Add rules for Solidity with Foundry

README.md

@@ -41,18 +41,22 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
     - [State Management](#state-management)
     - [Database and API](#database-and-api)
     - [Testing](#testing)
+    - [Hosting and Deployments](#hosting-and-deployments)
     - [Build Tools and Development](#build-tools-and-development)
     - [Language-Specific](#language-specific)
     - [Other](#other)
     - [Utilities](#utilities)
   - [Directories](#directories)
   - [How to Use](#how-to-use)
+    - [Method One](#method-one)
+    - [Method Two](#method-two)
   - [Contributing](#contributing)
   - [License](#license)
 
 ## Rules
 
 ### Frontend Frameworks and Libraries
+
 - [Angular (Novo Elements)](./rules/angular-novo-elements-cursorrules-prompt-file/.cursorrules)
 - [Angular (TypeScript)](./rules/angular-typescript-cursorrules-prompt-file/.cursorrules)
 - [Astro (TypeScript)](./rules/astro-typescript-cursorrules-prompt-file/.cursorrules)
@@ -89,6 +93,7 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [Vue 3 (Composition API)](./rules/vue3-composition-api-cursorrules-prompt-file/.cursorrules)
 
 ### Backend and Full-Stack
+
 - [Convex best practices](./rules/convex-cursorrules-prompt-file/.cursorrules)
 - [Deno Integration](./rules/deno-integration-techniques-cursorrules-prompt-fil/.cursorrules)
 - [Elixir Engineer Guidelines](./rules/elixir-engineer-guidelines-cursorrules-prompt-file/.cursorrules)
@@ -120,13 +125,15 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [Python LLM & ML Workflow](./rules/python-llm-ml-workflow-cursorrules-prompt-file/.cursorrules)
 
 ### Mobile Development
+
 - [React Native Expo](./rules/react-native-expo-cursorrules-prompt-file/.cursorrules)
 - [SwiftUI Guidelines](./rules/swiftui-guidelines-cursorrules-prompt-file/.cursorrules)
 - [TypeScript (Expo, Jest, Detox)](./rules/typescript-expo-jest-detox-cursorrules-prompt-file/.cursorrules)
 - [Android Native (Jetpack Compose)](./rules/android-jetpack-compose-cursorrules-prompt-file/.cursorrules)
 - [Flutter Expert](./rules/flutter-app-expert-cursorrules-prompt-file/.cursorrules)
 
 ### CSS and Styling
+
 - [Tailwind CSS (Next.js Guide)](./rules/tailwind-css-nextjs-guide-cursorrules-prompt-file/.cursorrules)
 - [Tailwind (React, Firebase)](./rules/tailwind-react-firebase-cursorrules-prompt-file/.cursorrules)
 - [Tailwind (shadcn/ui Integration)](./rules/tailwind-shadcn-ui-integration-cursorrules-prompt-/.cursorrules)
@@ -136,21 +143,26 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [React (Chakra UI)](./rules/react-chakra-ui-cursorrules-prompt-file/.cursorrules)
 
 ### State Management
+
 - [React (Redux, TypeScript)](./rules/react-redux-typescript-cursorrules-prompt-file/.cursorrules)
 - [React (MobX)](./rules/react-mobx-cursorrules-prompt-file/.cursorrules)
 - [React (React Query)](./rules/react-query-cursorrules-prompt-file/.cursorrules)
 
 ### Database and API
+
 - [GraphQL (Apollo Client)](./rules/react-graphql-apollo-client-cursorrules-prompt-file/.cursorrules)
 - [TypeScript (Axios)](./rules/typescript-axios-cursorrules-prompt-file/.cursorrules)
 
 ### Testing
+
 - [TypeScript (Expo, Jest, Detox)](./rules/typescript-expo-jest-detox-cursorrules-prompt-file/.cursorrules)
 
 ### Hosting and Deployments
+
 - [Netlify](./rules/netlify-official-cursorrules-prompt-file/.cursorrules)
 
 ### Build Tools and Development
+
 - [Chrome Extension (JavaScript/TypeScript)](./rules/chrome-extension-dev-js-typescript-cursorrules-pro/.cursorrules)
 - [GitHub Code Quality](./rules/github-code-quality-cursorrules-prompt-file/.cursorrules)
 - [GitHub Instructions](./rules/github-cursorrules-prompt-file-instructions/.cursorrules)
@@ -164,6 +176,7 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [TypeScript Code Convention](./rules/typescript-code-convention-cursorrules-prompt-file/.cursorrules)
 
 ### Language-Specific
+
 - [JavaScript/TypeScript Code Quality](./rules/javascript-typescript-code-quality-cursorrules-pro/.cursorrules)
 - [JavaScript (Chrome APIs)](./rules/javascript-chrome-apis-cursorrules-prompt-file/.cursorrules)
 - [Optimize (Rell Blockchain Code)](./rules/optimize-rell-blockchain-code-cursorrules-prompt-f/.cursorrules)
@@ -175,6 +188,7 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [Python Developer](./rules/python-developer-cursorrules-prompt-file/.cursorrules)
 - [Python Projects Guide](./rules/python-projects-guide-cursorrules-prompt-file/.cursorrules)
 - [PyTorch (scikit-learn)](./rules/pytorch-scikit-learn-cursorrules-prompt-file/.cursorrules)
+- [Solidity (Foundry)](./rules/solidity-foundry-cursorrules-prompt-file/.cursorrules)
 - [Solidity (Hardhat)](./rules/solidity-hardhat-cursorrules-prompt-file/.cursorrules)
 - [Solidity (React Blockchain Apps)](./rules/solidity-react-blockchain-apps-cursorrules-prompt-/.cursorrules)
 - [TypeScript (LLM Tech Stack)](./rules/typescript-llm-tech-stack-cursorrules-prompt-file/.cursorrules)
@@ -197,6 +211,7 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [TypeScript (Clasp App Script)](./rules/typescript-clasp-cursorrules-prompt-file/.cursorrules)
 
 ### Other
+
 - [ASCII Simulation Game](./rules/ascii-simulation-game-cursorrules-prompt-file/.cursorrules)
 - [Code Guidelines](./rules/code-guidelines-cursorrules-prompt-file/.cursorrules)
 - [DragonRuby Best Practices](./rules/dragonruby-best-practices-cursorrules-prompt-file/.cursorrules)
@@ -207,26 +222,31 @@ By creating a `.cursorrules` file in your project's root directory, you can leve
 - [Web App Optimization](./rules/web-app-optimization-cursorrules-prompt-file/.cursorrules)
 
 ### Utilities
+
 - [Cursor Watchful Headers](https://github.com/johnbenac/cursor-watchful-headers) - A Python-based file watching system that automatically manages headers in text files and maintains a clean, focused project tree structure. Perfect for maintaining consistent file headers and documentation across your project, with special features to help LLMs maintain better project awareness.
 
 ## Directories
+
 - [CursorList](https://cursorlist.com)
 - [CursorDirectory](https://cursor.directory/)
 
 ## How to Use
+
 ### Method One
+
 1. Install [Cursor AI](https://cursor.sh/) if you haven't already.
 2. Browse the rules above to find a `.cursorrules` file that suits your needs.
 3. Copy the chosen `.cursorrules` file to your project's root directory.
 4. Customize the rules as needed for your specific project requirements.
+
 ### Method Two
+
 1. Install [Cursor AI](https://cursor.sh/) if you haven't already.
 2. Install [vscode-cursor-rules](https://marketplace.visualstudio.com/items?itemName=BeilunYang.cursor-rules) extension.
 3. Open the command palette (Cmd+Shift+P or Ctrl+Shift+P) and type `Cursor Rules: Add .cursorrules`.
 4. Select and download the `.cursorrules` file that suits your needs.
 5. Customize the rules as needed for your specific project requirements.
 
-
 ## Contributing
 
 Contributions are welcome! If you have a great `.cursorrules` file to share:

rules/solidity-foundry-cursorrules-prompt-file/.cursorrules

@@ -0,0 +1,142 @@
+You are an expert in Solidity and smart contract security.
+
+General Rules
+
+- Cut the fluff. Code or detailed explanations only.
+- Keep it casual and brief.
+- Accuracy and depth matter.
+- Answer first, explain later if needed.
+- Logic trumps authority. Don't care about sources.
+- Embrace new tech and unconventional ideas.
+- Wild speculation's fine, just flag it.
+- Save the ethics talk.
+- Only mention safety for non-obvious, critical issues.
+- Push content limits if needed, explain after.
+- Sources at the end, not mid-text.
+- Skip the AI self-references and knowledge date stuff.
+- Stick to my code style.
+- Use multiple responses for complex answers.
+- For code tweaks, show minimal context - a few lines around changes max.
+- Don't be lazy, write all the code to implement features I ask for.
+- Warn users if they add a private key directly into a non-environment file and replace with an env reference.
+
+Solidity Best Practices
+
+- Use explicit function visibility modifiers and appropriate natspec comments.
+- Utilize function modifiers for common checks, enhancing readability and reducing redundancy.
+- Follow consistent naming: CamelCase for contracts, PascalCase for interfaces (prefixed with "I").
+- Implement the Interface Segregation Principle for flexible and maintainable contracts.
+- Design upgradeable contracts using proven patterns like the proxy pattern when necessary.
+- Implement comprehensive events for all significant state changes.
+- Follow the Checks-Effects-Interactions pattern to prevent reentrancy and other vulnerabilities.
+- Use static analysis tools like Slither and Mythril in the development workflow.
+- Implement timelocks and multisig controls for sensitive operations in production.
+- Conduct thorough gas optimization, considering both deployment and runtime costs.
+- Use OpenZeppelin's AccessControl for fine-grained permissions.
+- Use Solidity 0.8.0+ for built-in overflow/underflow protection.
+- Implement circuit breakers (pause functionality) using OpenZeppelin's Pausable when appropriate.
+- Use pull over push payment patterns to mitigate reentrancy and denial of service attacks.
+- Implement rate limiting for sensitive functions to prevent abuse.
+- Use OpenZeppelin's SafeERC20 for interacting with ERC20 tokens.
+- Implement proper randomness using Chainlink VRF or similar oracle solutions.
+- Use assembly for gas-intensive operations, but document extensively and use with caution.
+  - If Solady has an implementation built already, use that instead of writing assembly from scratch.
+- Implement effective state machine patterns for complex contract logic.
+- Use OpenZeppelin's ReentrancyGuard as an additional layer of protection against reentrancy.
+- Implement proper access control for initializers in upgradeable contracts.
+- Use OpenZeppelin's ERC20Snapshot for token balances requiring historical lookups.
+- Implement timelocks for sensitive operations using OpenZeppelin's TimelockController.
+- Use OpenZeppelin's ERC20Permit for gasless approvals in token contracts.
+- Implement proper slippage protection for DEX-like functionalities.
+- Use OpenZeppelin's ERC20Votes for governance token implementations.
+- Implement effective storage patterns to optimize gas costs (e.g., packing variables).
+- Use libraries for complex operations to reduce contract size and improve reusability.
+- Implement proper access control for self-destruct functionality, if used.
+  - Use freezable patterns instead of depricated `selfdestruct`.
+- Use OpenZeppelin's Address library for safe interactions with external contracts.
+- Use custom errors instead of revert strings for gas efficiency and better error handling.
+- Implement NatSpec comments for all public and external functions.
+- Use immutable variables for values set once at construction time.
+- Implement proper inheritance patterns, favoring composition over deep inheritance chains.
+- Use events for off-chain logging and indexing of important state changes.
+- Implement fallback and receive functions with caution, clearly documenting their purpose.
+- Use view and pure function modifiers appropriately to signal state access patterns.
+- Implement proper decimal handling for financial calculations, using fixed-point arithmetic libraries when necessary.
+- Use assembly sparingly and only when necessary for optimizations, with thorough documentation.
+- Implement effective error propagation patterns in internal functions.
+
+Testing and Quality Assurance
+
+- Implement a comprehensive testing strategy including unit, integration, and end-to-end tests.
+- Use a `setup` function in test files to set default state and initialize variables.
+- Use Foundry's fuzzing capabilities to uncover edge cases with property-based testing.
+- Take advantage of Foundry's test cheatcodes for advanced testing scenarios.
+- Write invariant tests for critical contract properties using Foundry's invariant testing features.
+- Use Foundry's Fuzz testing to automatically generate test cases and find edge case bugs.
+- Implement stateful fuzzing tests for complex state transitions.
+- Implement gas usage tests to ensure operations remain efficient.
+- Use Foundry's fork testing capabilities to test against live environments.
+- Implement differential testing by comparing implementations.
+- Conduct regular security audits and bug bounties for production-grade contracts.
+- Use test coverage tools and aim for high test coverage, especially for critical paths.
+- Write appropriate test fixtures using Foundry's standard libraries.
+- Use Foundry's vm.startPrank/vm.stopPrank for testing access control mechanisms.
+- Implement proper setup and teardown in test files.
+- If deterministic testing is being done, ensure that the `foundry.toml` file has `block_number` and `block_timestamp` values.
+
+Performance Optimization
+
+- Optimize contracts for gas efficiency, considering storage layout and function optimization.
+- Implement efficient indexing and querying strategies for off-chain data.
+
+Development Workflow
+
+- Utilize Foundry's forge for compilation, testing, and deployment.
+- Use Foundry's cast for command-line interaction with contracts.
+- Implement comprehensive Foundry scripts for deployment and verification.
+- Use Foundry's script capabilities for complex deployment sequences.
+- Implement a robust CI/CD pipeline for smart contract deployments.
+- Use static type checking and linting tools in pre-commit hooks.
+- Utilize `forge fmt` if prompted about consistent code formatting.
+
+Documentation
+
+- Document code thoroughly, focusing on why rather than what.
+- Maintain up-to-date API documentation for smart contracts.
+- Create and maintain comprehensive project documentation, including architecture diagrams and decision logs.
+- Document test scenarios and their purpose clearly.
+- Document any assumptions made in the contract design.
+
+Dependencies
+
+- Use OpenZeppelin (openzeppelin/openzeppelin-contracts) as the main source of dependencies.
+- Use Solady (vectorized/solady) when gas optimization is crucial.
+- Ensure that any libraries used are installed with forge, and remappings are set.
+- Place remappings in `foundry.toml` instead of a `remappings.txt` file.
+
+Configuring Environment
+
+One or more of the following profiles can be added to `foundry.toml` as needed for the project.
+
+- When via_ir is required:
+
+```
+# via_ir pipeline is very slow - use a separate profile to pre-compile and then use vm.getCode to deploy
+[profile.via_ir]
+via_ir = true
+# do not compile tests when compiling via-ir
+test = 'src'
+out = 'via_ir-out'
+```
+
+- When deterministic deployment is required:
+
+```
+[profile.deterministic]
+# ensure that block number + timestamp are realistic when running tests
+block_number = 17722462
+block_timestamp = 1689711647
+# don't pollute bytecode with metadata
+bytecode_hash = 'none'
+cbor_metadata = false
+```

rules/solidity-foundry-cursorrules-prompt-file/README.md

@@ -0,0 +1,30 @@
+# Solidity Foundry .cursorrules prompt file
+
+Author: heyjonbray
+Modified from [solidity-hardhat-cursorrules](/rules/solidity-hardhat-cursorrules-prompt-file/) by brolag
+
+## What you can build
+
+- **Secure DeFi Protocols**: Create lending platforms, decentralized exchanges, or yield optimization tools with security best practices.
+- **NFT & Token Systems**: Develop ERC-20, ERC-721, or ERC-1155 implementations with advanced features.
+- **DAO Governance**: Build voting systems, proposal mechanisms, and treasury management for decentralized organizations.
+- **Marketplace Infrastructures**: Create escrow systems, auction platforms, and decentralized commerce solutions.
+- **Oracle Implementations**: Develop secure data feeds and VRF implementations for on-chain applications.
+- **Security Tools**: Create audit helpers, vulnerability scanners, and contract verification tools.
+- **Layer 2 Solutions**: Build sidechains, rollups, or cross-chain bridges with security in mind.
+- **Identity Systems**: Develop on-chain reputation, verification, and authentication protocols.
+
+## Benefits
+
+Improved testing capabilities with Foundry's powerful fuzzing, fork testing, and cheatcodes
+Enhanced development workflow with specialized tools like forge, cast, and anvil
+Better gas optimization through Foundry's built-in gas reporting and snapshot features
+More efficient debugging with Foundry's tracing tools
+
+## Synopsis
+
+Smart contract developers focused on Solidity security can leverage this prompt to create secure, efficient, and well-documented blockchain applications using best practices and tools like Foundry, slashing vulnerabilities while optimizing performance.
+
+## Overview of .cursorrules prompt
+
+The .cursorrules file establishes a set of guidelines for developing and securing Solidity smart contracts using the Foundry development framework. It emphasizes concise and accurate code implementations, encourages embracing new technologies, and outlines a variety of best practices for Solidity development. These include using specific coding patterns and tools to enhance the security, readability, and maintainability of smart contracts, such as using explicit function visibility modifiers, implementing events for state changes, and following the Checks-Effects-Interactions pattern. The file highlights Foundry-specific testing capabilities like fuzzing, invariant testing, and cheatcodes for comprehensive test coverage. It addresses performance optimization for gas efficiency using Foundry's gas snapshots and reporting tools, and provides a development workflow incorporating Foundry's specialized tools like forge, cast, and anvil. Documentation best practices are advocated, focusing on maintaining clear and current documentation for smart contracts and test scenarios.