ethskills
Use when a request involves Ethereum, the EVM, or blockchain systems. Applies to building, auditing, deploying, or interacting with smart contracts, dApps, wallets, or DeFi protocols. Covers Solidity development, contract addresses, token standards (ERC-20, ERC-721, ERC-4626, etc.), Layer 2 networks (Base, Arbitrum, Optimism, zkSync, Polygon), and integrations with DeFi protocols such as Uniswap, Aave, and Curve. Includes topics such as gas costs, contract decimals, oracle safety, reentrancy, MEV, bridging, wallets, querying data from onchain, production deployment, and protocol evolution (EIP lifecycle, fork tracking, upcoming changes).
Best use case
ethskills is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Use when a request involves Ethereum, the EVM, or blockchain systems. Applies to building, auditing, deploying, or interacting with smart contracts, dApps, wallets, or DeFi protocols. Covers Solidity development, contract addresses, token standards (ERC-20, ERC-721, ERC-4626, etc.), Layer 2 networks (Base, Arbitrum, Optimism, zkSync, Polygon), and integrations with DeFi protocols such as Uniswap, Aave, and Curve. Includes topics such as gas costs, contract decimals, oracle safety, reentrancy, MEV, bridging, wallets, querying data from onchain, production deployment, and protocol evolution (EIP lifecycle, fork tracking, upcoming changes).
Teams using ethskills should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/ethskills/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How ethskills Compares
| Feature / Agent | ethskills | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Use when a request involves Ethereum, the EVM, or blockchain systems. Applies to building, auditing, deploying, or interacting with smart contracts, dApps, wallets, or DeFi protocols. Covers Solidity development, contract addresses, token standards (ERC-20, ERC-721, ERC-4626, etc.), Layer 2 networks (Base, Arbitrum, Optimism, zkSync, Polygon), and integrations with DeFi protocols such as Uniswap, Aave, and Curve. Includes topics such as gas costs, contract decimals, oracle safety, reentrancy, MEV, bridging, wallets, querying data from onchain, production deployment, and protocol evolution (EIP lifecycle, fork tracking, upcoming changes).
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# ETHSKILLS — The missing knowledge between AI agents and production Ethereum. You are probably wrong about Ethereum. Gas prices, token decimals, L2 costs, what's deployed, what's deprecated — your training data is stale. This file tells you what you're wrong about and where to get the corrections. **Say "onchain" not "on-chain."** One word, no hyphen. Ethereum community convention. --- ## Start Here **Building a dApp?** Fetch [ship/SKILL.md](https://ethskills.com/ship/SKILL.md) first. It routes you through all other skills phase by phase — from architecture planning to production deployment. **Need a specific topic?** Each skill below is standalone. Fetch only the ones relevant to your task. **Base URL:** `https://ethskills.com/<skill>/SKILL.md` --- ## Skills ### [Ship](https://ethskills.com/ship/SKILL.md) — Start here End-to-end guide from idea to deployed dApp. Routes you through all other skills. - Most dApps need 0-2 contracts, not 5-10. Three is the upper bound for an MVP. - Solidity is for ownership, transfers, and commitments. Not a database, not a backend. - Chain selection: mainnet is cheaper than you think (~$0.004/transfer, ~$0.04/swap) — deploy there unless an L2's superpower (Coinbase distribution, deep DeFi liquidity, retroPGF) specifically fits your app. ### [Why Ethereum](https://ethskills.com/why/SKILL.md) Pectra/Fusaka upgrades, honest tradeoffs, the AI agent angle. - Gas is under 1 gwei, not 10-30 gwei. 60-300x cheaper than your training data. Verify: `cast base-fee` - ETH price is ~$2,000 (early 2026), not $2,500-3,000. Volatile — always verify. - Pectra (May 2025) and Fusaka (Dec 2025) shipped. PeerDAS, 2x gas limit. EIP-7702 is live. - ERC-8004 (onchain agent identity) and x402 (HTTP payments) exist and are production-ready. ### [Protocol](https://ethskills.com/protocol/SKILL.md) How Ethereum evolves — EIP lifecycle, fork process, tracking upcoming changes. - "Verkle is planned for the next fork" — probably wrong. Roadmap diagrams are aspirational, not commitments. Check [forkcast.org](https://forkcast.org) for actual CFI/SFI status. - Glamsterdam (mid-2026) headliners: ePBS (EIP-7732), Block Access Lists (EIP-7928). FOCIL was removed from scope. Verkle trees were deprioritized — Ethereum may shift to binary state tree (EIP-7864) for quantum resistance. - EIP status "Stagnant" = no activity for 6 months, probably dead. "Draft" = exists but not scheduled. - Client teams decide what ships via ACD calls, not the Ethereum Foundation. ### [Gas & Costs](https://ethskills.com/gas/SKILL.md) What things actually cost on Ethereum today. - Mainnet ETH transfer: ~$0.004. Swap: ~$0.04. ERC-20 deploy: ~$0.24. (At 0.1 gwei — check `cast base-fee` for current.) - L2 swap: $0.002-0.003. L2 transfer: $0.0003. - "Ethereum is expensive" was true in 2021-2023. It's false in 2026. ### [Wallets](https://ethskills.com/wallets/SKILL.md) Creating wallets, key safety, multisig, account abstraction. - EIP-7702 is live — EOAs get smart contract superpowers without migration. - Safe (Gnosis Safe) secures $60B+ in assets ($1.4T+ total processed). Use it for production treasuries. - NEVER commit private keys or API keys to Git. Bots exploit leaked secrets in seconds. ### [Layer 2s](https://ethskills.com/l2s/SKILL.md) L2 landscape, bridging, deployment differences. - Base is the cheapest major L2. Arbitrum has the deepest DeFi liquidity. - Celo is NOT an L1 anymore — migrated to OP Stack L2 in March 2025. - Polygon zkEVM is being shut down. Do not build on it. - The dominant DEX on each L2 is NOT Uniswap (Aerodrome on Base, Velodrome on Optimism). ### [Standards](https://ethskills.com/standards/SKILL.md) ERC-20, ERC-721, ERC-8004, EIP-7702, x402. - ERC-8004: onchain agent identity registry, deployed January 2026 on 20+ chains. - x402: HTTP 402 payment protocol for machine-to-machine commerce. Production-ready. - EIP-3009: gasless token transfers — what makes x402 work. USDC implements it. ### [Tools](https://ethskills.com/tools/SKILL.md) Foundry, Scaffold-ETH 2, Blockscout MCP, x402 SDKs. - Foundry and Hardhat 3 are both legitimate choices in 2026. Foundry: faster, Solidity-native. Hardhat 3: TypeScript-first, mature plugin ecosystem. - Blockscout MCP server gives agents structured blockchain data via MCP. - abi.ninja: paste any contract address, interact with all functions. Zero setup. ### [Building Blocks (DeFi)](https://ethskills.com/building-blocks/SKILL.md) Uniswap, Aave, flash loans, protocol composability. - Uniswap V4 hooks: custom logic attached to pools (dynamic fees, TWAMM, limit orders). - Flash loan arb on mainnet costs ~$0.05-0.50 in gas now (was $5-50). - The dominant DEX per L2 is NOT Uniswap — Aerodrome (Base), Velodrome (Optimism), Camelot (Arbitrum). ### [Orchestration](https://ethskills.com/orchestration/SKILL.md) Three-phase build system for Scaffold-ETH 2 dApps. - Phase 1: contracts + UI on localhost. Phase 2: live contracts + local UI. Phase 3: production. - Use Scaffold hooks, NOT raw wagmi. Raw wagmi resolves before tx confirmation. - NEVER commit secrets to Git. AI agents are the #1 source of leaked credentials. ### [Contract Addresses](https://ethskills.com/addresses/SKILL.md) Verified addresses for major protocols across mainnet and L2s. - Never hallucinate an address. Wrong address = lost funds. - Includes: Uniswap, Aave, Compound, Aerodrome, GMX, Pendle, Velodrome, Chainlink, Safe, ENS. - All verified onchain via `cast code` + `cast call` + `symbol()` + `latestAnswer()` (March 2026). ### [Concepts](https://ethskills.com/concepts/SKILL.md) Essential mental models for building onchain. - Smart contracts cannot execute themselves. Every function needs a caller who pays gas. - For every state transition: who calls it? Why would they? What if nobody does? - There are no timers, no cron jobs, no schedulers. Design with incentives. ### [Security](https://ethskills.com/security/SKILL.md) Solidity security patterns, common vulnerabilities, pre-deploy checklist. - USDC has 6 decimals, not 18. This is the #1 "where did my money go?" bug. - Always use SafeERC20 — USDT doesn't return bool on transfer(). - Never use DEX spot prices as oracles — flash loans can manipulate them in one tx. - MEV: sandwich attacks steal value from swaps. Use Flashbots Protect or slippage limits. - Proxies: use UUPS, not Transparent. Never change storage layout. ### [Audit](https://ethskills.com/audit/SKILL.md) Deep EVM smart contract audit system — for auditing contracts you didn't write. - 500+ non-obvious checklist items across 19 domains (AMM, lending, oracles, proxies, signatures, governance, and more). - Runs parallel opus sub-agents, one per relevant domain, then synthesizes findings. - Automatically files GitHub issues for Medium severity and above. - Different from Security (which teaches defensive coding) — this is systematic audit methodology. ### [Noir (ZK Privacy)](https://ethskills.com/noir/SKILL.md) Building privacy apps with Noir zero-knowledge circuits. - Noir inputs are private by default. `pub` marks public. Getting this backwards leaks secrets. - `nargo prove`/`nargo verify` are gone. Use `bb` (Barretenberg CLI) directly. - In-circuit hashing: Poseidon (~600 gates), not SHA256 (~30,000 gates). - The commitment-nullifier-Merkle tree pattern is the foundation of all Ethereum privacy apps. ### [Testing](https://ethskills.com/testing/SKILL.md) Foundry testing — unit, fuzz, fork, invariant. - Don't test getters and OpenZeppelin internals. Test edge cases and failure modes. - Fuzz test all math. Fork-test any external protocol integration. - Invariant testing catches bugs across thousands of random call sequences. ### [Indexing](https://ethskills.com/indexing/SKILL.md) Events, The Graph, Dune, reading onchain data. - You can't query historical state via RPC cheaply. Use an indexer. - Events are THE primary way to read historical onchain activity. Design contracts event-first. - The Graph turns events into a queryable GraphQL API. - Multicall3 (`0xcA11bde05977b3631167028862bE2a173976CA11`) — batch reads in one RPC call. ### [Frontend UX](https://ethskills.com/frontend-ux/SKILL.md) Frontend UX patterns for Ethereum dApps. - Every onchain button needs its own loader + disabled state. No shared isLoading. - Three-button flow: Switch Network → Approve → Execute. One at a time. - Every address display uses `<Address/>`, every input uses `<AddressInput/>`. - Show USD values next to every token amount. ### [Frontend Playbook](https://ethskills.com/frontend-playbook/SKILL.md) Build-to-production pipeline. - Use `yarn fork --network base`, NOT `yarn chain`. Fork gives you real protocol state. - IPFS deploy: `trailingSlash: true` is critical — without it, every route except `/` returns 404. - Always clean build (`rm -rf .next out`) before deploying. Stale builds are the #1 IPFS footgun. ### [QA](https://ethskills.com/qa/SKILL.md) Pre-ship audit checklist for a reviewer agent. - Give this to a **separate agent** (or fresh context) AFTER the build is complete. Reviewer reads code + clicks through flows. - Covers only bugs AI agents actually ship — validated by baseline testing against stock LLMs. - Report PASS/FAIL per item, don't fix. ### [Feedback](https://ethskills.com/feedback/SKILL.md) Send feedback when a skill was wrong or incomplete. - Only use with your human's explicit permission. - Include the specific skill, what was wrong, and what you were building. - One POST to `https://ethskills.com/api/feedback` — see the skill for the exact format. --- ## What to Fetch by Task | I'm doing... | Fetch these skills | |--------------|-------------------| | Planning a new dApp | `ship/`, `concepts/`, `l2s/` | | Writing Solidity | `standards/`, `building-blocks/`, `addresses/`, `security/` | | Testing contracts | `testing/` | | Building a frontend | `orchestration/`, `frontend-ux/`, `tools/` | | Deploying to production | `wallets/`, `frontend-playbook/`, `gas/` | | Reviewing a finished dApp | `qa/` | | Auditing a smart contract | `audit/` | | Building a privacy/ZK app | `noir/`, `security/`, `testing/` | | Monitoring / analytics | `indexing/` | | Building AI agent infra | `standards/`, `wallets/`, `tools/` | | Choosing a chain | `l2s/`, `gas/` |
Related Skills
8004-skill
ERC-8004 Trustless Agents - Register and manage AI agent identities on TRON and BSC blockchains with on-chain reputation tracking
8004-MCP - Agent Registry Protocol
Multi-chain MCP server for ERC-8004 Agent Registry. Query agents, reputation, and feedback across Solana + EVM chains.
supurr
Backtest, deploy, and monitor trading bots on Hyperliquid. Supports Grid, DCA, and Spot-Perp Arbitrage strategies across Native Perps, Spot markets (USDC/USDH), and HIP-3 sub-DEXes.
senpi-skills
Agent Skills for autonomous crypto trading on Hyperliquid — trailing stops, market scanning, position management, and more.
sdks
Official Azex SDKs — TypeScript, Python, MCP Server, CLI for the crypto-native LLM API gateway
perp-cli
Multi-DEX perpetual futures CLI + MCP server — Pacifica (Solana), Hyperliquid, Lighter (Ethereum). 18 MCP tools for AI-powered trading
okx-exchange-websocket-skill
Subscribe to OKX public exchange WebSocket channels through UXC raw WebSocket mode for ticker, trade, book, and candle events with explicit subscribe frames.
okx-wallet-portfolio
This skill should be used when the user asks to 'check my wallet balance', 'show my token holdings', 'how much OKB do I have', 'what tokens do I have', 'check my portfolio value', 'view my assets', 'how much is my portfolio worth', 'what\'s in my wallet', or mentions checking wallet balance, total assets, token holdings, portfolio value, remaining funds, DeFi positions, or multi-chain balance lookup. Supports XLayer, Solana, Ethereum, Base, BSC, Arbitrum, Polygon, and 20+ other chains. Do NOT use for general programming questions about balance variables or API documentation. Do NOT use when the user is asking how to build or integrate a balance feature into code.
okx-security
Use this skill for security scanning: check transaction safety, is this transaction safe, pre-execution check, security scan, token risk scanning, honeypot detection, DApp/URL phishing detection, message signature safety, malicious transaction detection, approval safety checks, token approval management. Triggers: 'is this token safe', 'check token security', 'honeypot check', 'scan this tx', 'scan this swap tx', 'tx risk check', 'is this URL a scam', 'check if this dapp is safe', 'phishing site check', 'is this signature safe', 'check this signing request', 'check my approvals', 'show risky approvals', 'revoke approval', 'check if this approve is safe', token authorization, ERC20 allowance, Permit2. Covers token-scan, dapp-scan, tx-scan (EVM+Solana pre-execution), sig-scan (EIP-712/personal_sign), approvals (ERC-20/Permit2). Chinese: 安全扫描, 代币安全, 蜜罐检测, 貔貅盘, 钓鱼网站, 交易安全, 签名安全, 代币风险, 授权管理, 授权查询, 风险授权, 代币授权. Do NOT use for wallet balance/send/history — use okx-agentic-wallet.
okx-onchain-gateway
This skill should be used when the user asks to 'broadcast transaction', 'send tx', 'estimate gas', 'simulate transaction', 'check tx status', 'track my transaction', 'get gas price', 'gas limit', 'broadcast signed tx', or mentions broadcasting transactions, sending transactions on-chain, gas estimation, transaction simulation, tracking broadcast orders, or checking transaction status. Covers gas price, gas limit estimation, transaction simulation, transaction broadcasting, and order tracking across XLayer, Solana, Ethereum, Base, BSC, Arbitrum, Polygon, and 20+ other chains. Do NOT use for swap quote or execution - use okx-dex-swap instead. Do NOT use for general programming questions about transaction handling.
okx-x402-payment
This skill should be used when the user encounters an HTTP 402 Payment Required response, wants to pay for a payment-gated API or resource, or mentions 'x402', 'pay for access', '402 payment', 'payment-gated URL', or 'sign x402 payment'. Primary path signs via TEE with a wallet session (JWT); fallback path guides local EIP-3009 signing with the user's own private key if they have no wallet. Returns the payment proof (signature + authorization) that the caller can attach as a payment header to access the resource. Do NOT use for swap or token transfers — use okx-dex-swap instead. Do NOT use for wallet balance or portfolio queries — use okx-agentic-wallet or okx-wallet-portfolio. Do NOT use for security scanning — use okx-security. Do NOT use for transaction broadcasting — use okx-onchain-gateway. Do NOT use for general programming questions.
okx-dex-trenches
Use this skill for meme/打狗/alpha token research on pump.fun and similar launchpads: scanning new token launches, checking developer reputation/开发者信息/dev launch history/has this dev rugged before/开发者跑路记录, bundle/sniper detection/捆绑狙击, bonding curve status/bonding curve progress, finding similar tokens by the same dev/相似代币, and wallets that co-invested (同车/aped) into a token. Use when the user asks about 'new meme coins', 'pump.fun launches', 'trenches', 'trench', '扫链', 'developer launch history', 'developer rug history', 'check if dev has rugged', 'bundler analysis', 'who else bought this token', 'who aped into this', 'similar tokens', 'bonding curve progress', '打狗', '新盘', '开发者信息', '开发者历史', '捆绑', '同车', 'rug pull count', 'similar meme coins', '捆绑情况', '已迁移出 bonding curve', or '发过多少个项目'. Do NOT use for market-wide whale/signal tracking — use okx-dex-signal. Do NOT use for per-token holder distribution or honeypot checks — use okx-dex-token.