Deploy a Smart Contract

This section is for Operators only.

Overview

Along with sending transactions, interacting with contracts, and signing messages, we now enable users to deploy smart contracts directly from their workspace. This comprehensive functionality allows our enterprise and institutional clients to perform virtually any operation on EVM networks.

A smart contract is simply a program that runs on the Ethereum blockchain. It can define rules, like a regular contract, and automatically enforce them via the code without the need for intermediaries or manual intervention. Smart contracts cannot be deleted by default, and interactions with them are irreversible. To learn more abour Smart Contracts, you can refer to the official Ethereum documentation.

Smart Contract deployment is the process of taking a written smart contract and getting it deployed and available to users on a network. Once deployed, it becomes a permanent part of the blockchain, and the rules and conditions encoded in it start functioning.

Ledger Enteprise supports the deployment of any smart contract on EVM chains, and enables Operators to review the bytecode hash of their contract on the Trusted Display of their Personal Security Devices.

Follow the instructions below to deploy a smart contract from your Ledger Enterprise platform.

Deploy a Smart Contract via Ledger Enteprrise's native flow

Instructions

Prerequisites

You must have at least one EVM account where Smart Contract Deployment capabilities are enabled.
Before starting the contract deplopyment flow, make sure that the contract you wish to deploy is functional, tested, and audited. Lear more here for more general best practices on contract deployments.
You must have your contract bytecode ready. To do so, you need to compile your smart contract; learn more here .

Step 1: Select an account

Make sure you have access to a Contract Deployment enabled account. If this is not the case, please contact your Administrators.

Deploying a contract requires sending a transaction with a data payload (compiled bytecode) without specifying a recipient. The data payload is generated by compiling the source code and constructor arguments of the contract.

To initiate a contract deployment request via Ledger Enteprise's native flow:

Click on the New Transaction button in your sidebar, then click on Deploy contract .

Define the account you wish to deploy the contract from.

Step 2: Define the contract to deploy

Define the amount you wish to send along the deployment of the contract; this is only useful if you have defined a payable contract constructor ; if not, this field should be left null .
In the Contract bytecode field, define the contract you wish to deploy by passing its compiled bytecode .

Step 3: Select the fees

Define the max gas price & gas limit that you are willing to pay to deploy your contract. You can leverage tools such as Remix IDE to get the estimated fees of your contract deployment transaction

Contract Deployment requests do not support estimated/speed-based fees. You need to specify custom fees in order to create a valid contract deployment request.

(Optional) You can add a Title and Comments to your contract deployment request.

Step 4: Review your Contract Deployment information

You will be prompted with a Confirmation modal to validate your contract deployment request on your Security Device

If you are satisfied with the information, click on Review

create scd 4

Click Review on PSD to examine the contract deployment request on the Trusted Display of your Personal Security Device. Tap the arrows to expand the different sections.

scd request psd

Contract Compilation and hash computation are deterministic, meaning they always produce the same output (i.e., contract bytecode & bytecode hash) if the same source files, compilation settings (e.g. compiler version, optimizer), and hash computation methods are used. To verify that the contract you are about to deploy corresponds to the intented one, recompute the bytecode and its hash in a secure, isolated environment following the method provided below, and make sure it matches the one displayed on your Security Device.

The method used to compute the hash of the contract bytecode is: keccak256(bytecode)[12:]

You should only trust the hash displayed on your PSD. Reject the contract deployment request and contact the Ledger Enterprise support if you notice discrepancies.

If all information on your Security Device match your desired intent, send the request. Depending on the governance flow defined by Administrators, a Contract Deployment request will be created and submitted for approvals.
If the contract deployment governance rule requires further operator approvals, see Step 5
If the contract deployment governance rule does not require further operator approvals, see Step 6

Step 5: Review and approve a contract deployment request

When a contract deployment request requires your approval, it will appear in the request panel.

Click on the contract deployment request to examine its content. You are prompted with a contract deployment request modal, which helps you review the content of the contract to deploy.

For now, Ledger Enteprise displays all information necessary to deploy the contract (compiled bytecode)
Additionally, you will be able to review a Bytecode Hash ; this is the hash of your compiled contract bytecode , and can be used to ensure that the contract code you are reviewing corresponds to the contract code you intend to deploy.

scd modal2

Click Review on PSD to examine the contract deployment request on the Trusted Display of your Personal Security Device. Tap the arrows to expand the different sections.

Note that if Administrators defined API users in the contract deployment approval workflow, you will be able to approve contract deployment requests programmatically using the POST/transactions/{transaction_id}/approve endpoint.

Step 6: Sign the contract deployment request and verify it on-chain

Once all approvals are gathered, the Contract Deployment request will be signed and broadcast.

Verify the Deployment : Confirm that the contract has been deployed to the correct address and network and that it is functioning as intended. Specifically, make sure to review and double-check the contract configuration options, such as gas limits and contract owner accounts, to ensure that they are set correctly
Monitor the Contract : Set up continuous monitoring to track the contract's activities, performance, and interactions. Look for any anomalies or unexpected behavior. You can leverage security third parties to help you look for vulnerabilities or attacks targetting your contract.

Step 7: Reporting - monitor and audit your contract deployments

You can monitor and audit your entire history of deployed contracts. They will be flagged with the DEPLY CONTRACT transaction type.

scd op history

Ledger Enterprise records the contract that was deployed, as well as the contract deployment governance rule's audit logs.

scd reporting

scd governance history

Deploy a Smart Contract via Wallet Connect

Instructions

Prerequisites

You must have at least one EVM account where Smart Contract Deployment capabilities are enabled.
Before starting the contract deplopyment flow, make sure that the contract you wish to deploy is functional, tested, and audited. Lear more here for more general best practices on contract deployments.
You must choose your Contract Deployment application of choice, and ensure that it supports WalletConnect. You can review the list of WalletConnect-supported applications here .

Step 1: Connect your Contract Deployer account via WalletConnect

Go to the account that you have set up to deploy your Smart Contract, and click on the WalletConnect button at the top. Alternatively, in the DApps section of your workspace, head to the WalletConnect application.

On a separate browser tab, go to the third party application that you wish to use to create and deploy your contract. For this tutorial, we will use Remix IDE, a powerful toolset for developing, deploying, debugging, and testing Ethereum and EVM-compatible smart contracts.

On the application of your choice, select WalletConnect as the connector, and copy the QR code. Paste it into the input field of the WalletConnect app on your Ledger Enterprise session.

Step 2: Create your contract and initiate the deployment request

Create your contract on the connected application. Once you are satisfied with it, you can proceed to the creation of the Contract Deployment request.

If the DApp handles the fees estimation, it should automatically populate the Fees fields of your transaction on Ledger Enterprise. You can edit them at any time. Should the DApp not support fees estimation, you will need to specify the gas price & gas limit of your contract deployment transaction. Tools like Remix IDE provide an estimation of these values in the complation details (see GIF attached below).

Step 2: Review and approve the deployment request

Once you have initiated the contract deployment request from the application, it will be redirected to your Ledger Enteprise workspace. Head on your Ledger Enterprise tab in your browser, and review the Confirmation details of your Contract Deployment request.

Note that if the DApp you used does not leverage fees estmiation, you will be redirected to the 1st step of your Contract Depoyment request (with all the info already filled in). Click on Next, and input the fee information (see step above on how to estimate contract deployment fees).

For now, Ledger Enteprise displays all information necessary to deploy the contract (compiled bytecode)
Additionally, you will be able to review a Bytecode Hash ; this is the hash of your compiled contract bytecode , and can be used to ensure that the contract code you are reviewing corresponds to the contract code you intend to deploy.