Skip to main content
This guide walks you through configuring your assertions in credible.toml and creating a release on the platform with pcl apply. Prerequisites: What you’ll do: Authenticate, configure credible.toml, and create a release. Then review and deploy it in the platform.

Step 1: Authenticate

Before deploying, authenticate with the Credible Layer: 
pcl auth login
This opens a browser window where you can authenticate with your wallet, email, Google, or GitHub. Once approved, pcl automatically detects the authentication.
Your account must be linked to the wallet address that owns the contracts listed in credible.toml. The platform verifies on-chain ownership (via the admin verifier, typically owner()) before allowing assertion deployment. See Ownership Verification for details.
Check your status anytime: 
pcl auth status

Step 2: Configure credible.toml

Create a credible.toml file at assertions/credible.toml in your project root. This file declares which assertions protect which contracts: 
environment = "production"

[contracts.my_contract]
address = "0xYOUR_CONTRACT_ADDRESS"
name = "MyContract"

[[contracts.my_contract.assertions]]
file = "assertions/src/MyAssertion.a.sol"
To protect multiple contracts, add more entries: 
environment = "production"

[contracts.vault]
address = "0xVAULT_ADDRESS"
name = "Vault"

[[contracts.vault.assertions]]
file = "assertions/src/VaultAssertion.a.sol"

[contracts.token]
address = "0xTOKEN_ADDRESS"
name = "Token"

[[contracts.token.assertions]]
file = "assertions/src/TokenDrainAssertion.a.sol"
Each contract address must be unique within the configuration. See the pcl Reference for all available fields.
Set project_id in your credible.toml to skip the interactive project selection prompt. This is especially useful for CI/CD pipelines.

Step 3: Apply Your Assertions

Create a release on the platform: 
pcl apply
This command:
  1. Reads your credible.toml configuration
  2. Builds and compiles the referenced assertion contracts
  3. Creates a release on the platform
You’ll be prompted to confirm before applying. Use --yes to skip the confirmation prompt: 
pcl apply --yes
pcl apply automatically builds your project. You can also run pcl build separately to check for compilation errors before applying.

Step 4: Deploy in the Platform

After applying, complete deployment in the Phylax platform using the Deploy Assertions guide:
  1. Navigate to your project
  2. Click “Deployment” tab
  3. Find your assertion and click “Proceed to Review”
  4. Select the target contract and environment (Staging or Production)
  5. Click “Deploy” and sign the transaction
Creating a release through pcl apply does not make the assertion active by itself. The assertion becomes active only after you deploy it through the platform and the configured timelock in the on-chain State Oracle contracts expires. Removals follow the same State Oracle timelock flow.

Troubleshooting

Authentication Issues

ErrorSolution
”Not authenticated”Run pcl auth login
”Authentication expired”Run pcl auth login to refresh
Browser doesn’t openManually visit the URL shown in terminal

Apply Issues

ErrorSolution
”credible.toml not found”Check that the file exists at assertions/credible.toml or specify the path with -c
”duplicate contract address”Each contract address must be unique in credible.toml
”Project not found”Create the project in the platform first, or set project_id in credible.toml
Build failuresRun pcl build separately to diagnose compilation errors

Next Steps

Deploy with the Platform

Complete deployment in the platform

pcl Reference

Full command reference

Testing Assertions

Test before deployment

Troubleshooting

Common issues and solutions