build strategy · onchain

Real onchain, five secrets, one build.

Every mega-prompt in this repo uses the same pattern, because it's the only pattern that lets a Lovable account ship a verifiable Sepolia demo in one shot.

Why Sepolia and not mainnet?

Sepolia is a real Ethereum testnet — the same EVM, the same Etherscan UI, the same wallets — but funded by a free faucet. Every contract you deploy is publicly inspectable, but you never spend real ETH and your demo can't accidentally drain a user. Move to mainnet after the hackathon by swapping the RPC.

The recipe

recipe
# 1. In your Lovable project, add five secrets (Settings -> Secrets):
METAMASK_PRIVATE_KEY=0x...
ETHERSCAN_API_KEY=...
PRIVY_APP_ID=...
PINATA_JWT=eyJhbGciOi...
SEPOLIA_RPC_URL=https://...   # optional, a public RPC is used otherwise

# 2. Fund the MetaMask account on Sepolia:
open https://cloud.google.com/application/web3/faucet/ethereum/sepolia

# 3. Copy a mega-prompt from this repo into Lovable. One paste:
#    - scaffolds the React app
#    - writes the Solidity contract (with hackathon credit in NatSpec)
#    - deploys to Sepolia and verifies on Etherscan
#    - wires Privy social login + sponsored tx
#    - pins generated assets to IPFS via Pinata
#    - exposes the contract address + Etherscan link in the UI

# 4. Open the live Etherscan link. Your demo is provably onchain.

1. The contract — credit baked in

Every Solidity file deployed from a Creative Blockchain prompt MUST carry the hackathon credit in NatSpec, so provenance lives onchain alongside the bytecode.

contracts/Provenance.sol
// contracts/Provenance.sol — every contract carries the hackathon credit in NatSpec
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;

/// @title Provenance
/// @notice Built during the Creative AI & Quantum Hackathon
/// @notice organised by StreetKode Fam during Indian Krump Festival 14
contract Provenance {
    event Logged(address indexed author, string cid, uint256 at);

    function log(string calldata cid) external {
        emit Logged(msg.sender, cid, block.timestamp);
    }
}

2. Deploy + verify on Etherscan

scripts/deploy.ts
// scripts/deploy.ts — reads METAMASK_PRIVATE_KEY + ETHERSCAN_API_KEY from process.env
import { ethers, run } from "hardhat";

async function main() {
  const F = await ethers.getContractFactory("Provenance");
  const c = await F.deploy();
  await c.waitForDeployment();
  const addr = await c.getAddress();
  console.log("deployed:", addr);

  // verify on Etherscan
  await run("verify:verify", { address: addr, constructorArguments: [] });
}
main();

3. Pin assets to IPFS via Pinata

src/lib/pinata.ts
// src/lib/pinata.ts — pin a Blob to IPFS via Pinata JWT
export async function pinToIPFS(file: Blob, name = "artifact") {
  const fd = new FormData();
  fd.append("file", file, name);
  const r = await fetch("https://api.pinata.cloud/pinning/pinFileToIPFS", {
    method: "POST",
    headers: { Authorization: `Bearer ${process.env.PINATA_JWT}` },
    body: fd,
  });
  const { IpfsHash } = await r.json();
  return IpfsHash as string; // the CID
}

4. Sign in with Google via Privy

src/main.tsx
// src/main.tsx — Privy social login + sponsored transactions
import { PrivyProvider } from "@privy-io/react-auth";

<PrivyProvider
  appId={import.meta.env.VITE_PRIVY_APP_ID}
  config={{
    loginMethods: ["google", "email"],
    embeddedWallets: { createOnLogin: "users-without-wallets" },
    defaultChain: { id: 11155111, name: "Sepolia" },
  }}
>
  <App />
</PrivyProvider>

Hackathon rules of thumb

  • · One mega-prompt = one build message. Don't iterate the architecture, iterate the UI.
  • · Always show the live Etherscan link in the UI — that's your proof.
  • · Use Privy sponsored tx so judges don't need a wallet to try the demo.
  • · Pin every user-generated asset to IPFS the moment it's created.
  • · Add a "Built during the Creative AI & Quantum Hackathon — StreetKode Fam · Indian Krump Festival 14" line to your footer.