Skip to content

feat: Hardhat plugin package for seamless integration with Hardhat workflows #18

Description

@Nanle-code

Overview

Hardhat remains widely used alongside Foundry. A first-class Hardhat plugin would let teams run ChainProof as a Hardhat task, integrate scan results into their existing compilation and test workflows, and view findings in the Hardhat console — without leaving the Hardhat ecosystem.

Proposed Plugin Behavior

Installation

npm install --save-dev @chainproof/hardhat-plugin
// hardhat.config.ts
import "@chainproof/hardhat-plugin";

const config: HardhatUserConfig = {
  chainproof: {
    targets: ["contracts/"],
    minSeverity: "high",
    useSlither: true,
    useLLM: false,
  }
};

Tasks

# Full audit
npx hardhat chainproof

# Fast CI check (exit code 1 on critical/high)
npx hardhat chainproof:check

# Generate report file
npx hardhat chainproof:report --format markdown --output audit.md

Compilation Hook

Optionally run ChainProof scan automatically after npx hardhat compile:

chainproof: {
  runOnCompile: true,    // scan after every compile
  failOnCompile: false,  // warn but don't break the compile step
}

Hardhat Network Integration

When running tests against Hardhat Network, emit a summary of ChainProof findings in the test output footer so developers see security findings alongside test results.

Package Structure

packages/hardhat-plugin/
  src/
    index.ts          # plugin entry, registers tasks and hooks
    tasks/
      scan.ts
      check.ts
      report.ts
  package.json
  tsconfig.json

Acceptance Criteria

  • packages/hardhat-plugin scaffold
  • chainproof, chainproof:check, chainproof:report tasks registered
  • HardhatUserConfig extended with chainproof configuration block
  • runOnCompile hook implemented
  • Findings printed with Hardhat console formatting (chalk colors, indentation)
  • TypeScript types for hardhat.config.ts integration
  • Example Hardhat project in examples/hardhat-project/
  • Published as @chainproof/hardhat-plugin on npm

Metadata

Metadata

Assignees

Labels

GrantFox OSSIssue tracked in GrantFox OSSMaybe RewardedIssue may be eligible for a GrantFox rewardOfficial CampaignCampaign: Official CampaignenhancementNew feature or request

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions