create-shield-unshield-dapp 1.0.1 → 1.0.3

package/README.md

@@ -1,6 +1,89 @@
 # create-shield-unshield-dapp
 
-Scaffold a **Shield/Unshield dApp** for wrapping and unwrapping USDC ↔ cUSDC and USDT ↔ cUSDT, and for confidential transfers. Uses ERC-7984 confidential tokens and the Zama relayer.
+Scaffold a **Shield/Unshield dApp** for the **Zama ecosystem**: let users wrap USDC/USDT into confidential tokens (cUSDC/cUSDT), send them privately, and unwrap back. Built on **ERC-7984** (confidential token standard). Ideal for projects that want to support shield/unshield and confidential transfers, and for developers new to Zama who want a working reference with clear documentation.
+
+## What you get
+
+- A ready-to-run React + Vite app with wallet connection (e.g. Rainbow, MetaMask).
+- **Wrap (shield):** USDC → cUSDC, USDT → cUSDT.
+- **Unwrap (unshield):** Two-step flow (unwrap → finalizeUnwrap) with Zama relayer for decryption.
+- **Confidential transfer:** Send cUSDC/cUSDT with amounts hidden on-chain.
+- A **detailed README** in the scaffolded project (env vars, build, where to get Sepolia addresses).
+- A **contracts/** folder with an ERC-7984 wrapper (same pattern as the payroll app), MockUSDC/MockUSDT, and Hardhat deploy scripts so you can **deploy your own tokens and wrappers** for local or Sepolia testing. See `contracts/README.md` after scaffolding.
+
+---
+
+## Token standard: ERC-7984
+
+The scaffolded app uses **ERC-7984** (Confidential Token Standard). In short:
+
+- **Underlying token:** A normal ERC-20 (e.g. USDC, USDT).
+- **Confidential wrapper:** A contract that holds the underlying and mints/burns **confidential** balances. On-chain amounts are encrypted (FHE); only the owner and authorized systems can decrypt with a proof.
+- **cUSDC / cUSDT:** The confidential versions of USDC and USDT. Balances are stored as encrypted handles; you see your balance by decrypting (e.g. via Zama’s relayer/gateway).
+
+Key contract functions used in the app:
+
+| Function | Purpose |
+|----------|---------|
+| `wrap(to, amount)` | Lock underlying (e.g. USDC) in the contract and mint confidential balance for `to`. |
+| `unwrap(from, to, encryptedAmount, inputProof)` | Burn confidential balance and request unwrap; the amount is still encrypted until proven. Emits `UnwrapRequested`. |
+| `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)` | Prove the burnt amount to the contract; contract releases that much underlying to the receiver. |
+| `confidentialTransfer(to, encryptedAmount, inputProof)` | Transfer confidential balance to `to`; amount stays encrypted on-chain. |
+| `confidentialBalanceOf(account)` | Returns an encrypted balance handle (decrypt off-chain to show amount). |
+
+---
+
+## How wrapping works (shield)
+
+**Goal:** Turn public USDC/USDT into confidential cUSDC/cUSDT.
+
+1. **Approve:** User approves the confidential token contract to spend their underlying (USDC or USDT).
+2. **Wrap:** User calls `wrap(to, amount)` on the cUSDC/cUSDT contract. The contract:
+   - Pulls `amount` of underlying from the user (transferFrom).
+   - Mints confidential balance for `to` (the user). On-chain, the amount is stored in encrypted form.
+3. **Balance:** The user’s cUSDC/cUSDT balance increases (shown after decrypting the handle). Their USDC/USDT balance decreases.
+
+No relayer needed for wrapping; it’s a single on-chain transaction.
+
+---
+
+## How unwrapping works (unshield) — two steps
+
+**Goal:** Turn confidential cUSDC/cUSDT back into public USDC/USDT.
+
+Unwrap is **two-step** because the contract only holds encrypted amounts. To release the right amount of underlying, the contract must be given a **decryption proof** that matches the burnt confidential amount. The Zama relayer (gateway) produces that proof after the first step.
+
+### Step 1: `unwrap(from, to, encryptedAmount, inputProof)`
+
+1. User chooses amount and the app **encrypts** it (FHE) for the contract, producing an encrypted handle and `inputProof`.
+2. User sends a tx calling `unwrap(from, to, encryptedAmount, inputProof)`. The contract:
+   - Burns the confidential balance corresponding to that encrypted amount.
+   - Emits `UnwrapRequested(receiver, amount)` where `amount` is the encrypted (handle) value.
+   - Does **not** send underlying yet — it waits for a decryption proof.
+3. The app (or backend) sends the emitted handle to the **Zama relayer**. The relayer decrypts it and returns a **decryption proof**.
+
+### Step 2: `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)`
+
+1. The app calls `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)` with:
+   - `burntAmount`: the handle from `UnwrapRequested`.
+   - `burntAmountCleartext`: the decrypted amount (so the contract can release the right amount).
+   - `decryptionProof`: proof from the relayer that the decryption is correct.
+2. The contract verifies the proof and sends `burntAmountCleartext` of underlying (USDC/USDT) to the receiver.
+3. User’s public USDC/USDT balance increases.
+
+In the scaffolded app, both steps run in one flow after the user clicks Unwrap/Unshield: we wait for the unwrap tx, get the proof from the relayer, then call `finalizeUnwrap` and wait for that receipt so the UI can refetch balances and show the updated USDC/USDT.
+
+---
+
+## How confidential transfer works
+
+**Goal:** Send cUSDC/cUSDT to another address without revealing the amount on-chain.
+
+1. Sender enters amount and recipient address.
+2. The app encrypts the amount (FHE) for the contract, producing an encrypted handle and `inputProof`.
+3. User sends a tx: `confidentialTransfer(to, encryptedAmount, inputProof)`. The contract deducts the encrypted amount from the sender and adds it to the recipient’s confidential balance. The amount stays encrypted; no relayer needed.
+
+---
 
 ## Install and run
 
@@ -8,23 +91,30 @@ Scaffold a **Shield/Unshield dApp** for wrapping and unwrapping USDC ↔ cUSDC a
 npx create-shield-unshield-dapp my-app
 cd my-app
 cp .env.example .env
-# Edit .env (see below)
+# Edit .env (see below and scaffolded README)
+npm install
 npm run dev
 ```
 
-Open the URL shown (e.g. http://localhost:5173) and connect your wallet.
+Open the URL (e.g. http://localhost:5173) and connect your wallet to the correct network (Mainnet or Sepolia).
 
-## Switching environment (mainnet vs testnet)
+---
 
-- **Mainnet:** In `.env` set `VITE_MAINNET=true`. Contract addresses are built-in. Optionally set `VITE_MAINNET_RPC_URL`. Connect your wallet to Ethereum Mainnet.
-- **Testnet (Sepolia):** Leave `VITE_MAINNET=false` or omit it. Set the four Sepolia contract addresses in `.env`: `VITE_USDC_ADDRESS`, `VITE_CONF_USDC_ADDRESS`, `VITE_USDT_ADDRESS`, `VITE_CONF_USDT_ADDRESS`. Connect your wallet to Sepolia.
+## Mainnet vs testnet
 
-Full details, all environment variables, and where to get Sepolia addresses are in the **scaffolded project’s README** (`README.md` in the created folder).
+- **Mainnet:** In `.env` set `VITE_MAINNET=true`. Contract addresses are built-in. Optionally set `VITE_MAINNET_RPC_URL`.
+- **Testnet (Sepolia):** Leave `VITE_MAINNET=false` or omit it. Set the four Sepolia contract addresses in `.env`: `VITE_USDC_ADDRESS`, `VITE_CONF_USDC_ADDRESS`, `VITE_USDT_ADDRESS`, `VITE_CONF_USDT_ADDRESS`.
+
+The **scaffolded project’s README** (`README.md` in the created folder) has full env docs, where to get Sepolia addresses, build, and preview.
+
+---
 
 ## Options
 
 - `npx create-shield-unshield-dapp my-app --force` — Overwrite existing files in `my-app` if it already exists.
-- `npx create-shield-unshield-dapp my-app --no-install` — Skip running `npm install` after copying (run it yourself).
+- `npx create-shield-unshield-dapp my-app --no-install` — Skip `npm install` after copying (run it yourself).
+
+---
 
 ## License
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-shield-unshield-dapp",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "Scaffold a Shield/Unshield dApp for USDC/cUSDC and USDT/cUSDT (wrap, unwrap, confidential transfer)",
   "type": "commonjs",
   "bin": {

package/template/README.md

@@ -1,17 +1,95 @@
 # Shield / Unshield dApp
 
-A frontend for wrapping and unwrapping **USDC ↔ cUSDC** and **USDT ↔ cUSDT**, and for **transferring** confidential tokens. Supports **Ethereum Mainnet** and **Sepolia** testnet. Uses ERC-7984 confidential token contracts and the Zama relayer for unwrap decryption.
+A reference dApp for the **Zama ecosystem**: wrap and unwrap **USDC ↔ cUSDC** and **USDT ↔ cUSDT**, and **transfer** confidential tokens. Supports **Ethereum Mainnet** and **Sepolia** testnet. Built on **ERC-7984** (confidential token standard). Use it as a foundation or guide when implementing confidential tokens in your own project.
 
-## Features
+---
 
-- **Wrap (shield):** USDC → cUSDC, USDT → cUSDT.
-- **Unwrap (unshield):** cUSDC → USDC, cUSDT → USDT (two-step flow via Zama gateway).
-- **Transfer:** Send cUSDC or cUSDT to any address; amount is encrypted on-chain.
+## Token standard: ERC-7984
+
+This app uses **ERC-7984** (Confidential Token Standard). In short:
+
+- **Underlying token:** A normal ERC-20 (e.g. USDC, USDT).
+- **Confidential wrapper:** A contract that holds the underlying and mints/burns **confidential** balances. On-chain amounts are encrypted (FHE); only the owner and authorized systems can decrypt with a proof.
+- **cUSDC / cUSDT:** The confidential versions of USDC and USDT. Balances are stored as encrypted handles; you see your balance by decrypting (e.g. via Zama’s relayer/gateway).
+
+Key contract functions we use:
+
+| Function | Purpose |
+|----------|---------|
+| `wrap(to, amount)` | Lock underlying (e.g. USDC) in the contract and mint confidential balance for `to`. |
+| `unwrap(from, to, encryptedAmount, inputProof)` | Burn confidential balance and request unwrap; the amount is still encrypted until proven. Emits `UnwrapRequested`. |
+| `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)` | Prove the burnt amount to the contract; contract releases that much underlying to the receiver. |
+| `confidentialTransfer(to, encryptedAmount, inputProof)` | Transfer confidential balance to `to`; amount stays encrypted on-chain. |
+| `confidentialBalanceOf(account)` | Returns an encrypted balance handle (decrypt off-chain to show amount). |
+
+---
+
+## How wrapping works (shield)
+
+**Goal:** Turn public USDC/USDT into confidential cUSDC/cUSDT.
+
+1. **Approve:** User approves the confidential token contract to spend their underlying (USDC or USDT).
+2. **Wrap:** User calls `wrap(to, amount)` on the cUSDC/cUSDT contract. The contract:
+   - Pulls `amount` of underlying from the user (transferFrom).
+   - Mints confidential balance for `to` (the user). On-chain, the amount is stored in encrypted form.
+3. **Balance:** The user’s cUSDC/cUSDC balance increases (shown after decrypting the handle). Their USDC/USDT balance decreases.
+
+No relayer needed for wrapping; it’s a single on-chain transaction.
+
+---
+
+## How unwrapping works (unshield) — two steps
+
+**Goal:** Turn confidential cUSDC/cUSDT back into public USDC/USDT.
+
+Unwrap is **two-step** because the contract only holds encrypted amounts. To release the right amount of underlying, the contract must be given a **decryption proof** that matches the burnt confidential amount. The Zama relayer (gateway) produces that proof after the first step.
+
+### Step 1: `unwrap(from, to, encryptedAmount, inputProof)`
+
+1. User chooses amount and the app **encrypts** it (FHE) for the contract, producing an encrypted handle and `inputProof`.
+2. User sends a tx calling `unwrap(from, to, encryptedAmount, inputProof)`. The contract:
+   - Burns the confidential balance corresponding to that encrypted amount.
+   - Emits `UnwrapRequested(receiver, amount)` where `amount` is the encrypted (handle) value.
+   - Does **not** send underlying yet — it waits for a decryption proof.
+3. The app (or backend) sends the emitted handle to the **Zama relayer**. The relayer decrypts it and returns a **decryption proof**.
+
+### Step 2: `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)`
+
+1. The app calls `finalizeUnwrap(burntAmount, burntAmountCleartext, decryptionProof)` with:
+   - `burntAmount`: the handle from `UnwrapRequested`.
+   - `burntAmountCleartext`: the decrypted amount (so the contract can release the right amount).
+   - `decryptionProof`: proof from the relayer that the decryption is correct.
+2. The contract verifies the proof and sends `burntAmountCleartext` of underlying (USDC/USDT) to the receiver.
+3. User’s public USDC/USDT balance increases.
+
+In this app, both steps run in one flow after the user clicks Unwrap/Unshield: we wait for the unwrap tx, get the proof from the relayer, then call `finalizeUnwrap` and wait for that receipt so the UI can refetch balances and show the updated USDC/USDT.
+
+---
+
+## How confidential transfer works
+
+**Goal:** Send cUSDC/cUSDT to another address without revealing the amount on-chain.
+
+1. Sender enters amount and recipient address.
+2. The app encrypts the amount (FHE) for the contract, producing an encrypted handle and `inputProof`.
+3. User sends a tx: `confidentialTransfer(to, encryptedAmount, inputProof)`. The contract deducts the encrypted amount from the sender and adds it to the recipient’s confidential balance. The amount stays encrypted; no relayer needed.
+
+---
+
+## Features (summary)
+
+- **Wrap (shield):** USDC → cUSDC, USDT → cUSDT (approve + one tx).
+- **Unwrap (unshield):** cUSDC → USDC, cUSDT → USDT (two-step: unwrap tx → relayer proof → finalizeUnwrap tx).
+- **Transfer:** Send cUSDC or cUSDT confidentially (one tx).
+
+---
 
 ## Prerequisites
 
 - Node.js 18+
-- A wallet (e.g. MetaMask) on the network you use (Mainnet or Sepolia).
+- A wallet (e.g. MetaMask, Rainbow) on the network you use (Mainnet or Sepolia).
+
+---
 
 ## Quick start
 
@@ -21,7 +99,7 @@ A frontend for wrapping and unwrapping **USDC ↔ cUSDC** and **USDT ↔ cUSDT**
    npm install
    ```
 
-2. Copy the example env file and edit it:
+2. Copy the example env and edit it:
 
    ```bash
    cp .env.example .env
@@ -39,17 +117,19 @@ A frontend for wrapping and unwrapping **USDC ↔ cUSDC** and **USDT ↔ cUSDT**
 
 5. Open the URL (e.g. http://localhost:5173), connect your wallet to the correct network (Sepolia or Mainnet), and use the app.
 
-## Switching environment (mainnet vs testnet)
+---
 
-The app uses a single env flag to choose the network.
+## Mainnet vs testnet
 
-| Mode     | Set in `.env`                     | Contract addresses |
-|----------|-----------------------------------|--------------------|
-| Testnet  | `VITE_MAINNET=false` or omit      | **Required:** `VITE_USDC_ADDRESS`, `VITE_CONF_USDC_ADDRESS`, `VITE_USDT_ADDRESS`, `VITE_CONF_USDT_ADDRESS` (Sepolia). |
-| Mainnet  | `VITE_MAINNET=true`               | **Built-in.** No address env vars needed. Optional: `VITE_MAINNET_RPC_URL`. |
+| Mode    | Set in `.env`                    | Contract addresses |
+|---------|----------------------------------|--------------------|
+| Testnet | `VITE_MAINNET=false` or omit     | **Required:** `VITE_USDC_ADDRESS`, `VITE_CONF_USDC_ADDRESS`, `VITE_USDT_ADDRESS`, `VITE_CONF_USDT_ADDRESS` (Sepolia). |
+| Mainnet | `VITE_MAINNET=true`              | **Built-in.** Optional: `VITE_MAINNET_RPC_URL`. |
 
-- **After changing** `.env`, restart the dev server (`npm run dev`) or rebuild for production (`npm run build`).
-- **Mainnet:** Wrap and transfer work with built-in addresses. Unwrap/decrypt on mainnet may require a relayer API key (contact the Zama team for access).
+- After changing `.env`, restart the dev server (`npm run dev`) or rebuild (`npm run build`).
+- Mainnet: Wrap and transfer work with built-in addresses. Unwrap/decrypt on mainnet may require a relayer API key (contact the Zama team for access).
+
+---
 
 ## Environment variables
 
@@ -64,9 +144,15 @@ The app uses a single env flag to choose the network.
 | `VITE_MAINNET_RPC_URL` | No | Mainnet RPC URL when `VITE_MAINNET=true` (default: public RPC). |
 | `VITE_WALLETCONNECT_PROJECT_ID` | No | WalletConnect project ID (optional). |
 
+---
+
 ## Where to get Sepolia addresses
 
-Obtain the USDC, cUSDC, USDT, and cUSDT contract addresses from your deployment or from the Zama/contract documentation. The app does not ship valid default addresses for Sepolia.
+Obtain the USDC, cUSDC, USDT, and cUSDT contract addresses from your deployment or from Zama/contract documentation. The app does not ship valid default addresses for Sepolia.
+
+**Testing with your own contracts:** If you have the `contracts/` folder (ERC-7984 wrapper + mocks + Hardhat), you can deploy your own wrappers and mocks for local or Sepolia testing. Run `npm run deploy:local` or `npm run deploy:sepolia` in the `contracts/` directory and paste the printed addresses into this app’s `.env`. See `contracts/README.md` in the same project.
+
+---
 
 ## Build and preview
 
@@ -74,18 +160,22 @@ Obtain the USDC, cUSDC, USDT, and cUSDT contract addresses from your deployment
 npm run build
 ```
 
-Output is in `dist/`. To serve it locally:
+Output is in `dist/`. To serve locally:
 
 ```bash
 npm run preview
 ```
 
+---
+
 ## Architecture
 
 - **Frontend only:** No backend or indexer; reads from the chain and uses the Zama relayer for unwrap decryption proof.
 - **Contracts:** ERC-7984 confidential token wrappers with `wrap`, `unwrap`, `finalizeUnwrap`, and `confidentialTransfer`.
 - **Two token pairs:** USDC/cUSDC and USDT/cUSDT; on testnet you supply all four addresses via env; on mainnet they are built-in.
 
+---
+
 ## License
 
 MIT.

package/template/contracts/.env.example

@@ -0,0 +1,8 @@
+# Funded Sepolia wallet (for deploy-sepolia only)
+PRIVATE_KEY=0x...
+
+# Optional: RPC URL for Sepolia (default: https://rpc.sepolia.org)
+# SEPOLIA_RPC_URL=https://ethereum-sepolia-rpc.publicnode.com
+
+# Optional: only for deploy-sepolia if you have a USDT contract on Sepolia
+# USDT_SEPOLIA=0x...

package/template/contracts/README.md

@@ -0,0 +1,74 @@
+# Shield / Unshield — contracts
+
+ERC-7984 confidential token **wrapper** and **mock tokens** for local and Sepolia testing. New to Zama? Deploy these to get your own cUSDC/cUSDT and point the frontend at them.
+
+## What’s here
+
+- **ConfidentialTokenWrapper.sol** — Wraps any ERC-20 (e.g. USDC, USDT) into an ERC-7984 confidential token (wrap, unwrap, finalizeUnwrap, confidentialTransfer). Same pattern as the payroll app’s `ConfidentialPayrollToken`.
+- **MockUSDC.sol / MockUSDT.sol** — Simple ERC-20 mocks (6 decimals, `mint`) for **local testing only**. Do not use on mainnet.
+- **deploy-local.ts** — Deploys mocks + two wrappers on Hardhat network, mints test tokens to deployer, prints addresses for frontend `.env`.
+- **deploy-sepolia.ts** — Deploys wrappers on Sepolia using real USDC (and optional USDT). You need a funded Sepolia wallet.
+
+## Prerequisites
+
+- Node.js 20+
+- For Sepolia: a funded Sepolia account (set `PRIVATE_KEY` in `.env`).
+
+## Setup
+
+```bash
+cd contracts
+npm install --legacy-peer-deps
+cp .env.example .env
+# Edit .env: set PRIVATE_KEY for Sepolia deploys
+```
+
+(Use `--legacy-peer-deps` because of a peer dependency between `@openzeppelin/confidential-contracts` and `@fhevm/solidity`.)
+
+## Compile
+
+```bash
+npm run compile
+```
+
+## Deploy for local testing (Hardhat network)
+
+Deploys MockUSDC, MockUSDT, and two ConfidentialTokenWrappers (cUSDC, cUSDT), then mints 1M of each mock to the deployer.
+
+```bash
+npm run deploy:local
+```
+
+Copy the printed addresses into the **frontend** `.env` (see script output). To use the frontend against this local chain, you must run a local node (e.g. `npx hardhat node`) in another terminal and point the frontend at it; the app’s testnet mode expects Sepolia by default, so you may need to add the Hardhat network (chainId 31337) to your wallet and use the same mnemonic.
+
+## Deploy to Sepolia
+
+Uses **real USDC** on Sepolia. Optionally set `USDT_SEPOLIA` in `.env` if you have a USDT contract on Sepolia; otherwise only cUSDC is deployed.
+
+```bash
+npm run deploy:sepolia
+```
+
+Copy the printed addresses into the **frontend** `.env`:
+
+- `VITE_MAINNET=false`
+- `VITE_USDC_ADDRESS=...`
+- `VITE_CONF_USDC_ADDRESS=...`
+- `VITE_USDT_ADDRESS=...` (or leave zero if you didn’t deploy cUSDT)
+- `VITE_CONF_USDT_ADDRESS=...`
+
+Then run the frontend (`npm run dev` in the frontend folder), connect your wallet to Sepolia, and use the dApp.
+
+## Contract overview (ERC-7984)
+
+- **ConfidentialTokenWrapper** extends OpenZeppelin’s `ERC7984ERC20Wrapper` and Zama’s `ZamaEthereumConfig`. It:
+  - **wrap(to, amount)** — Pulls underlying from caller, mints confidential balance to `to`.
+  - **unwrap(from, to, encryptedAmount, inputProof)** — Burns confidential balance, emits `UnwrapRequested`; relayer produces decryption proof.
+  - **finalizeUnwrap(burntAmount, cleartext, decryptionProof)** — Verifies proof and sends underlying to receiver.
+  - **confidentialTransfer(to, encryptedAmount, inputProof)** — Transfers confidential balance; amount stays encrypted.
+
+The frontend README has a longer explanation of the token standard and the wrap/unwrap/finalize flow.
+
+## License
+
+MIT (contracts); BSD-3-Clause for code that follows the Zama/OpenZeppelin confidential-contracts pattern.

package/template/contracts/contracts/ConfidentialTokenWrapper.sol

@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: BSD-3-Clause
+pragma solidity ^0.8.27;
+
+import "@openzeppelin/confidential-contracts/token/ERC7984/extensions/ERC7984ERC20Wrapper.sol";
+import {ZamaEthereumConfig} from "@fhevm/solidity/config/ZamaConfig.sol";
+
+/// @title ConfidentialTokenWrapper
+/// @notice ERC-7984 wrapper: wraps a public ERC20 (e.g. USDC, USDT) into a confidential token
+///         for shield/unshield and confidential transfers.
+contract ConfidentialTokenWrapper is ZamaEthereumConfig, ERC7984ERC20Wrapper {
+    constructor(
+        address underlyingToken,
+        string memory name,
+        string memory symbol,
+        string memory uri
+    ) ERC7984(name, symbol, uri) ERC7984ERC20Wrapper(IERC20(underlyingToken)) {}
+}

package/template/contracts/contracts/test/MockUSDC.sol

@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.27;
+
+import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+
+/// @title MockUSDC — Test-only mock for USDC
+/// @notice Simple ERC20 with 6 decimals for local/testing. DO NOT use on mainnet.
+contract MockUSDC is ERC20 {
+    constructor() ERC20("USD Coin", "USDC") {}
+
+    function decimals() public pure override returns (uint8) {
+        return 6;
+    }
+
+    function mint(address to, uint256 amount) external {
+        _mint(to, amount);
+    }
+}

package/template/contracts/contracts/test/MockUSDT.sol

@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.27;
+
+import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+
+/// @title MockUSDT — Test-only mock for USDT
+/// @notice Simple ERC20 with 6 decimals for local/testing. DO NOT use on mainnet.
+contract MockUSDT is ERC20 {
+    constructor() ERC20("Tether USD", "USDT") {}
+
+    function decimals() public pure override returns (uint8) {
+        return 6;
+    }
+
+    function mint(address to, uint256 amount) external {
+        _mint(to, amount);
+    }
+}

package/template/contracts/hardhat.config.ts

@@ -0,0 +1,49 @@
+import "@fhevm/hardhat-plugin";
+import "@nomicfoundation/hardhat-ethers";
+import "@typechain/hardhat";
+import type { HardhatUserConfig } from "hardhat/config";
+import "dotenv/config";
+
+const MNEMONIC =
+  process.env.MNEMONIC ??
+  "test test test test test test test test test test test junk";
+
+const SEPOLIA_RPC_URL =
+  process.env.SEPOLIA_RPC_URL ?? "https://rpc.sepolia.org";
+const PRIVATE_KEY = process.env.PRIVATE_KEY ?? "";
+
+const config: HardhatUserConfig = {
+  defaultNetwork: "hardhat",
+  networks: {
+    hardhat: {
+      accounts: { mnemonic: MNEMONIC },
+      chainId: 31337,
+    },
+    sepolia: {
+      accounts: PRIVATE_KEY ? [PRIVATE_KEY] : { mnemonic: MNEMONIC, count: 10 },
+      chainId: 11155111,
+      url: SEPOLIA_RPC_URL,
+    },
+  },
+  paths: {
+    artifacts: "./artifacts",
+    cache: "./cache",
+    sources: "./contracts",
+    tests: "./test",
+  },
+  solidity: {
+    version: "0.8.27",
+    settings: {
+      metadata: { bytecodeHash: "none" },
+      optimizer: { enabled: true, runs: 800 },
+      viaIR: true,
+      evmVersion: "cancun",
+    },
+  },
+  typechain: {
+    outDir: "types",
+    target: "ethers-v6",
+  },
+};
+
+export default config;

package/template/contracts/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "shield-unshield-contracts",
+  "version": "1.0.0",
+  "description": "ERC-7984 wrapper and mocks for Shield/Unshield dApp (local and Sepolia)",
+  "private": true,
+  "scripts": {
+    "compile": "hardhat compile",
+    "deploy:local": "hardhat run scripts/deploy-local.ts --network hardhat",
+    "deploy:sepolia": "hardhat run scripts/deploy-sepolia.ts --network sepolia"
+  },
+  "devDependencies": {
+    "@fhevm/hardhat-plugin": "^0.3.0-4",
+    "@fhevm/mock-utils": "0.3.0-4",
+    "@nomicfoundation/hardhat-ethers": "^3.1.0",
+    "@zama-fhe/relayer-sdk": "^0.3.0-8",
+    "@typechain/ethers-v6": "^0.5.1",
+    "@typechain/hardhat": "^9.1.0",
+    "dotenv": "^16.3.1",
+    "typechain": "^8.3.2",
+    "ethers": "^6.15.0",
+    "hardhat": "^2.26.0",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.3.3"
+  },
+  "dependencies": {
+    "@fhevm/solidity": "^0.10.0",
+    "@openzeppelin/confidential-contracts": "^0.3.0",
+    "@openzeppelin/contracts": "^5.0.2"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}

package/template/contracts/scripts/deploy-local.ts

@@ -0,0 +1,62 @@
+/**
+ * Deploy mock tokens + ERC-7984 wrappers on local Hardhat network for testing.
+ * Usage: npx hardhat run scripts/deploy-local.ts --network hardhat
+ *
+ * Then run the frontend with these addresses in .env (VITE_MAINNET=false and the four addresses).
+ * Note: Hardhat local chainId is 31337; the frontend expects Sepolia (11155111) by default for
+ * testnet. For local testing you may need to add Hardhat network to your wallet and use the
+ * same mnemonic, or run the frontend against Sepolia and use deploy-sepolia.ts instead.
+ */
+import { ethers } from "hardhat";
+
+const MINT_AMOUNT = ethers.parseUnits("1000000", 6); // 1M units (6 decimals)
+
+async function main() {
+  const [deployer] = await ethers.getSigners();
+  console.log("Deploying with account:", deployer.address);
+
+  // 1. Deploy mocks
+  const MockUSDC = await ethers.getContractFactory("MockUSDC");
+  const mockUsdc = await MockUSDC.deploy();
+  await mockUsdc.waitForDeployment();
+  const usdcAddr = await mockUsdc.getAddress();
+  console.log("MockUSDC deployed to:", usdcAddr);
+
+  const MockUSDT = await ethers.getContractFactory("MockUSDT");
+  const mockUsdt = await MockUSDT.deploy();
+  await mockUsdt.waitForDeployment();
+  const usdtAddr = await mockUsdt.getAddress();
+  console.log("MockUSDT deployed to:", usdtAddr);
+
+  // 2. Deploy wrappers (ERC-7984)
+  const Wrapper = await ethers.getContractFactory("ConfidentialTokenWrapper");
+
+  const cUsdc = await Wrapper.deploy(usdcAddr, "Confidential USDC", "cUSDC", "");
+  await cUsdc.waitForDeployment();
+  const cUsdcAddr = await cUsdc.getAddress();
+  console.log("ConfidentialTokenWrapper (cUSDC) deployed to:", cUsdcAddr);
+
+  const cUsdt = await Wrapper.deploy(usdtAddr, "Confidential USDT", "cUSDT", "");
+  await cUsdt.waitForDeployment();
+  const cUsdtAddr = await cUsdt.getAddress();
+  console.log("ConfidentialTokenWrapper (cUSDT) deployed to:", cUsdtAddr);
+
+  // 3. Mint test tokens to deployer
+  await mockUsdc.mint(deployer.address, MINT_AMOUNT);
+  await mockUsdt.mint(deployer.address, MINT_AMOUNT);
+  console.log("Minted 1_000_000 USDC and USDT to", deployer.address);
+
+  console.log("\n=== Add to frontend .env (testnet / local) ===");
+  console.log(`VITE_MAINNET=false`);
+  console.log(`VITE_USDC_ADDRESS=${usdcAddr}`);
+  console.log(`VITE_CONF_USDC_ADDRESS=${cUsdcAddr}`);
+  console.log(`VITE_USDT_ADDRESS=${usdtAddr}`);
+  console.log(`VITE_CONF_USDT_ADDRESS=${cUsdtAddr}`);
+}
+
+main()
+  .then(() => process.exit(0))
+  .catch((err) => {
+    console.error(err);
+    process.exit(1);
+  });

package/template/contracts/scripts/deploy-sepolia.ts

@@ -0,0 +1,52 @@
+/**
+ * Deploy ERC-7984 wrappers on Sepolia using real USDC (and optional USDT).
+ * Usage: npx hardhat run scripts/deploy-sepolia.ts --network sepolia
+ *
+ * Requires PRIVATE_KEY in .env (funded Sepolia wallet).
+ * Uses real USDC on Sepolia. If you don't have Sepolia USDT, set VITE_USDT_ADDRESS and
+ * VITE_CONF_USDT_ADDRESS to zero or omit USDT in the app.
+ */
+import { ethers } from "hardhat";
+
+// Real USDC on Sepolia (Circle)
+const USDC_SEPOLIA = "0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238";
+// Sepolia often has a USDT-equivalent or test token; set if you have one, or deploy MockUSDT first
+const USDT_SEPOLIA = process.env.USDT_SEPOLIA ?? "0x0000000000000000000000000000000000000000";
+
+async function main() {
+  const [deployer] = await ethers.getSigners();
+  console.log("Deploying with account:", deployer.address);
+  console.log("Account balance:", (await ethers.provider.getBalance(deployer.address)).toString());
+
+  const Wrapper = await ethers.getContractFactory("ConfidentialTokenWrapper");
+
+  // cUSDC
+  const cUsdc = await Wrapper.deploy(USDC_SEPOLIA, "Confidential USDC", "cUSDC", "");
+  await cUsdc.waitForDeployment();
+  const cUsdcAddr = await cUsdc.getAddress();
+  console.log("ConfidentialTokenWrapper (cUSDC) deployed to:", cUsdcAddr);
+
+  let cUsdtAddr = "0x0000000000000000000000000000000000000000";
+  if (USDT_SEPOLIA !== "0x0000000000000000000000000000000000000000") {
+    const cUsdt = await Wrapper.deploy(USDT_SEPOLIA, "Confidential USDT", "cUSDT", "");
+    await cUsdt.waitForDeployment();
+    cUsdtAddr = await cUsdt.getAddress();
+    console.log("ConfidentialTokenWrapper (cUSDT) deployed to:", cUsdtAddr);
+  } else {
+    console.log("Skipping cUSDT (no USDT_SEPOLIA in .env).");
+  }
+
+  console.log("\n=== Add to frontend .env (Sepolia) ===");
+  console.log(`VITE_MAINNET=false`);
+  console.log(`VITE_USDC_ADDRESS=${USDC_SEPOLIA}`);
+  console.log(`VITE_CONF_USDC_ADDRESS=${cUsdcAddr}`);
+  console.log(`VITE_USDT_ADDRESS=${USDT_SEPOLIA}`);
+  console.log(`VITE_CONF_USDT_ADDRESS=${cUsdtAddr}`);
+}
+
+main()
+  .then(() => process.exit(0))
+  .catch((err) => {
+    console.error(err);
+    process.exit(1);
+  });

package/template/contracts/tsconfig.json

@@ -0,0 +1,15 @@
+{
+  "compilerOptions": {
+    "target": "es2022",
+    "module": "commonjs",
+    "moduleResolution": "node",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true,
+    "outDir": "dist"
+  },
+  "include": ["scripts/**/*", "hardhat.config.ts"],
+  "exclude": ["node_modules"]
+}