Lesson 2: From Mock to Mainnet — Deployment & Frontend
Duration: ~60 minutes | Prerequisites: Lesson 1: Sealed-Bid Auction | Scripts: deploy/*.ts
Learning Objectives
By the end of this lesson, you will:
- Understand what changes between local mock mode and real FHEVM execution
- Deploy the bootcamp contracts with Hardhat on localhost and Sepolia
- Use encrypted client inputs through the Hardhat FHEVM runtime
- Decrypt encrypted outputs with proper permissions
- Verify deployed contracts on Etherscan
- Apply a production-minded checklist before shipping
1. Mock Mode vs Real Mode
Throughout the bootcamp you use the default Hardhat network in mock mode. That gives you the correct contract interface and encrypted workflow, but without the cost and latency of real FHE infrastructure.
| Aspect | Mock Mode | Real Mode |
|---|---|---|
| Encryption | Local mock runtime | Real FHE ciphertext |
| Coprocessor | In-memory test runtime | Real FHEVM infrastructure |
| Decryption | Fast local flow | Permissioned off-chain decryption |
| Speed | Fast feedback | Slower, production-shaped latency |
| Network | Hardhat 31337 | Sepolia / Mainnet |
What Stays the Same
Your Solidity contract code does not change. ZamaEthereumConfig still resolves the correct runtime addresses based on block.chainid, and your contract still expects encrypted handles plus proofs.
What Changes
- Encryption is no longer mocked.
- Permissioning matters end to end.
- Decryption goes through the supported FHEVM path instead of a local debugger.
- Deployment and verification become part of the workflow, not just local tests.
2. Configure Deployment Variables
Use Hardhat vars:
npx hardhat vars set MNEMONIC
npx hardhat vars set INFURA_API_KEY
npx hardhat vars set ETHERSCAN_API_KEYThe repo also supports .env and .env.local as fallbacks for:
MNEMONICINFURA_API_KEYRPC_URLPRIVATE_KEYETHERSCAN_API_KEY
3. Deploy with Hardhat
The bootcamp uses hardhat-deploy.
Localhost
npm run chain
npm run deploy:localhostDeploy only the counter:
npm run deploy:localhost:fhecounterSepolia
npm run deploy:sepoliaDeploy only one contract by tag:
npx hardhat deploy --network sepolia --tags SealedBidAuction4. Encrypted Input Flow
The same encrypted input model you use in tests is what you carry into real interaction flows.
const encryptedBid = await hre.fhevm
.createEncryptedInput(contractAddress, bidder.address)
.add64(1_000)
.encrypt();
await auction.connect(bidder).placeBid(encryptedBid.handles[0], encryptedBid.inputProof);The pattern is:
- Bind encryption to a specific contract and user.
- Encrypt the plaintext input locally.
- Send the encrypted handle and proof to the contract.
5. Decryption Flow
Once a signer has permission, they can decrypt through the FHEVM runtime:
const highestBid = await hre.fhevm.userDecryptEuint(
FhevmType.euint64,
await auction.getHighestBid(),
contractAddress,
auctioneer,
);For encrypted addresses:
const highestBidder = await hre.fhevm.userDecryptEaddress(
await auction.getHighestBidder(),
contractAddress,
auctioneer,
);6. Verification
Verify a deployment on Sepolia:
npx hardhat verify --network sepolia <DEPLOYED_ADDRESS>With constructor arguments:
npx hardhat verify --network sepolia \
<DEPLOYED_ADDRESS> \
"Confidential Token" \
"CFHE"7. Deployment Checklist
Before treating a contract as production-ready:
- [ ] All local tests pass in mock mode
- [ ] The relevant contract is deployed and exercised on Sepolia
- [ ]
FHE.allowThis()is applied after every handle-changing operation - [ ]
FHE.allow()is only granted to the intended decrypting principals - [ ] No encrypted values are leaked through events
- [ ] No encrypted conditions are exposed through revert behavior
- [ ] The frontend or script uses the correct deployed addresses and ABI
- [ ] Contract verification is complete
Key Takeaways
- The contract code stays the same between local and real environments.
- Hardhat handles both encrypted testing and deployment for this bootcamp.
createEncryptedInputand user decryption are the core integration points.- Deployment is only complete once verification and permission-aware interaction both work.
Next: Complete the Week 4 Homework and extend the auction into a Vickrey design.