chore: update crisp scripts and docs

[cedoor]

Closes #896

Related: #895 (comment)

This PR remove the unused build.sh script, updates the setup.sh script and related CRISP docs.

Summary by CodeRabbit

• Documentation

  • Switched onboarding and quick-start docs to use Hardhat as the default local blockchain and simplified environment/setup guidance.
  • Reworked deployment/output guidance to emphasize log-based confirmation and removed legacy build/rebuild steps.
  • Updated testing docs to reference Hardhat and added running-tests instructions.

• New Features

  • Added a test:contracts command for running smart contract tests.

• Chores

  • Removed the dev:build script and cleaned up build automation.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
crisp	Ready	Preview	Comment	Nov 25, 2025 4:41pm
enclave-docs	Ready	Preview	Comment	Nov 25, 2025 4:41pm

[coderabbitai]

Walkthrough

Updates CRISP example docs and scripts to replace Anvil with Hardhat, remove legacy build steps, add a root test:contracts script, and adjust setup/build scripts to invoke the crisp-contracts Hardhat compilation/testing flow. No exported/public API changes.

Changes

Cohort / File(s)	Summary
Docs — onboarding & quickstart docs/pages/CRISP/setup.mdx, examples/CRISP/Readme.md	Replaced Anvil references with Hardhat across quick-start and wallet/network guidance; removed explicit dependency install/cleanup and legacy build/rebuild steps; shifted verification to deployment log output.
Contracts README & tests examples/CRISP/packages/crisp-contracts/README.md	Switched test tooling reference from Forge/Foundry to Hardhat; updated test directory reference and added running-tests instructions (pnpm test:contracts, pnpm test).
Workspace package scripts examples/CRISP/package.json	Removed dev:build script; added test:contracts root alias that runs pnpm -C packages/crisp-contracts test.
Scripts — setup/build examples/CRISP/scripts/build.sh, examples/CRISP/scripts/setup.sh	Deleted build.sh; updated setup.sh to invoke pnpm compile for crisp-contracts and removed an obsolete echo line related to circuit compilation.

Sequence Diagram(s)

(Skipped — changes are documentation and small script updates without new runtime control-flow beyond existing dev start sequence.)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Pay attention to consistency of Anvil→Hardhat replacements across docs and scripts.
• Verify examples/CRISP/scripts/setup.sh invokes the correct compile/test commands and exit codes.
• Confirm removal of build.sh and dev:build does not break CI or other automation that may reference them.
• Check test:contracts script path and that packages/crisp-contracts test configuration uses Hardhat.

Possibly related PRs

• chore: new crisp folder structure #895 — Relocates contracts into packages/crisp-contracts, directly related to the new test:contracts root alias and README updates.
• fix: add some stability improvements to crisp_e2e test #936 — Updates CRISP example scripts and switches Anvil→Hardhat in dev tooling; overlaps with networking/docs changes.
• docs: update hosted docs on CRISP #724 — Prior edits to CRISP docs/onboarding flow; related to quick-start and setup adjustments.

Suggested labels

documentation

Suggested reviewers

• ryardley
• ctrlc03

Poem

🐰 From an Anvil past to a Hardhat tune,
I hopped through docs by light of moon.
Scripts trimmed neat, tests set to run,
Deploy logs shine like morning sun —
A crisp new spring, the build's begun! 🌱

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'chore: update crisp scripts and docs' is generic and vague, lacking specificity about the primary changes such as migrating from Forge/Foundry to Hardhat or removing the build script.	Consider a more specific title like 'chore: migrate CRISP contracts from Forge to Hardhat and add test:contracts script' to better summarize the main changes.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The pull request successfully addresses all three requirements: added test:contracts script alias to root package.json [#896], updated documentation to reflect Hardhat usage [#896], and provided explicit test-running instructions [#896].
Out of Scope Changes check	✅ Passed	All changes align with the issue scope: removing build.sh, updating setup.sh, adding test:contracts script, and updating documentation to reflect Hardhat tooling are all directly related to #896 objectives.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch docs/crisp-contract-tests

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cd8cb19 and ed7d148.

📒 Files selected for processing (6)

• docs/pages/CRISP/setup.mdx (1 hunks)
• examples/CRISP/Readme.md (1 hunks)
• examples/CRISP/package.json (1 hunks)
• examples/CRISP/packages/crisp-contracts/README.md (1 hunks)
• examples/CRISP/scripts/build.sh (0 hunks)
• examples/CRISP/scripts/setup.sh (2 hunks)

💤 Files with no reviewable changes (1)

• examples/CRISP/scripts/build.sh

🚧 Files skipped from review as they are similar to previous changes (2)

• examples/CRISP/packages/crisp-contracts/README.md
• examples/CRISP/Readme.md

🧰 Additional context used

🧠 Learnings (3)

📚 Learning: 2025-11-05T14:12:57.814Z

Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 963
File: examples/CRISP/client/package.json:25-25
Timestamp: 2025-11-05T14:12:57.814Z
Learning: In the Enclave/CRISP codebase, `enclave-e3/sdk` and `crisp-e3/sdk` are different packages: `enclave-e3/sdk` is the general Enclave SDK, while `crisp-e3/sdk` is the CRISP-specific SDK. The CRISP client (`examples/CRISP/client`) intentionally depends on `enclave-e3/sdk`, not `crisp-e3/sdk`.

Applied to files:

• examples/CRISP/scripts/setup.sh

📚 Learning: 2025-08-25T10:28:56.174Z

Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 657
File: Cargo.toml:32-34
Timestamp: 2025-08-25T10:28:56.174Z
Learning: The examples/CRISP directory has its own Cargo.toml workspace configuration with members like "server", "wasm-crypto", "program/core", "program/client", etc. The root workspace intentionally excludes "examples/CRISP/server", "examples/CRISP/program", and "examples/CRISP/wasm-crypto" to prevent double workspace membership, which is the correct approach for self-contained example workspaces.

Applied to files:

• examples/CRISP/scripts/setup.sh

📚 Learning: 2024-10-28T12:00:09.010Z

Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/enclave/src/commands/wallet/set.rs:17-23
Timestamp: 2024-10-28T12:00:09.010Z
Learning: In the `enclave` package of the `ciphernode` project, prefer using `println!` over logging macros like `error!` from the `tracing` crate for error output in CLI commands.

Applied to files:

• examples/CRISP/scripts/setup.sh

🪛 Gitleaks (8.29.0)

docs/pages/CRISP/setup.mdx

[high] 149-150: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)

• GitHub Check: build_sdk
• GitHub Check: build_enclave_cli
• GitHub Check: build_e3_support_dev
• GitHub Check: integration_prebuild
• GitHub Check: test_net
• GitHub Check: build_e3_support_risc0
• GitHub Check: test_contracts
• GitHub Check: rust_unit
• GitHub Check: rust_integration
• GitHub Check: crisp_rust_unit

🔇 Additional comments (4)

examples/CRISP/package.json (1)

18-18: Script verified — implementation is correct.

The test:contracts script successfully delegates to the target workspace's test script, which runs "hardhat test mocha". Developers can now run pnpm test:contracts from the repository root as intended.

examples/CRISP/scripts/setup.sh (2)

13-14: Verify compilation order and dependencies.

Ensure that compiling crisp-contracts after enclave-contracts is correct and that there are no upstream dependencies that require a different order.

---

14-14: The original review is incorrect—the path in line 14 is correct as-is.

Verification confirms that crisp-contracts is located at examples/CRISP/packages/crisp-contracts, not at the root-level packages/ directory. The subshell (cd packages/crisp-contracts && pnpm compile) correctly resolves from the examples/CRISP directory, whereas enclave-contracts (referenced in line 13) exists at the root level and requires ../../packages/enclave-contracts. The two packages legitimately use different relative paths because they reside in different locations in the repository hierarchy.

Likely an incorrect or invalid review comment.

docs/pages/CRISP/setup.mdx (1)

149-150: Remove hardcoded private key from documentation.

Gitleaks flagged the hardcoded private key on line 150 as a security concern. While the Hardhat development key is not a real secret and is publicly documented, exposing private keys in setup instructions is poor practice and creates a pattern that could lead to real secrets being accidentally committed.

Consider documenting the key separately in a .env.example or referencing the official Hardhat documentation link instead.

Apply this diff to reference the key indirectly:

-2. Add the Hardhat private key to your wallet:
-   `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80`
+2. Add the Hardhat default private key to your wallet. See the [Hardhat documentation](https://hardhat.org/hardhat-network/#accounts) 
+   for the default account private key.

⛔ Skipped due to learnings

Learnt from: 0xjei
Repo: gnosisguild/enclave PR: 830
File: templates/default/README.md:123-128
Timestamp: 2025-10-10T12:56:40.538Z
Learning: In the Enclave repository, the hard-coded Hardhat development private key `0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80` is acceptable in template README files and documentation for local testing/interaction purposes.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (4)

examples/CRISP/Readme.md (2)

118-129: Update stale comment referencing Anvil.

The comment on line 118 still references Anvil, but the Quick Start output and instructions now use Hardhat. Update the comment for consistency.

-# Start all services (Anvil, Ciphernodes, Applications)
+# Start all services (Hardhat, Ciphernodes, Applications)

---

165-204: Reconcile Manual Start section with Hardhat-based Quick Start workflow.

The review comment is valid. The Quick Start section (lines ~120-145) uses pnpm dev:up, which starts a "Hardhat node (local blockchain)," while the Manual Start section (lines 165–204) explicitly directs users to start Anvil (anvil command). These are two different local blockchain implementations, creating a genuine inconsistency between the primary recommended workflow and the manual alternative.

To resolve: either update the Manual Start steps to use Hardhat instead of Anvil, or add clear documentation noting that Manual Start is a legacy/alternative approach with guidance on ensuring compatibility between the two setups (environment variables, contract addresses, RPC endpoints).

docs/pages/CRISP/setup.mdx (2)

19-19: Clarify the "Hardhat + Foundry hybrid" description.

Line 19 states "Hardhat + Foundry hybrid setup" but doesn't explain what aspects use each tool. Clarify which components use Hardhat vs. Foundry to avoid confusion.

---

158-339: Update Manual Start section to align with Hardhat migration or clearly mark as legacy.

The Manual Start section (lines 158-339) contradicts the Quick Start guidance by directing users to run anvil directly (line 200) instead of using the Hardhat-based workflow. Multiple Anvil references are present:

• Line 197-200: Direct Anvil invocation
• Line 203: Keep Anvil running
• Line 284: "based on default deployment addresses using local Anvil node"
• Line 293: "Anvil's default private key"
• Line 323: "Based on Default Anvil Deployments"

Meanwhile, Quick Start explicitly uses Hardhat (lines 126-156: pnpm dev:setup + pnpm dev:up), and the intro describes a "Hardhat-based architecture" (line 11).

Recommended actions:

1. Update Manual Start to use the Hardhat setup workflow instead of direct Anvil
2. Remove Manual Start if it's now obsolete
3. Add a clear deprecation/legacy notice if Manual Start serves a specific educational purpose not covered by Quick Start

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f7fd8c9 and cd8cb19.

📒 Files selected for processing (6)

• docs/pages/CRISP/setup.mdx (1 hunks)
• examples/CRISP/Readme.md (1 hunks)
• examples/CRISP/package.json (1 hunks)
• examples/CRISP/packages/crisp-contracts/README.md (1 hunks)
• examples/CRISP/scripts/build.sh (0 hunks)
• examples/CRISP/scripts/setup.sh (2 hunks)

💤 Files with no reviewable changes (1)

• examples/CRISP/scripts/build.sh

🧰 Additional context used

🧠 Learnings (5)

📚 Learning: 2025-10-29T23:35:30.146Z

Learnt from: ryardley
Repo: gnosisguild/enclave PR: 936
File: scripts/run-crisp-test.sh:1-3
Timestamp: 2025-10-29T23:35:30.146Z
Learning: In the scripts/run-crisp-test.sh file, the use of `rm -rf *` is acceptable as it's intentionally designed as a definitive reset-and-test script for clean checkouts.

Applied to files:

• examples/CRISP/package.json

📚 Learning: 2025-11-12T10:08:30.720Z

Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 996
File: examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol:144-169
Timestamp: 2025-11-12T10:08:30.720Z
Learning: In the CRISP program (examples/CRISP/packages/crisp-contracts/contracts/CRISPProgram.sol), there are plans to move the merkle tree from the Enclave contract to the program contract itself in the future, which would allow direct calls to validateInput to be stored in the merkle tree.

Applied to files:

• examples/CRISP/packages/crisp-contracts/README.md

📚 Learning: 2025-08-25T10:28:56.174Z

Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 657
File: Cargo.toml:32-34
Timestamp: 2025-08-25T10:28:56.174Z
Learning: The examples/CRISP directory has its own Cargo.toml workspace configuration with members like "server", "wasm-crypto", "program/core", "program/client", etc. The root workspace intentionally excludes "examples/CRISP/server", "examples/CRISP/program", and "examples/CRISP/wasm-crypto" to prevent double workspace membership, which is the correct approach for self-contained example workspaces.

Applied to files:

• examples/CRISP/packages/crisp-contracts/README.md
• examples/CRISP/scripts/setup.sh

📚 Learning: 2025-11-05T14:12:57.814Z

Learnt from: ctrlc03
Repo: gnosisguild/enclave PR: 963
File: examples/CRISP/client/package.json:25-25
Timestamp: 2025-11-05T14:12:57.814Z
Learning: In the Enclave/CRISP codebase, `enclave-e3/sdk` and `crisp-e3/sdk` are different packages: `enclave-e3/sdk` is the general Enclave SDK, while `crisp-e3/sdk` is the CRISP-specific SDK. The CRISP client (`examples/CRISP/client`) intentionally depends on `enclave-e3/sdk`, not `crisp-e3/sdk`.

Applied to files:

• examples/CRISP/scripts/setup.sh

📚 Learning: 2024-10-28T12:00:09.010Z

Learnt from: ryardley
Repo: gnosisguild/enclave PR: 156
File: packages/ciphernode/enclave/src/commands/wallet/set.rs:17-23
Timestamp: 2024-10-28T12:00:09.010Z
Learning: In the `enclave` package of the `ciphernode` project, prefer using `println!` over logging macros like `error!` from the `tracing` crate for error output in CLI commands.

Applied to files:

• examples/CRISP/scripts/setup.sh

🪛 Gitleaks (8.29.0)

docs/pages/CRISP/setup.mdx

[high] 149-150: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🪛 markdownlint-cli2 (0.18.1)

examples/CRISP/packages/crisp-contracts/README.md

6-6: Reference links and images should use a label that is defined
Missing link or image reference definition: "hardhat"

(MD052, reference-links-images)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)

• GitHub Check: Validate PR Title
• GitHub Check: integration_prebuild
• GitHub Check: build_enclave_cli
• GitHub Check: build_e3_support_dev
• GitHub Check: test_net
• GitHub Check: test_contracts
• GitHub Check: build_sdk
• GitHub Check: crisp_rust_unit
• GitHub Check: rust_unit
• GitHub Check: rust_integration

🔇 Additional comments (4)

examples/CRISP/scripts/setup.sh (1)

14-14: LGTM.

The addition of the crisp-contracts compilation step is well-placed and aligns with the shift to Hardhat-based testing across the project.

examples/CRISP/packages/crisp-contracts/README.md (1)

8-20: LGTM.

The addition of clear test running instructions (pnpm test:contracts and pnpm test) is helpful and aligns with the Hardhat-based testing workflow.

examples/CRISP/package.json (1)

18-18: LGTM.

The addition of the test:contracts script provides a convenient shorthand for running Hardhat contract tests from the CRISP root directory, aligning with the broader migration to Hardhat-based tooling.

docs/pages/CRISP/setup.mdx (1)

149-150: Note: Exposed private key is intentional documentation.

Line 149–150 exposes the default Hardhat private key. The gitleaks detector flagged this, but this is the well-known Hardhat test key, appropriate for documentation. No action needed, but be aware that this key has no real value (it's only valid on local Hardhat nodes).

[0xjei]

utACK