GetSalt.sh

Problem Statement

What is GetSalt.sh?GetSalt.shis a toolkit for mining and deploying deterministic,vanity smart contract addressesusingCREATE2. It drastically reduces the cost and complexity of generating recognizable contract addresses (e.g.0x111111...,0xDEADBEEF...) across multiple EVM chains.By sharing compute and enforcing cross-chain consistency, GetSalt.sh turns vanity addressing into a security and branding primitive—accessible to everyone, not just whales or protocols with GPU farms.Why It MattersHuman-verifiable security:Users can recognize vanity contracts visually, especially on hardware wallets, reducing phishing risk.Branding & trust:Projects can claim distinctive, memorable addresses across chains.Deployment determinism:Same code, same salt = same address on all chains.Cost asymmetry:Defense becomes affordable, while attack remains expensive.The Problems TodayMining high-entropy prefixes is costly and slow.No protection against impersonation or copycats across chains.Defenders and attackers pay roughly the same to secure a vanity pattern.How GetSalt.sh WorksCross-chain enforcement via LayerZero:Automated cryptographic verification ensures addresses on different chains contain matching bytecode. For chains without LayerZero, manual DAO verification provides a future-proof fallback— supporting any EVM chain, even ones that don't exist yet.Shared off-chain GPU mining:Salt search for a fixed proxy bytecode is shared and GPU-accelerated.Shared proxy:Every mined address points to the same minimal UUPS proxy implementation, enabling mining efforts to be mutualized.Commit–reveal on-chain registration:Secures vanity addresses against frontrunning.Cross-chain enforcement via LayerZero:Ensures that an address used on one chain has matching bytecode on others.DAO moderation:A 24h timelock allows the community to veto malicious or misleading vanity claims.Cost asymmetry:Defenders share mining costs (everyone mines the same proxy), while attackers must mine unique addresses repeatedly. Combined with 10% slashing on failed registrations, defense becomes cheap while attacks remain expensive.

Solution

GetSalt.shis built with a three-layer architecture optimizing for security and cross-chain consistency.Smart Contracts (Solidity + Foundry + Hardhat)Three custom contracts (~1,200 lines) usingOpenZeppelin's upgradeable librariesandERC-7201 namespaced storage:GetSaltRegistry- Commit-reveal registration with 24h timelock to prevent front-runningGetSaltMinimalProxy- UUPS proxy deployed at vanity addressesGetSaltFactory- CREATE2 deterministic deployment (same address on all EVM chains)Tested withFoundry(19/19 passing), deployed viaHardhatwith 5 custom workflow tasks.Frontend (Next.js 14 + TypeScript)Next.js 14 App RouterwithWagmi v2+Viemfor blockchain interactions,RainbowKitfor wallet connections, andshadcn/uicomponents. Fully type-safe from Solidity ABIs to React components viaTypeChain.Backend (Drizzle ORM + SQLite)5 REST API endpoints usingNext.js API routeswithDrizzle ORMfor type-safe database queries.SQLitefor development, with easy upgrade path toTurso(distributed SQLite) for production.Partner Tech: LayerZero v2LayerZero Readenables trustless cross-chain bytecode verification. When registering a vanity address, challengers can trigger automatic verification that the same address on different chains contains matching code—preventing cross-chain impersonation attacks without manual checks.Notable Hacks & InnovationsMutualized Mining- Everyone mines for thesameminimal proxy bytecode, sharing GPU costs. Users then upgrade to their custom implementation. This makes vanity addresses accessible to everyone, not just GPU farms.Hybrid Verification- LayerZero for automated verification on supported chains, plus manual DAO verification foranyEVM chain (even future ones). When LayerZero support arrives, verification automatically becomes trustless.First Upgrade Validation- Proxy validates implementation bytecode hash usingextcodehashon first upgrade, preventing bait-and-switch attacks. After validation, normal upgrades work freely.Economic Security- 0.01 ETH registration + 10% slashing creates asymmetry: defending is cheap (shared mining), attacking is expensive (lose 10% per failed attempt). The 24h timelock lets the community be the security layer.