Uploading Projects

Learn how to upload multi-file projects (Foundry, Hardhat) to BlockSecOps. Use project upload when you have: - Multiple contract files - Local imports between...

Last updated: January 14, 2026

Uploading Projects

Learn how to upload multi-file projects (Foundry, Hardhat) to BlockSecOps.

When to Use Project Upload

Use project upload when you have:

  • Multiple contract files
  • Local imports between files
  • A Foundry or Hardhat project structure
  • Dependencies managed by a package manager

Supported Frameworks

Framework Config File Detected By
Foundry foundry.toml Config file presence
Hardhat hardhat.config.js or .ts Config file presence

Both frameworks are auto-detected based on configuration files.

Creating a Project Archive

From Foundry Project

  1. Navigate to your project root
  2. Create a ZIP archive:
# Include essential files only
zip -r myproject.zip src/ lib/ foundry.toml remappings.txt

From Hardhat Project

  1. Navigate to your project root
  2. Create a ZIP archive:
# Include contracts and config
zip -r myproject.zip contracts/ hardhat.config.js

What to Include

Include:

  • Source contracts (src/, contracts/)
  • Library dependencies (lib/, node_modules/@openzeppelin/)
  • Configuration files (foundry.toml, hardhat.config.js)
  • Remappings (remappings.txt)

Exclude:

  • Build artifacts (out/, artifacts/, cache/)
  • Test files (optional, but reduces size)
  • Documentation
  • CI/CD files

Upload Methods

Drag and Drop

  1. Create your ZIP archive
  2. Drag the .zip file to the upload area
  3. BlockSecOps detects the framework automatically

File Browser

  1. Click New Scan
  2. Select Browse Files
  3. Choose your .zip, .tar, or .tar.gz archive
  4. Click Open

Archive Requirements

Supported Formats

Format Extension
ZIP .zip
Tarball .tar
Gzipped Tarball .tar.gz, .tgz

Size Limits

Plan Max Archive Size
Free 5 MB
Developer 10 MB
Startup+ 20 MB

File Count

Maximum files per archive: 500

Framework Detection

Foundry Projects

BlockSecOps detects Foundry when it finds:

  • foundry.toml in the root
  • src/ directory with .sol files

Remappings:

  • remappings.txt is read automatically
  • foundry.toml remappings are also parsed

Hardhat Projects

BlockSecOps detects Hardhat when it finds:

  • hardhat.config.js or hardhat.config.ts
  • contracts/ directory

Dependencies:

  • OpenZeppelin imports are resolved
  • Include node_modules/ for other dependencies

Import Resolution

How Imports Are Resolved

  1. Remappings - Checked first (@openzeppelin/lib/openzeppelin/)
  2. Relative paths - ./ and ../ from the importing file
  3. Node modules - node_modules/ directory
  4. Built-in libraries - OpenZeppelin, Solmate, etc.

Common Import Patterns

These work automatically:

// OpenZeppelin (auto-resolved)
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";

// Relative imports (resolved from file location)
import "./utils/Math.sol";
import "../interfaces/IVault.sol";

// Remapped imports (from remappings.txt)
import "solmate/tokens/ERC20.sol";

After Upload

Once your project uploads:

  1. Framework Detection - Foundry/Hardhat identified
  2. File Extraction - Archive contents processed
  3. Import Resolution - Dependencies linked
  4. Ready for Scan - Select scanners and run

Scanning Projects

All Files

By default, all contract files are scanned.

Specific Files

To scan specific files:

  1. After upload, click Select Files
  2. Check the files to scan
  3. Click Continue

Fuzzing Scanners

Fuzzing scanners (Echidna, Medusa, Halmos) only appear for projects:

  • They require test harnesses
  • Single-file contracts don't support fuzzing

Troubleshooting

"No contracts found"

Your archive may be missing source files:

  • Ensure src/ or contracts/ exists
  • Check that .sol files are included
  • Verify the archive structure

"Import not found"

An import couldn't be resolved:

  • Include the dependency in your archive
  • Check remappings are correct
  • For npm packages, include node_modules/

"Archive too large"

The upload exceeds your plan limit:

  • Exclude out/, artifacts/, cache/ directories
  • Exclude test files
  • Compress more aggressively

Framework not detected

Config file may be missing:

  • For Foundry: include foundry.toml
  • For Hardhat: include hardhat.config.js
  • Place config in archive root

Example: Foundry Project

Directory Structure

my-project/
├── foundry.toml
├── remappings.txt
├── src/
│   ├── Token.sol
│   └── Vault.sol
└── lib/
    └── openzeppelin-contracts/
        └── contracts/
            └── token/
                └── ERC20/
                    └── ERC20.sol

Create Archive

cd my-project
zip -r my-project.zip src/ lib/ foundry.toml remappings.txt

Upload

Drag my-project.zip to BlockSecOps.

Example: Hardhat Project

Directory Structure

my-project/
├── hardhat.config.js
├── contracts/
│   ├── Token.sol
│   └── Vault.sol
└── node_modules/
    └── @openzeppelin/
        └── contracts/
            └── token/
                └── ERC20/
                    └── ERC20.sol

Create Archive

cd my-project
zip -r my-project.zip contracts/ node_modules/@openzeppelin/ hardhat.config.js

Upload

Drag my-project.zip to BlockSecOps.

Next Steps