Skip to main content
New to the Credible Layer dApp? Start with the dApp Overview to understand what the dApp is and what it can do.
This guide walks you through the complete process of using the Credible Layer dApp, from authentication to linking assertions to your smart contracts.

Prerequisites

  • The Credible Layer CLI (pcl) must be installed. If you don’t have it installed, follow the pcl quickstart guide.
  • You must be authenticated with the dApp (see Authentication below).
  • You should have smart contracts deployed that you want to protect with assertions.

Authentication

Before using the dApp, authenticate through the pcl:
  1. Run the authentication command:
pcl auth login
  1. The pcl will provide a login link. Open it in your browser.
  2. Connect your wallet when prompted.
  3. Enter the login code displayed in the CLI.
  4. You’re now authenticated and can use the dApp!
Authentication with `pcl auth login`

Authentication with `pcl auth login`

Authentication links your wallet address with your CLI session, allowing you to manage projects that your wallet owns.
For more details about pcl commands, refer to Using pcl and pcl Reference.

Exploring Projects

To browse existing projects and their security measures:
  1. Click the “Transparency” tab in the navigation bar.
  2. Browse all projects on the Credible Layer.
  3. Search for specific projects by name or contract address.
  4. Click on any project to view:
    • Project details and description
    • Linked contract addresses
    • Active assertions protecting the contracts
    • Assertion implementation details
Explorer

Transparency Dashboard

This transparency allows you to verify security measures before interacting with any protocol.

Creating a Project

To create a new project for your smart contracts:
  1. Navigate to the “Projects” tab or click “Create a Project” in the top right corner of the dApp
  2. Click “Create a project”
  3. Enter project details:
    • Project Name: Typically matches your smart contract or protocol name
    • Project Description: Brief explanation of what your project does
    • Target Chain: The blockchain where your contracts are deployed
  4. Click “Continue to contract selection”
  5. Add one or more contract addresses:
    • Enter each contract address you want to protect
    • Only contracts where you are the owner can be added
    • The dApp verifies ownership by calling the owner() function on each contract
  6. Review your project details
  7. Click “Save and publish” to create the project
Creating a Project

Creating a Project in the dApp

Only the owner of a contract can create a project for it. Additional verification methods will be available in the future. For now, ensure your contract has an owner() function that returns the current owner address.For more details, see Ownership Verification.

Linking Assertions to Your Project

Once your project is created, you can link assertions to protect your contracts. This is a two-step process: storing the assertion and submitting it through the dApp.

Step 1: Store and Submit via CLI

First, use the pcl CLI to store and submit your assertion:
  1. Store the assertion bytecode: 
    pcl store <assertion-name> <constructor-args>
    Example: 
    pcl store MyAssertion 0x1234567890123456789012345678901234567890
  2. Submit the assertion to your project: 
    pcl submit -a '<assertion-name>(constructor-args)' -p <project-name>
    Example: 
    pcl submit -a 'MyAssertion(0x1234567890123456789012345678901234567890)' -p my-protocol

Step 2: Deploy via dApp

After submitting via pcl, complete the deployment process in the dApp:
  1. Navigate to your project
  2. Click on the “Deployment” tab
  3. Find your assertion in the list and click “Proceed to Review”
  4. Select the target contract you want to protect with this assertion
  5. Review the assertion details:
    • Assertion name and parameters
    • Target contract address
    • Trigger conditions
  6. Choose whether to deploy to Staging (for testing) or Production (for active protection)
  7. Click “Deploy” to link the assertion to your contract and sign the transaction
  8. Confirm the transaction in your wallet
Deploying Assertion

Deploying Assertion in the dApp

Deploying the assertion and signing the transaction completes the deployment process. After deployment, your assertion enters a timelock period. During this period, it is marked for enforcement (production) or marked for staging (staging environment). After the timelock expires, the assertion becomes enforced (production) or staged (staging), actively protecting your contract.

Managing Your Assertions

After deploying assertions, you can manage them through your project dashboard:
  • View Active Assertions: See all assertions currently protecting your contracts
  • Monitor Status: Check assertion execution status and any triggered violations
  • Update Assertions: Submit new versions of assertions as your protocol evolves
  • Remove Assertions: Remove assertions if needed

Complete Walkthrough Video

Here’s a full video walkthrough of the entire process from authentication to activating assertions:

Troubleshooting

”Contract ownership verification failed”

  • Ensure your contract has an owner() function that returns an address
  • Verify you’re connected with the wallet that owns the contract
  • Check that the contract address is correct

”Assertion already exists”

  • Each assertion can only be submitted once per project
  • Use a different assertion name or update the existing assertion

”Authentication expired”

  • Run pcl auth login again to refresh your session
  • Keep your CLI session active while using the dApp

Next Steps

Write Assertions

Learn how to write effective assertions

Test Assertions

Test your assertions before deployment

Using pcl

Learn how to use pcl

Ownership Verification

Understand ownership requirements