skills/sunhat/workflows/sunhat-compile.md | 41 ++++++++++++++++++ skills/sunhat/workflows/sunhat-deploy.md | 52 ++++++++++++++++++++++ skills/sunhat/workflows/sunhat-init.md | 48 ++++++++++++++++++++ skills/sunhat/workflows/sunhat-test.md | 53 +++++++++++++++++++++++ 6 files changed, 269 insertions(+) create mode 100644 skills/sunhat/SKILL.md create mode 100644 skills/sunhat/workflows/sunhat-audit.md create mode 100644 skills/sunhat/workflows/sunhat-compile.md create mode 100644 skills/sunhat/workflows/sunhat-deploy.md create mode 100644 skills/sunhat/workflows/sunhat-init.md create mode 100644 skills/sunhat/workflows/sunhat-test.md diff --git a/skills/sunhat/SKILL.md b/skills/sunhat/SKILL.md new file mode 100644 index 0000000..855cf40 --- /dev/null +++ b/skills/sunhat/SKILL.md @@ -0,0 +1,26 @@ +--- +name: Sunhat TRON Development +description: The official detailed guide for developing, testing, deploying, and auditing TRON smart contracts using the Sunhat toolkit. +--- + +# Sunhat TRON Development Skill + +This skill enables you to develop, test, and deploy smart contracts on the TRON network. + +**Rule:** Do not memorize the details of every task. Only read the specific workflow file relevant to your current objective. + +## Capabilities + +| Objective | Workflow File | Description | +| :--- | :--- | :--- | +| **Initialize Project** | [sunhat-init.md](workflows/sunhat-init.md) | Setup new project structure, config, and env. | +| **Compile Contracts** | [sunhat-compile.md](workflows/sunhat-compile.md) | Compile Solidity/Vyper with TRON settings. | +| **Run Tests** | [sunhat-test.md](workflows/sunhat-test.md) | Run Foundry (Solidity) or Hardhat (JS) tests. | +| **Security Audit** | [sunhat-audit.md](workflows/sunhat-audit.md) | **White Hat** Analyze, Exploit (PoC), and Report. | +| **Deploy to Network** | [sunhat-deploy.md](workflows/sunhat-deploy.md) | Deploy contracts to Mainnet/Nile/Shasta. | + +## Quick Reference + +- **CLI Tool**: `sunhat` (implicitly wraps Hardhat) +- **Config**: `hardhat.config.ts` +- **Networks**: `tron` (alias for configured TRON network) diff --git a/skills/sunhat/workflows/sunhat-audit.md b/skills/sunhat/workflows/sunhat-audit.md new file mode 100644 index 0000000..0ba750d --- /dev/null +++ b/skills/sunhat/workflows/sunhat-audit.md @@ -0,0 +1,49 @@ +--- +description: Perform a manual "White Hat" security audit and verify with Foundry +--- + +# Agentic Security Audit (White Hat) + +I will act as a generic **White Hat Security Researcher** to analyze your smart contracts, identify vulnerabilities, verify them with tests, and report findings. + +## Phase 1: Deep Analysis + +I will read the contract code line-by-line, looking for common and complex vulnerabilities, including but not limited to: +- Re-entrancy +- Access Control failures +- Arithmetic Over/Underflows +- Logic errors +- **Arbitrage via Special Request Data**: Constructing specific input parameters or calldata to identify profitable logical inconsistencies. +- Tron-specific issues (e.g., energy consumption, bandwidth) + +## Phase 2: Verification (Proof of Concept) + +For every potential vulnerability identified, I will **create a reproduction test case** using Foundry. + +1. **Create Test File**: Create a new test file (e.g., `test/Audit_Exploit.t.sol`). +2. **Write Exploit**: Write a Solidity test that attempts to exploit the vulnerability. +3. **Run Test**: Execute `forge test --match-test `. +4. **Confirm**: Ensure the test passes (confirming the exploit works) or fails (if the code is safe). + +```solidity +// Example PoC Structure +function testExploit() public { + vm.startPrank(attacker); + // ... perform attack ... + assertGt(attacker.balance, initialBalance); +} +``` + +## Phase 3: Reporting + +I will generate a **Bug Report** for each confirmed issue containing: +- **Title**: Concise name of the vulnerability. +- **Severity**: Critical, High, Medium, Low, Info. +- **Description**: Detailed explanation of the logic flaw. +- **Impact**: What happens if exploited (funds lost, system frozen, etc.). +- **Proof of Concept**: The Foundry test code used to verify it. +- **Recommendation**: How to fix the code. + +## Phase 4: Remediation + +Once the report is reviewed, I can assist in applying the fixes and running the PoC again to verify the patch (the test should now fail to exploit). diff --git a/skills/sunhat/workflows/sunhat-compile.md b/skills/sunhat/workflows/sunhat-compile.md new file mode 100644 index 0000000..225f620 --- /dev/null +++ b/skills/sunhat/workflows/sunhat-compile.md @@ -0,0 +1,41 @@ +--- +description: Compile Solidity and Vyper contracts using Sunhat (Hardhat) +--- + +# Sunhat Compile + +I will help you compile your smart contracts, ensuring Tron compatibility. + +## Guardrails + +- Ensure `hardhat.config.ts` exists +- Check if `tronSolc` is enabled in config if using Tron-specific features + +## Steps + +### 1. Check Configuration + +- Read `hardhat.config.ts` +- Verify `networks.tron` exists and `tron: true` is set (good practice) +- Verify `tronSolc` settings if applicable + +### 2. Run Compile + +Execute the compile task: + +```bash +npx hardhat compile +``` + +### 3. Check Artifacts + +- Verify artifacts were generated in `artifacts/` +- For Tron-specific builds, check `extendedArtifactsTron/` + +### 4. Handle Errors + +If compilation fails: + +- Check for Solidity version mismatches +- Suggest installing `tronweb` if missing +- Check for "Stack too deep" or similar common Solidity errors diff --git a/skills/sunhat/workflows/sunhat-deploy.md b/skills/sunhat/workflows/sunhat-deploy.md new file mode 100644 index 0000000..dc55c7a --- /dev/null +++ b/skills/sunhat/workflows/sunhat-deploy.md @@ -0,0 +1,52 @@ +--- +description: Deploy contracts to the Tron network using Sunhat +--- + +# Sunhat Deploy + +I will help you deploy your contracts to the Tron network (Mainnet, Nile, Shasta). + +## Guardrails + +- **CRITICAL**: Ensure `deployTron/` folder exists (Sunhat convention) +- Verify `TRON_RPC_URL` and `PRIVATE_KEY` are in `.env` +- Ensure `network: tron` is configured in `hardhat.config.ts` + +## Steps + +### 1. Prepare Deployment Script + +- Check `deployTron/` for existing scripts +- If creating a new script, use this template: + ```typescript + import { DeployFunction } from 'hardhat-deploy/types'; + import { HardhatRuntimeEnvironment } from 'hardhat/types'; + const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) { + const { deployments, getNamedAccounts } = hre; + const { deploy } = deployments; + const { deployer } = await getNamedAccounts(); + await deploy('MyContract', { from: deployer, args: [], log: true }); + }; + export default func; + func.tags = ['MyContract']; + ``` + +### 2. Check Network Status + +- Verify RPC connection (optional, via curl or script) +- Check deployer balance (if possible) + +### 3. Execute Deployment + +Run the deploy command targeting the Tron network: + +```bash +npx hardhat deploy --network tron +``` + +_Optional: Add `--tags [Tag]` to run specific scripts._ + +### 4. Verify Output + +- Check console logs for "deployed at" address +- Note the address for verification diff --git a/skills/sunhat/workflows/sunhat-init.md b/skills/sunhat/workflows/sunhat-init.md new file mode 100644 index 0000000..af28850 --- /dev/null +++ b/skills/sunhat/workflows/sunhat-init.md @@ -0,0 +1,48 @@ +--- +description: Initialize a new Sunhat project for Tron smart contract development +--- + +# Sunhat Init + +I will help you scaffold a new project using the Sunhat toolkit. + +## Guardrails + +- Check if the current directory is empty or if a new directory name is provided +- Ensure Node.js (v18+) is installed +- Do not run if `hardhat.config.ts` already exists in the current directory (unless forcing) + +## Steps + +### 1. Verify Environment + +- Check Node.js version: `node --version` +- Check if `sunhat` is installed globally: `npm list -g @sun-protocol/sunhat` (optional, can use npx) + +### 2. Determine Project Name + +- Ask the user for a project name (default to current directory if empty) + +### 3. Initialize Project + +Run the initialization command: + +```bash +sunhat init [project-name] +``` + +_Note: If `sunhat` is not in PATH, use `npx @sun-protocol/sunhat init [project-name]`_ + +### 4. Verify Structure + +After initialization, verify that the following exist: + +- `contracts/` +- `test/` +- `deployTron/` (or `deploy/`) +- `hardhat.config.ts` + +### 5. Post-Init Setup + +- Remind user to fill in `.env` with `PRIVATE_KEY` and `TRON_RPC_URL` +- Suggest running `npm install` if it wasn't run automatically diff --git a/skills/sunhat/workflows/sunhat-test.md b/skills/sunhat/workflows/sunhat-test.md new file mode 100644 index 0000000..77cbcdf --- /dev/null +++ b/skills/sunhat/workflows/sunhat-test.md @@ -0,0 +1,53 @@ +--- +description: Run comprehensive tests using Foundry (Solidity) and Hardhat (JS/TS) +--- + +# Sunhat Testing Workflow + +I will help you run and debug tests for your TRON smart contracts. + +## 1. Foundry (Solidity Testing) - Recommended + +Foundry is the preferred testing framework for its speed and solidity-native cheating capabilities. + +### Basic Testing +Run all tests: +```bash +forge test +``` + +### Advanced Filtering +- **Specific Test**: `forge test --match-test testTransfer` +- **Specific Contract**: `forge test --match-contract TokenTest` +- **Specific Path**: `forge test --match-path test/Token.t.sol` + +### Debugging & Tracing +- **Logs**: `forge test -vv` (Show logs) +- **Failure Traces**: `forge test -vvv` (Show stack traces for failures) +- **Full Traces**: `forge test -vvvv` (Show all stack traces) +- **Debugger**: `forge script script/Deploy.s.sol --debug` + +### Gas Reporting +Generate a gas report for your contracts: +```bash +forge test --gas-report +``` + +### Mainnet Forking +Test against live chain state (e.g., Nile or Mainnet): +```bash +forge test --fork-url https://nile.trongrid.io/jsonrpc +``` + +--- + +## 2. Hardhat (JS/TS Testing) + +Use Hardhat for integration tests or when JS/TS scripting is required. + +```bash +npx hardhat test +``` + +- Run specific file: `npx hardhat test test/MyContract.test.ts` +- Run with network: `npx hardhat test --network hardhat` (Default) From bb800de08fd3598bb2cefd4b5bf6058261c30e47 Mon Sep 17 00:00:00 2001 From: Hades Date: Wed, 21 Jan 2026 21:28:53 +0800 Subject: [PATCH 2/2] update changelog, readme, package version --- CHANGELOG.md | 6 ++++++ README.md | 39 +++++++++++++++++++++++++++++++++++++++ package.json | 2 +- 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9104f62..6712e05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/). +## [1.5.0] - 2026-01-21 + +### Added +- IDE Skills integration for AI-powered development. +- Integration guides for Claude Code, Google Antigravity, OpenCode, and Cursor. + ## [1.4.0] - 2025-12-31 ### Added diff --git a/README.md b/README.md index aa62202..519c25c 100644 --- a/README.md +++ b/README.md @@ -213,6 +213,45 @@ Check the `deployments/` directory for your deployment files. You should see: --- +## IDE Skills Integration + +Sunhat exposes a specialized **Skills** interface that acts as a "driver" for AI agents. By pointing your AI assistant to the skill definition in `skills/sunhat/`, you unlock expert-level capabilities for testing, deploying, and auditing TRON contracts autonomously. + +``` +skills/ +└── sunhat/ + ├── SKILL.md # Main entry point + └── workflows/ + ├── sunhat-init.md + ├── sunhat-compile.md + ├── sunhat-test.md + ├── sunhat-deploy.md + └── sunhat-audit.md +``` + +### Supported IDEs + +| IDE | Setup | +|-----|-------| +| **Claude Code** | Place `skills/sunhat` in project root. Claude auto-discovers `SKILL.md`. | +| **Google Antigravity** | Place `skills/sunhat` in `.agent/skills/sunhat`. Antigravity auto-discovers `SKILL.md`. | +| **OpenCode** | Place `skills/sunhat` in `.opencode/skills/sunhat`. OpenCode auto-discovers `SKILL.md`. | +| **Cursor** | Copy `SKILL.md` content into `.cursorrules` or reference workflow paths. | + +### Example Usage + +``` +# Claude Code +> "Run the tests for the Lock contract using Sunhat." + +# Antigravity +> "Deploy the Token contract to Nile testnet." +``` + +The AI agent will discover the skill, read the appropriate workflow, and execute the task deterministically. + +--- + ## Development To dive deeper into advanced topics of the sunhat project lifecycle, please see the [Documentation](https://hat-docs.sunagent.ai/) for guides and reference. diff --git a/package.json b/package.json index 1fe29cf..701dfd0 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@sun-protocol/sunhat", - "version": "1.4.0", + "version": "1.5.0", "description": "An All-in-One Toolkit for the Complete TRON Smart Contract Lifecycle", "repository": "https://github.com/sun-protocol/sunhat.git", "author": "sun-protocol",