-
Notifications
You must be signed in to change notification settings - Fork 53
Verify xDai deployments on BlockScout #340
Comments
A description of my attempts to get our contracts verified on Blockscout. Unlike Etherscan, Blockscout does not accept full Solc compilation input for contract verification (issue). This means that the source code of the verified contracts must be flattened (which requires minor changes to the contract code to remove circular dependencies). However, in our project we compile simultaneously contracts that use Blockscout is also integrated with Sourcify, a project that aims to make contract source verification less centralized (example of a contract verified with Sourcify on Blockscout). However, among other things, immutables are not supported (issue). (There is some work in progress! 🎉 ) I found the most helpful error messages when trying to verify a contract manually on Sourcify with the unstable official website. Again, the JSON file with the name of the contract to verify in To me it looks like we won't be able to verify our contract until any of the two issues above is fixed, both issues are nontrivial. I say we should not verify our contract on Blockscout/Sourcify for now. Since we use deterministic deployments, and our contracts are verified on Etherscan, you can check that the code is correct by checking the contract code on Etherscan mainnet at the same address. The remaining use case for contract verification would be the read/write contract feature. I wonder if we might be able to somehow take our contract interface and implement each function by injecting the compiled bytecode into the source. However, this seems quite complicated and not worth the effort. I think it would also be nice to verify on Sourcify our mainnet/Rinkeby contracts, since it already almost comes for free with hardhat deploy. Edit: after more testing, a contract verified with Sourcify doesn't seem to be automatically verified on Blockscout. However, |
Very nice 🕵️ work. Agree that it would be nice to verify everything on Sourcify and not rely on specific block explorers. Regarding blockscout only accepting flattened contracts, I have been seeing this interface which also allows me to chose
I'm not at all sure if we have access to these files (and if this option already works via their API) but since it wasn't mentioned in your analysis, I thought I'd bring it up. |
I think it only accepts flattened contracts or Sourcify. As @fedgiac mentioned:
So this would also suffer from the issue where
I agree with this conclusion. |
I didn't find this option in edit: clarified which API was not found |
Just to mention that Sourcify offers both a UI and an API. Also, Sourcify runs a monitoring service that, upon detecing a new contract created, attempts to fetch its sources and do the process of verification automatically. This is possible only if the author publishes the sources (to IPFS, this is something offered by e.g. Remix IDE). Support for contracts with immutable variables is in progress and should be featured in the weeks to come. |
Update on this issue: I still wasn't able to verify
The error message is the same if I use the Blockscout interface or the Sourcify interface. The good news is that |
this approach with sourcify excludes all private ethereum compatible blockchains that sourcify don't supports. |
As of today, the settlement contract still fails verification of Sourcify. The authenticator however was successfully verified. I made another unsuccessful attempt to verify the settlement contract using the npm package
Here is the (bulk of the) code used to verify the contract.
Add
Run with:
|
Hey there. I just took a deeper look into what's going on. In the case of immutable variables what Sourcify currently does is this:
In the case of The contract The current workaround described above, unfortunately, cannot handle this case when the tx that creates the contract is not a create tx (i.e. not to address There's also an ongoing implementation ethereum/sourcify#507 to gather all creation bytecodes by running a modified geth and verify using the creation bytecode search, but this is currently planned for the Ethereum networks only as we can't run a client for all networks we support, and will take some more time. |
Thanks for looking into the issue @kuzdogan! I think you are right: I tried to deploy the settlement contract with a deploy transaction on Rinkeby (here) and I was able to verify it on Sourcify (here).
Looking forward to the implementation with the modified node. For us specifically, we rely on Sourcify to verify contracts on the xDAI network, as it seems that the local block explorer delegates the verification of "non-flattenable" smart contracts to Sourcify, but I definitely understand that running nodes on multiple networks would take a lot of maintainance. Note: weirdly, to verify the contract deployed above I had to go to the Sourcify website, as |
I see, then this upcoming issue/feature ethereum/sourcify#619 would be related to this. This is also a WIP but nice that we have an awaiting use case for it :) |
☝️
The text was updated successfully, but these errors were encountered: