Contract Addresses

Overview

GweAI uses a comprehensive contract address registry with built-in security validation to prevent frontend manipulation attacks. All addresses are verified on-chain and immutable.

Verified Contracts

Deployed and verified on Base Sepolia testnet:

Core Protocol Contracts

ROUTER

Address

Main Trading Interface

0x49B538646dc51f1b8c533113113A7dE05fBC2218

Handles buy, sell, and swap transactions

LIQUIDITY_POOL

Address

Liquidity Pool

0xDEEd6a61940bD4162f9955aeBb477C3bDABf6078

Holds all protocol liquidity

SUBSCRIPTION

Address

Subscription Manager

0xcFbdEaba321700A9C125b41dB6bBd6BBBA752287

Manages user subscription plans

Token Addresses

USDC_TOKEN

Address

USDC Token (Base Sepolia)

0xBEE08798a3634e29F47e3d277C9d11507D55F66a

Primary settlement currency

TREASURY

Address

Treasury/Admin

0x39c0b97A8F2194fcd7396296F7697a84dd81077A

Protocol treasury and owner address

Usage

import { VERIFIED_CONTRACTS } from './config/contracts';

const routerAddress = VERIFIED_CONTRACTS.ROUTER;
const usdcAddress = VERIFIED_CONTRACTS.USDC_TOKEN;

Supported Tokens

Whitelisted token addresses for trading:

export const VERIFIED_TOKENS = {
  USDC: '0xBEE08798a3634e29F47e3d277C9d11507D55F66a',
  BTC: '0x7d9E31f5cCac4b9c8566f343A6bD6f3263DFcC91',
  SOL: '0x241ECE6Dce0E0825F9992410B3fA5d4b8fC8d199',
  BNB: '0xAA9Be1a8A7f7254C1759bAa7e0f7864579c33a96',
  XRP: '0x01E278B5421AAC93A206C15b2933419DA19E17b3',
  TON: '0xC85D84a1092b81aCBA9bC75fad6063a7DA642E36',
  AVAX: '0x5DC449E37b6DAAD182d4Fb13C8dFE53C383C2E46',
  TRX: '0x45442ecB66A1a10c0F9817fb7F2B50a3bB99bd69',
  ADA: '0xcB1A4c81E7a56cbE2246DA3aE256Ba0154940648',
  DOGE: '0x803aD69f487536Ec1eE8a83Cd329e3d1703f8337',
} as const;

Network Configuration

chainId

number

default:"84532"

Base Sepolia chain ID

name

string

default:"Base Sepolia"

Human-readable network name

rpcUrl

string

Primary RPC endpoint

https://base-sepolia.g.alchemy.com/v2/-mGklZw8tTiO9fg9sRGQP

blockExplorer

string

Block explorer URL

https://sepolia.basescan.org

import { NETWORK_CONFIG } from './config/contracts';

console.log(`Network: ${NETWORK_CONFIG.name}`);
console.log(`Chain ID: ${NETWORK_CONFIG.chainId}`);

Security Validation

Contract Verification

isVerifiedContract()

Verifies contract address matches expected verified address:

export function isVerifiedContract(
  address: string,
  contractType: keyof typeof VERIFIED_CONTRACTS
): boolean

address

string

required

Address to verify

contractType

ContractType

required

Contract type: 'ROUTER' | 'LIQUIDITY_POOL' | 'SUBSCRIPTION' | 'USDC_TOKEN' | 'TREASURY'

Returns: true if address matches verified contract Example:

import { isVerifiedContract, VERIFIED_CONTRACTS } from './config/contracts';

const address = '0x49B538646dc51f1b8c533113113A7dE05fBC2218';
const isValid = isVerifiedContract(address, 'ROUTER'); // true

const fakeAddress = '0x0000000000000000000000000000000000000000';
const isFake = isVerifiedContract(fakeAddress, 'ROUTER'); // false

getVerifiedContract()

Gets verified contract address with integrity check:

export function getVerifiedContract(
  contractType: keyof typeof VERIFIED_CONTRACTS
): Address

contractType

ContractType

required

Contract type to retrieve

Returns: Verified contract address Throws: Error if address is invalid or modified Example:

import { getVerifiedContract } from './config/contracts';

try {
  const routerAddress = getVerifiedContract('ROUTER');
  console.log('Router:', routerAddress);
} catch (error) {
  console.error('Security violation:', error);
}

Token Validation

isVerifiedToken()

Checks if token address is in whitelist:

export function isVerifiedToken(address: string): boolean

address

string

required

Token address to verify

Returns: true if token is whitelisted Example:

import { isVerifiedToken } from './config/contracts';

const usdcAddress = '0xBEE08798a3634e29F47e3d277C9d11507D55F66a';
const isValid = isVerifiedToken(usdcAddress); // true

const unknownToken = '0x1111111111111111111111111111111111111111';
const isUnknown = isVerifiedToken(unknownToken); // false

On-Chain Verification

verifyContractOnChain()

Validates contract exists on-chain by checking bytecode:

export async function verifyContractOnChain(address: Address): Promise<boolean>

address

Address

required

Contract address to verify on-chain

Returns: true if contract has bytecode (is not EOA) Example:

import { verifyContractOnChain, VERIFIED_CONTRACTS } from './config/contracts';

const isDeployed = await verifyContractOnChain(VERIFIED_CONTRACTS.ROUTER);
if (isDeployed) {
  console.log('✅ Contract verified on-chain');
} else {
  console.error('❌ Contract not found');
}

This function makes an RPC call to fetch contract bytecode. Results should be cached to avoid rate limiting.

Transaction Validation

validateTransaction()

Comprehensive security check before transactions:

export async function validateTransaction(params: {
  contractAddress: Address;
  contractType: keyof typeof VERIFIED_CONTRACTS;
  userAddress?: Address;
}): Promise<{ valid: boolean; error?: string }>

params.contractAddress

Address

required

Contract address to validate

params.contractType

ContractType

required

Expected contract type

params.userAddress

Address

User wallet address to validate

Validation Steps:

Verifies address matches expected verified contract
Checks contract exists on-chain with valid bytecode
Validates user address format (if provided)

Returns: Object with valid boolean and optional error message

import { validateTransaction, VERIFIED_CONTRACTS } from './config/contracts';

const validation = await validateTransaction({
  contractAddress: VERIFIED_CONTRACTS.ROUTER,
  contractType: 'ROUTER',
  userAddress: '0x...',
});

if (!validation.valid) {
  throw new Error(validation.error);
}

// Proceed with transaction

Address Validation

isValidAddress()

Validates Ethereum address format:

export function isValidAddress(address: string): boolean

address

string

required

Address string to validate

Returns: true if valid hex address format Example:

import { isValidAddress } from './config/contracts';

const valid = isValidAddress('0x49B538646dc51f1b8c533113113A7dE05fBC2218'); // true
const invalid = isValidAddress('0xinvalid'); // false
const tooShort = isValidAddress('0x123'); // false

getChecksumAddress()

Converts address to checksummed format:

export function getChecksumAddress(address: string): Address

address

string

required

Address to convert

Returns: Checksummed address Throws: Error if address format is invalid Example:

import { getChecksumAddress } from './config/contracts';

const checksummed = getChecksumAddress(
  '0x49b538646dc51f1b8c533113113a7de05fbc2218'
);
// Returns: 0x49B538646dc51f1b8c533113113A7dE05fBC2218

Contract Function Signatures

ABI function selectors for validation:

Router Functions

export const CONTRACT_SIGNATURES = {
  ROUTER_BUY: '0xa59ac6dd',      // buy(address,uint256,uint256)
  ROUTER_SELL: '0x6a272462',     // sell(address,uint256,uint256)
  ROUTER_SWAP: '0xfe029156',     // swap(address,address,uint256,uint256)
  
  SUBSCRIPTION_PURCHASE: '0x98693010', // purchasePlan(uint8)
  
  ERC20_TRANSFER: '0xa9059cbb',  // transfer(address,uint256)
  ERC20_APPROVE: '0x095ea7b3',   // approve(address,uint256)
  ERC20_BALANCE_OF: '0x70a08231', // balanceOf(address)
} as const;

validateFunctionSignature()

Validates transaction data matches expected function selector:

export function validateFunctionSignature(
  data: string,
  expectedSignature: string
): boolean

data

string

required

Transaction data (calldata)

expectedSignature

string

required

Expected 4-byte function selector (e.g., '0xa59ac6dd')

Returns: true if signature matches Example:

import { validateFunctionSignature, CONTRACT_SIGNATURES } from './config/contracts';

const txData = '0xa59ac6dd000000000000000000000000...';
const isValidBuy = validateFunctionSignature(
  txData,
  CONTRACT_SIGNATURES.ROUTER_BUY
); // true

Security Monitoring

logSecurityEvent()

Logs security-related events for monitoring:

export function logSecurityEvent(event: {
  type: 'CONTRACT_CALL' | 'ADDRESS_VALIDATION' | 'SIGNATURE_CHECK' | 'ERROR';
  details: string;
  address?: string;
  timestamp?: number;
}): void

event.type

EventType

required

Event category: 'CONTRACT_CALL' | 'ADDRESS_VALIDATION' | 'SIGNATURE_CHECK' | 'ERROR'

event.details

string

required

Event description

event.address

string

Related address (if applicable)

event.timestamp

number

Event timestamp (defaults to current time)

Example:

import { logSecurityEvent } from './config/contracts';

logSecurityEvent({
  type: 'CONTRACT_CALL',
  details: 'Router buy transaction initiated',
  address: VERIFIED_CONTRACTS.ROUTER,
});

logSecurityEvent({
  type: 'ERROR',
  details: 'Invalid contract address detected',
  address: suspiciousAddress,
});

In production mode, security events are logged as warnings. In development, they’re logged as info.

Complete Usage Example

import {
  VERIFIED_CONTRACTS,
  validateTransaction,
  validateFunctionSignature,
  CONTRACT_SIGNATURES,
  logSecurityEvent,
} from './config/contracts';

async function executeTrade(
  userAddress: Address,
  tokenAddress: Address,
  amount: bigint
) {
  // 1. Validate transaction security
  const validation = await validateTransaction({
    contractAddress: VERIFIED_CONTRACTS.ROUTER,
    contractType: 'ROUTER',
    userAddress,
  });

  if (!validation.valid) {
    throw new Error(`Security check failed: ${validation.error}`);
  }

  // 2. Log security event
  logSecurityEvent({
    type: 'CONTRACT_CALL',
    details: 'Buy transaction validated',
    address: VERIFIED_CONTRACTS.ROUTER,
  });

  // 3. Execute transaction
  const tx = await writeContract({
    address: VERIFIED_CONTRACTS.ROUTER,
    abi: routerAbi,
    functionName: 'buy',
    args: [tokenAddress, amount, minAmount],
  });

  // 4. Validate transaction data
  const isValidSig = validateFunctionSignature(
    tx.data,
    CONTRACT_SIGNATURES.ROUTER_BUY
  );

  if (!isValidSig) {
    throw new Error('Invalid function signature');
  }

  return tx;
}

Type Definitions

import type { Address } from 'viem';

export const VERIFIED_CONTRACTS: {
  readonly ROUTER: Address;
  readonly LIQUIDITY_POOL: Address;
  readonly SUBSCRIPTION: Address;
  readonly USDC_TOKEN: Address;
  readonly TREASURY: Address;
};

export const VERIFIED_TOKENS: {
  readonly USDC: string;
  readonly BTC: string;
  readonly SOL: string;
  readonly BNB: string;
  readonly XRP: string;
  readonly TON: string;
  readonly AVAX: string;
  readonly TRX: string;
  readonly ADA: string;
  readonly DOGE: string;
};

export const NETWORK_CONFIG: {
  readonly chainId: number;
  readonly name: string;
  readonly rpcUrl: string;
  readonly blockExplorer: string;
};

export function isVerifiedContract(
  address: string,
  contractType: keyof typeof VERIFIED_CONTRACTS
): boolean;

export function isVerifiedToken(address: string): boolean;
export function getVerifiedContract(
  contractType: keyof typeof VERIFIED_CONTRACTS
): Address;
export function verifyContractOnChain(address: Address): Promise<boolean>;
export function validateTransaction(params: {
  contractAddress: Address;
  contractType: keyof typeof VERIFIED_CONTRACTS;
  userAddress?: Address;
}): Promise<{ valid: boolean; error?: string }>;
export function isValidAddress(address: string): boolean;
export function getChecksumAddress(address: string): Address;
export function validateFunctionSignature(
  data: string,
  expectedSignature: string
): boolean;

Wagmi Configuration

Wallet connectors and blockchain setup

RPC Providers

RPC fallback strategy and caching

Best Practices

Never modify contract addresses in the registry. All addresses are verified on-chain and changing them will break security validation.

Always use validateTransaction() before executing any contract interaction to prevent frontend manipulation attacks.

The security monitoring system logs all contract interactions for audit purposes. In production, integrate with a monitoring service like Sentry or LogRocket.

Blockchain Integration

AI Services

Wallet & Auth

Contract Addresses

Overview

Verified Contracts

Core Protocol Contracts

Token Addresses

Usage

Supported Tokens

Network Configuration

Security Validation

Contract Verification

isVerifiedContract()

getVerifiedContract()

Token Validation

isVerifiedToken()

On-Chain Verification

verifyContractOnChain()

Transaction Validation

validateTransaction()

Address Validation

isValidAddress()

getChecksumAddress()

Contract Function Signatures

Router Functions

validateFunctionSignature()

Security Monitoring

logSecurityEvent()

Complete Usage Example

Type Definitions

Wagmi Configuration

RPC Providers

Best Practices

Build docs developers (and LLMs) love

Blockchain Integration

AI Services

Wallet & Auth

​Overview

​Verified Contracts

​Core Protocol Contracts

​Token Addresses

​Usage

​Supported Tokens

​Network Configuration

​Security Validation

​Contract Verification

​isVerifiedContract()

​getVerifiedContract()

​Token Validation

​isVerifiedToken()

​On-Chain Verification

​verifyContractOnChain()

​Transaction Validation

​validateTransaction()

​Address Validation

​isValidAddress()

​getChecksumAddress()

​Contract Function Signatures

​Router Functions

​validateFunctionSignature()

​Security Monitoring

​logSecurityEvent()

​Complete Usage Example

​Type Definitions

​Related Resources

Wagmi Configuration

RPC Providers

​Best Practices

Build docs developers (and LLMs) love

Overview

Verified Contracts

Core Protocol Contracts

Token Addresses

Usage

Supported Tokens

Network Configuration

Security Validation

Contract Verification

isVerifiedContract()

getVerifiedContract()

Token Validation

isVerifiedToken()

On-Chain Verification

verifyContractOnChain()

Transaction Validation

validateTransaction()

Address Validation

isValidAddress()

getChecksumAddress()

Contract Function Signatures

Router Functions

validateFunctionSignature()

Security Monitoring

logSecurityEvent()

Complete Usage Example

Type Definitions

Related Resources

Best Practices