Skip to content

Post Deployment Checklist

  • [ ] verify live policy assertions on all registered targets
  • [ ] verify event monitor subscriptions and alert routing
  • [ ] verify oncall runbook access and signer escalation tree
  • [ ] verify backup RPC/indexing data sources
  • [ ] verify no unresolved high-severity audit findings remain

Required Readbacks

After deployment, every address must be read from chain, not copied from a deploy script. Verify proxyAdmin, proxyImplementation, beacon implementation, beacon upgradeAuthority, factory controller, factory upgradeGovernor, factory vaultBeacon, controller factory, controller claimGatekeeper, deposit baseline addresses, and allowlist admin.

Abort Conditions

Do not open deposits if bootstrap is still open, any policy assertion fails, any role is held by an EOA, any proxy admin is not the governor, the vault beacon authority is not the governor, or evidence artifacts are missing.

Evidence To Archive

Deployment manifest, constructor args, initializer args, role assignments, registration txs, genesis approval txs, seal tx, post-state reads, and first readiness/claimability smoke-check output.