Deployment

Trilobyte contracts are deployed to Stellar using TypeScript scripts with the @stellar/stellar-sdk.

Full Protocol Deployment

The main deployment script is scripts/deploy-protocol.ts. It performs a 7-step deployment:

Step 1 — Deploy Globals

Globals(governor, treasury, security_admin, operations_admin)

The Globals contract is deployed first with the initial role assignments.

Step 2 — Deploy Timelock

Timelock(min_delay, proposers, executors, admin: None)

The Timelock is deployed as self-administered (no external admin).

Step 3 — Upload Vault WASM

The compiled vault contract WASM is uploaded to the network. This returns a WASM hash used by the Factory to deploy vault instances.

Step 4 — Deploy Factory

Factory(governor, globals_address, vault_wasm_hash)

The Factory is deployed with a reference to Globals and the vault template hash.

Step 5 — Whitelist Assets

Supported lending tokens (e.g. USDC) are whitelisted on Globals:

globals.add_supported_asset(caller, asset)

This must be done before transferring Globals admin to the Timelock, since it requires direct admin access.

Step 6 — Approve Initial Managers

Initial Pool Managers are registered and approved:

globals.add_pool_manager(caller, manager)
globals.approve_pool_manager(manager, caller, max_credit)

Step 7 — Transfer Globals Admin to Timelock

The final step transfers Globals admin to the Timelock:

globals.transfer_admin(timelock_address)

After this, all admin-gated operations on Globals must go through the Timelock's governance process.

Step 7 is irreversible. Once admin is transferred to the Timelock, direct admin access is no longer possible. Ensure all initial setup (asset whitelisting, manager approval) is complete before this step.

Running the Deployment

# Build all contracts
cargo build --target wasm32-unknown-unknown --release

# Deploy the full protocol
npm run deploy:protocol

Configuration

All deployment parameters are configured via environment variables. See .env.example:

Variable

Description

STELLAR_NETWORK

Network to deploy to (testnet/mainnet)

STELLAR_RPC_URL

Soroban RPC endpoint

DEPLOYER_SECRET

Secret key for the deploying account

GOVERNOR_ADDRESS

Initial governor address

TREASURY_ADDRESS

Protocol treasury address

SECURITY_ADMIN

Security admin address

OPERATIONS_ADMIN

Operations admin address

TIMELOCK_MIN_DELAY

Minimum delay for timelocked operations

TIMELOCK_PROPOSERS

Comma-separated proposer addresses

TIMELOCK_EXECUTORS

Comma-separated executor addresses

INITIAL_ASSETS

Comma-separated asset addresses to whitelist

INITIAL_MANAGERS

Comma-separated manager addresses

Output

Deployment results are saved to .soroban/contract-ids.json:

{
  "network": "testnet",
  "timestamp": "2026-02-27T12:00:00Z",
  "contracts": {
    "globals": "CABC...",
    "timelock": "CDEF...",
    "factory": "CGHI...",
    "vault_wasm_hash": "abc123..."
  }
}

PreviousTimelock Contract NextTypeScript SDK

Last updated 2 months ago

hashtagFull Protocol Deployment

hashtagStep 1 — Deploy Globals

hashtagStep 2 — Deploy Timelock

hashtagStep 3 — Upload Vault WASM

hashtagStep 4 — Deploy Factory

hashtagStep 5 — Whitelist Assets

hashtagStep 6 — Approve Initial Managers

hashtagStep 7 — Transfer Globals Admin to Timelock

hashtagRunning the Deployment

hashtagConfiguration

hashtagOutput

Full Protocol Deployment

Step 1 — Deploy Globals

Step 2 — Deploy Timelock

Step 3 — Upload Vault WASM

Step 4 — Deploy Factory

Step 5 — Whitelist Assets

Step 6 — Approve Initial Managers

Step 7 — Transfer Globals Admin to Timelock

Running the Deployment

Configuration

Output