Allow publishing source on Etherscan

[iamdefinitelyahuman]

Overview

It should be possible (and simple) to verify a deployed contract's source code on etherscan.

Specification

Not 100% on how this would be best implemented. Some thoughts:

1. Add an internal "flattener" to turn multiple source files into a single file. Might also be worth exposing this on it's own via the CLI.
2. Add a method to Contract, to be called from in the console or a script.
3. Consider a flag in brownie run to auto-verify all sources after deployment?

Possible syntax:

contract = ContractContainer.deploy({'from': accounts[0]})
contract.publish_on_etherscan()

and / or

ContractContainer.deploy({'from': accounts[0]}, publish=True)

[Skyge]

Does anyone work on this issue? if not, I would like to solve this issue.

[BlinkyStitt]

Etherscan updated to support verifying from solidity-standard-json-input.

The publish_on_etherscan function should send a POST like this.

[Netherdrake]

What is the current best way to achieve this for contracts created trough brownie?

[fubuloubu]

I think it would be good practice to have a publish_sources: True|False key that pushes to etherscan (or whatever block explorer) whenever a contract is deployed to a public network.

[sabotagebeats]

The json seems located in build/contracts/ but where can I find the hex encoded constructor abi within build/deployments/ ?

#766 (comment)

edit: I was wrong, that is not the correct json.

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

This issue now has a funding of 0.5 ETH (236.29 USD @ $472.58/ETH) attached to it.

• If you would like to work on this issue you can 'start work' on the Gitcoin Issue Details page.
• Want to chip in? Add your own contribution here.
• Questions? Checkout Gitcoin Help or the Gitcoin Chat
• $1,045,515.92 more funded OSS Work available on the Gitcoin Issue Explorer

[oogetyboogety]

Looks like some of the work may have already started for this, but is blocked, in #766?

[banteg]

Maybe we should also consider a standard json format instead of flattening for Solidity?
https://kndrck.co/posts/verify-contracts-etherscan-100/

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

Work has been started.

These users each claimed they can complete the work by 266 years from now.
Please review their action plans below:

1) oogetyboogety has been approved to start work.

1. Create the internal flattener with an accessible CLI optoin and some standard for arranging/flattening multiple source files
2. add the publish_on_etherscan method to the contract conforming to the specs in https://etherscan.io/sourcecode-demo.html
3. add a build step in the brownie smart contract building and testing pipeline
   2) developerfred has applied to start work (Funders only: approve worker | reject worker).

My Plan and build this function in cli that self-identifies the contract models before delivering. ex: contracts with experimental ABI and contracts with default ABI
3) hhio618 has applied to start work (Funders only: approve worker | reject worker).

My plan:

1. Add a flattener to brownie using this PyPI package: solidity-flattener.
2. Add a method to Contract to verify a source code on etherscan.
3. Add --auto-verify flag to brownie run.

Learn more on the Gitcoin Issue Details page.

[Macarse]

@oogetyboogety sorry for the delay, I didn't notice I had to approve someone to start the work.

[iamdefinitelyahuman]

#651 could also be useful here. I think verifying by submitting the standard JSON compiler input will be less error-prone.

[oogetyboogety]

@banteg @iamdefinitelyahuman I need to validate to make sure there are not more than 10 imports, right?

[oogetyboogety]

@banteg how should the interface look for an etherscan API key? solt apparently uses some shared, potentially rate-limited API key[1] and I am trying to dig further into what this [2] means for brownie's use case of the verify & publish POST API:
Someone using the tools from dapp.tools for instance, in conjunction with something like dapp-pm to manage their dependencies was out of luck until now, and I’ve tried to make it as easy as possible for users to get their deployed contracts verified with as little headache as possible. This means including all the API keys necessary so that (best case) you shouldn’t need to create, store, and manage your own Etherscan API key if you don’t want to, although you can do that as well.
[1] https://github.com/hjubb/solt/blob/main/src/commonMain/kotlin/com/github/hjubb/solt/Verifier.kt#L79-L83
[2] https://blog.jubb.xyz/post/solt-release/

[Macarse]

I would read from env variable. Other tools use ETHERSCAN_TOKEN or at least that's what I have in my env vars.

[oogetyboogety]

gotcha, thanks

[iamdefinitelyahuman]

Brownie is already expecting the API key as an environment variable ETHERSCAN_TOKEN elsewhere in the code, so this is the best option.

brownie/brownie/network/contract.py

Lines 1370 to 1379 in b7c7253

	if "etherscan" in url:
	if os.getenv("ETHERSCAN_TOKEN"):
	params["apiKey"] = os.getenv("ETHERSCAN_TOKEN")
	elif not silent:
	warnings.warn(
	"No Etherscan API token set. You may experience issues with rate limiting. "
	"Visit https://etherscan.io/register to obtain a token, and then store it "
	"as the environment variable $ETHERSCAN_TOKEN",
	BrownieEnvironmentWarning,
	)

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

@oogetyboogety due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[oogetyboogety]

Should have this pr ready today Sent from my Verizon, Samsung Galaxy smartphone Get Outlook for Android<https://aka.ms/ghei36>

…

________________________________ From: Gitcoin.co Bot <notifications@github.com> Sent: Tuesday, November 24, 2020 12:12:08 PM To: eth-brownie/brownie <brownie@noreply.github.com> Cc: oogetyboogety <holycrapmoli@hotmail.com>; Mention <mention@noreply.github.com> Subject: Re: [eth-brownie/brownie] Allow publishing source on Etherscan (#411) Issue Status: 1. Open 2. Started 3. Submitted 4. Done

________________________________ @oogetyboogety<https://github.com/oogetyboogety> due to inactivity, we have escalated this issue<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068> to Gitcoin's moderation team. Let us know if you believe this has been done in error! * reminder (3 days) * escalation to mods (6 days) Funders only: Snooze warnings for 1 day<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068?snooze=1> | 3 days<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068?snooze=3> | 5 days<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068?snooze=5> | 10 days<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068?snooze=10> | 100 days<https://gitcoin.co/issue/eth-brownie/brownie/411/100024068?snooze=100> — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#411 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAZKLVTA254VUWI4TRTAFTDSRPSORANCNFSM4MIAO7UA>.

[oogetyboogety]

@Macarse oh gotcha let me do that now

[oogetyboogety]

@Macarse fixed

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

@oogetyboogety due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[oogetyboogety]

@gitcoinbot i'll take another look at getting the api calls right this weekend

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[eyooooo]

hey guys just wanted to write a workaround i use for this. when i deploy with brownie i write a csvfile to disk and then i have a bash script that feeds the rows into solt for auto verify. it works like 50% of the time, solt doesnt always succeed. hope this helps.

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

@oogetyboogety due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[Macarse]

@oogetyboogety plz check #896
Can you create the etherscan api integration?

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

@oogetyboogety due to inactivity, we have escalated this issue to Gitcoin's moderation team. Let us know if you believe this has been done in error!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[oogetyboogety]

@Mecarse I can definitely try the flattened way.

I'm trying to get it working with the API using solidity-json-output, as you can see in my reference PR. I think I might be close, I just need to figure out how to properly use the API.

[oogetyboogety]

I'll do that today

[oogetyboogety]

@gitcoinbot Think I got this working based on what I learned from https://github.com/rkalis/truffle-plugin-verify/blob/master/verify.js, will be updating in the next couple days with linted PR again

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[as2net]

So close 🥂

[gitcoinbot]

@oogetyboogety Hello from Gitcoin Core - are you still working on this issue? Please submit a WIP PR or comment back within the next 3 days or you will be removed from this ticket and it will be returned to an ‘Open’ status. Please let us know if you have questions!

• reminder (3 days)
• escalation to mods (6 days)

Funders only: Snooze warnings for 1 day | 3 days | 5 days | 10 days | 100 days

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

The funding of 0.5 ETH (365.14 USD @ $730.28/ETH) attached to this issue has been cancelled by the bounty submitter

• Questions? Checkout Gitcoin Help or the Gitcoin Chat
• $1,006,745.79 more funded OSS Work available on the Gitcoin Issue Explorer

[Macarse]

@oogetyboogety I canceled the bounty after your inactivity.

[oogetyboogety]

Was still working on getting this working, having some trouble getting this working for 100% of contracts. I wonder if anyone had a chance to look at the pr i had in progress

[fubuloubu]

This one is in progress, really solid approach I think will probably be what ends up being merged:
#914

[oogetyboogety]

Oh gotcha. If it behooves anyone to look I made a PR in progress where the approach might be less solid. It uses the solidity json file as opposed to flattening a contract. I was actually trying to get this to cooperate on all test contracts in brownie with the Etherscan API on Ropsten, without exceeding the request limits Etherscan API imposes while testing, although this was definitely taking me a while. If you would like for me to resume work on this, let me know.

[Netherdrake]

I've had issues getting contracts verified with the flattening approach. Really hopeful to see if @oogetyboogety can figure it out.

[matnad]

Implemented in #914. See PR for details.

[oogetyboogety]

Make sure all your source files use the same compiler version, otherwise the verification will fail.
I know the bounty is cancelled, but in case any one cares to look into this further, I think this might be where I was running into issues verifying the default sample contract issued with Brownie.

If we have linked contracts at already deployed addresses, it would make sense to get the error I kept getting if they were compiled using two different solidity commit hashes or versions, and then try to deploy with the already verified address for the OpenZeppelin contract.

FYI for future reference.