abc-blockchain 0.1.1 → 0.1.2

package/README.md

@@ -1,11 +1,6 @@
 # ABC Blockchain
 
-Enterprise-grade npm bootstrap framework for ERC-4337 Hardhat development environments.
-
-Creator: Kimberley Bezuidenhout  
-Framework Signature: kimmicorn~glitch
-
-## Usage
+**Enterprise-grade ERC-4337 Hardhat bootstrap framework.** Scaffold production-ready account abstraction projects with a single command.
 
 ```bash
 npx abc-blockchain init my-project
@@ -13,17 +8,34 @@ cd my-project
 npm test
 ```
 
-The generated project includes Solidity contracts, Hardhat, TypeScript, Ethers v6, OpenZeppelin, dotenv validation, CI, release workflow, linting, formatting, security scanning hooks, deployment scripts, tests, and ERC-4337 integration points.
+---
+
+## Features
+
+- **ERC-4337 Native** — Smart account, account factory, entry point, paymaster hooks, and token contracts pre-integrated.
+- **Hardhat + TypeScript** — Ignition deployment modules, type-safe scripts, and task runner included.
+- **CI/CD Ready** — GitHub Actions workflows for CI and npm publishing with provenance.
+- **Security First** — Zod environment validation, Slither configuration, dependency auditing, and audit-friendly project layout.
+- **Zero Telemetry** — No hidden network calls, obfuscated code, or tracking of any kind.
+
+---
 
 ## CLI
 
-```bash
-abc-blockchain init <project-name> [--no-install] [--package-manager npm|pnpm|yarn]
 ```
+abc-blockchain init <project-name> [options]
+```
+
+| Option | Description |
+|--------|-------------|
+| `--no-install` | Skip dependency installation after scaffolding |
+| `--package-manager <npm\|pnpm\|yarn>` | Package manager to use (default: npm) |
+
+---
 
-## Generated File Tree
+## Generated Project
 
-```text
+```
 my-project/
 ├── contracts/
 │   ├── interfaces/
@@ -54,91 +66,97 @@ my-project/
 ├── hardhat.config.ts
 ├── tsconfig.json
 ├── .env.example
-├── README.md
 └── package.json
 ```
 
-## Architecture
-
-- CLI package copies a versioned Hardhat template and renders project metadata.
-- Generated projects keep contracts, scripts, tasks, tests, deployments, and CI concerns separated.
-- Environment variables are parsed through Zod so missing or malformed configuration fails early.
-- Deployment scripts emit structured JSON logs and deployment manifests.
-- No telemetry, hidden network calls, covert tracking, or obfuscated code is included.
+---
 
-## Implementation Roadmap
+## Architecture
 
-1. Stabilize v0.1 template with EntryPoint integration, smart account factory, deterministic deployments, and tests.
-2. Add selectable templates for minimal, audited, upgradeable, and paymaster-enabled project profiles.
-3. Add real bundler and paymaster provider adapters for common ERC-4337 infrastructure vendors.
-4. Add Foundry optional profile, Slither CI container job, and contract size reporting.
-5. Add template snapshot tests and generated-project compile tests in CI.
-6. Publish v1.0 after external security review and compatibility checks across Node LTS versions.
+The CLI copies a versioned Hardhat template, renders project metadata, and installs dependencies. Generated projects follow a clean separation of concerns:
 
-## Release Plan
+| Layer | Directory | Responsibility |
+|-------|-----------|----------------|
+| **Contracts** | `contracts/` | Solidity smart contracts (Account, Factory, EntryPoint, Token) |
+| **Deployment** | `ignition/` | Hardhat Ignition modules for deterministic deploys |
+| **Scripts** | `scripts/` | CLI scripts for account creation, deployment, and bundler interaction |
+| **Tasks** | `tasks/` | Hardhat tasks (e.g., account listing) |
+| **Tests** | `test/` | Contract tests with Hardhat test runner |
+| **CI** | `.github/` | GitHub Actions workflows for CI and release |
 
-- Use semantic versioning.
-- `0.x`: rapid template iteration, breaking changes allowed with changelog entries.
-- `1.0`: stable CLI flags, stable generated folder contracts, documented migration guide.
-- Patch releases: bug fixes, dependency security bumps, documentation corrections.
-- Minor releases: new template options, new provider adapters, additional CI integrations.
-- Major releases: Hardhat or ERC-4337 interface upgrades that require user migration.
+Environment variables are validated through Zod at runtime — missing or malformed configuration fails early with clear error messages. Deployment scripts emit structured JSON logs and deployment manifests.
 
-## NPM Publishing Workflow
+---
 
-This repository ships a production-oriented manual publish workflow at `.github/workflows/publish-npm.yml`.
+## Publishing
 
-Local checks:
+This package is published to npm via GitHub Actions. See [`PUBLISHING.md`](./PUBLISHING.md) for the full release checklist.
 
 ```bash
+# Local dry-run verification
 npm ci
 npm run ci
 npm pack --dry-run
-```
-
-GitHub setup:
-
-1. Create an npm automation token.
-2. Store it in GitHub Actions secrets as `NPM_TOKEN`.
-3. Create a GitHub environment named `npm-production`.
-4. Add required reviewers to the environment.
-5. Run the `Publish to npm` workflow with `dry_run` enabled first.
-6. Re-run the workflow with `dry_run` disabled when the package contents are correct.
-
-Manual fallback:
 
-```bash
-npm ci
-npm run ci
-npm version 0.1.1
+# Manual publish (fallback)
+npm version <semver>
 npm publish --provenance --access public
 git push origin main --follow-tags
 ```
 
-See `PUBLISHING.md` for the full release checklist.
+---
 
 ## Repository Structure
 
-```text
+```
 abc-blockchain/
-├── src/
-│   ├── branding.ts
-│   ├── cli.ts
-│   ├── config.ts
-│   ├── create-project.ts
-│   ├── logger.ts
-│   ├── package-manager.ts
-│   └── template.ts
+├── src/                          # CLI source
+│   ├── cli.ts                    # Entry point (Commander)
+│   ├── create-project.ts         # Scaffolding logic
+│   ├── template.ts               # Template rendering
+│   ├── config.ts                 # Project configuration
+│   ├── package-manager.ts        # npm/pnpm/yarn detection
+│   ├── logger.ts                 # Structured logging
+│   └── branding.ts               # Framework metadata
 ├── templates/
-│   └── hardhat-erc4337/
+│   └── hardhat-erc4337/          # Project template
 ├── .github/workflows/
-├── PUBLISHING.md
-├── SECURITY.md
-├── package.json
-├── tsconfig.json
-└── README.md
+│   ├── ci.yml                    # CI pipeline
+│   └── publish-npm.yml           # npm publish workflow
+├── PUBLISHING.md                 # Release process
+├── SECURITY.md                   # Security policy
+└── package.json
 ```
 
-## Security Position
+---
+
+## Roadmap
+
+- **v0.1** — EntryPoint integration, smart account factory, deterministic deployments, and tests (current)
+- **v0.2** — Selectable templates (minimal, audited, upgradeable, paymaster-enabled)
+- **v0.3** — Bundler and paymaster provider adapters for common ERC-4337 infrastructure
+- **v0.4** — Foundry profile, Slither CI job, contract size reporting
+- **v1.0** — Stable CLI, stable template contracts, external security review
+
+---
+
+## Security
+
+ABC Blockchain contains no hardcoded secrets, backdoors, telemetry, or obfuscated code. Generated projects include:
+
+- Environment variable validation via Zod
+- Dependency audit scripts (`npm audit`)
+- Slither-ready configuration for static analysis
+- Audit-friendly directory boundaries
+
+Report vulnerabilities via [SECURITY.md](./SECURITY.md).
+
+---
+
+## License
+
+MIT — see [LICENSE](./LICENSE).
+
+---
 
-ABC Blockchain intentionally avoids hardcoded secrets, hidden backdoors, malicious telemetry, covert tracking, and opaque logic. Generated projects include environment validation, dependency audit scripts, CodeQL scanning, Slither-ready configuration, and audit-friendly folder boundaries.
+*Created by Kimberley Bezuidenhout*

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "abc-blockchain",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "Enterprise-grade ERC-4337 Hardhat bootstrap framework.",
   "author": "Kimberley Bezuidenhout",
   "license": "MIT",
   "type": "module",
   "bin": {
-    "abc-blockchain": "./dist/cli.js"
+    "abc-blockchain": "dist/cli.js"
   },
   "files": [
     "dist",

package/PUBLISHING.md

@@ -1,89 +0,0 @@
-# Publishing ABC Blockchain to npm
-
-Creator: Kimberley Bezuidenhout  
-Framework Signature: kimmicorn~glitch
-
-## Prerequisites
-
-- Node.js 20 or 22
-- npm account with publish rights for `abc-blockchain`
-- GitHub repository with Actions enabled
-- npm automation token stored as `NPM_TOKEN`
-
-## Local Release Checks
-
-Run these before publishing:
-
-```bash
-npm ci
-npm run ci
-npm pack --dry-run
-```
-
-Confirm the dry-run package includes:
-
-- `dist/`
-- `templates/`
-- `README.md`
-- `LICENSE`
-- no `.env`
-- no `node_modules`
-- no generated sample projects
-
-## First-Time npm Setup
-
-1. Create or log in to an npm account.
-2. Enable two-factor authentication on the account.
-3. Create an automation token at npm.
-4. In GitHub, open repository settings.
-5. Add `NPM_TOKEN` under `Settings > Secrets and variables > Actions`.
-6. Create an environment named `npm-production`.
-7. Add required reviewers to the `npm-production` environment.
-
-## Manual Publish from GitHub Actions
-
-1. Open `Actions`.
-2. Select `Publish to npm`.
-3. Click `Run workflow`.
-4. Enter the version, for example `0.1.1`.
-5. Keep `dry_run` enabled for the first run.
-6. Review the workflow logs and package contents.
-7. Run the workflow again with `dry_run` disabled.
-
-The workflow runs CI, updates the package version, verifies package contents, publishes with npm provenance, commits the version bump, and creates a `vX.Y.Z` git tag.
-
-## Manual Publish from Local Machine
-
-Use this only if GitHub Actions is unavailable:
-
-```bash
-npm ci
-npm run ci
-npm version 0.1.1
-npm publish --provenance --access public --tag latest
-git push origin main --follow-tags
-```
-
-## Dist Tags
-
-- `latest`: stable releases
-- `next`: release candidates
-- `beta`: beta releases
-- `alpha`: early internal validation
-
-Install examples:
-
-```bash
-npm install -g abc-blockchain@latest
-npx abc-blockchain init my-project
-```
-
-## Production Release Checklist
-
-- CI is green on `main`.
-- `npm audit --audit-level=moderate` passes for the CLI package.
-- Generated template compiles and tests with a fresh install.
-- README, SECURITY, and PUBLISHING docs match the release.
-- Package contents were reviewed through `npm pack --dry-run`.
-- GitHub environment approval is enabled for `npm-production`.
-- `NPM_TOKEN` is an npm automation token, not a personal password.