Preflight Checks

Before deploying, w3m deploy validates that the deployment can proceed. If any check fails, deployment is aborted with an error message.

Checks Performed

The deploy command runs these checks in order:

1. Authentication

Ensures you have a valid API key stored (via w3m auth <key>). If not authenticated, the command exits with instructions to run the auth command.

2. API Preflight

Calls POST /api/deploy/preflight with the target chain and chain ID. The API checks your account tier against the target chain. Free-tier users cannot deploy to mainnet chains.

If the preflight fails:

Deployment to ethereum is not allowed: Mainnet deployment requires a Pro plan.
Required tier: pro. Upgrade at https://web3.market/pricing

3. Environment Variables

Checks that two environment variables are set:

The chain name is uppercased with hyphens replaced by underscores. For example, arbitrum-sepolia requires ARBITRUM_SEPOLIA_RPC_URL.

4. Compilation

Runs forge build in the contracts/ directory. If compilation fails, deployment is aborted with the error output.

5. Test Suite

Runs forge test in the contracts/ directory. If any test fails, deployment is aborted. Skip this check with --skip-tests.

Security Checks (Standalone)

The w3m audit command provides additional security validation that can be run independently of deployment:

Environment Security

Validates environment variables for security issues:

• Variables matching secret patterns (private_key, secret, mnemonic, seed_phrase) must not have the NEXT_PUBLIC_ prefix, which would expose them in browser bundles
• Empty secret variables trigger a warning

Slither Static Analysis

Runs Slither static analysis on contracts. Requires pip install slither-analyzer.

w3m audit --slither

AI Contract Review

Sends contract source files to the AI review API. Requires a Pro-tier API key.

w3m audit --ai