How to Verify Contracts
There are multiple ways to verify a contract on Sourcify. Depending on your use case, you can choose the best way.
Some of these methods are using the legacy Sourcify API. This will be deprecated in the near future. Use Sourcify APIv2 instead (see APIv2 docs).
With APIv2 when you submit a verification, this will create a verification job. You can then check the status of the job and get the verification result. See one example in the UI here.
Methods:
verify.sourcify.dev UI
You can verify using our new verification UI at https://verify.sourcify.dev. See the Github repo here.
First choose the chain you want to verify the contract on and provide the contract address.
This will automatically check if the contract is verified on Sourcify on the same chain and all other supported chains.
Importing a contract
You can import a verified contract from different sources:
- Etherscan: Enter the chain and contract address to import the contract. You need an Etherscan API key to use this feature. Open the "Settings" on top right to add your API key. API keys are used locally in the browser and are not sent to Sourcify servers.
Verification Methods
For both Solidity and Vyper contracts you can choose between the following verification methods:
- Single file: Provide single .sol or .vy file, alongside compiler settings.
- Multiple files: Provide multiple .sol or .vy files, alongside compiler settings.
- (preferred) Standard JSON: Provide a standard JSON input file.
Prefer using the standard JSON or framework commands directly (see below) to maintain the full compilation and avoid any changes. Different compiler settings can break the verification. Flattening the sources also breaks the metadata hashes and you won't be able to get an "Exact Match".
Additionally the following option is available for Solidity contracts:
- Metadata.json: Provide a metadata.json file to verify the contract in the first file input field. Provide all the source files in the second file input field. This option checks the source hashes in the metadata.json provided and compares them with the hashes of the source files provided before submitting the verification.
Contract Identifier
From the files and contracts provided, we will ask you to select the contract you want to verify. Ie. if you've written a contract called MyContract.sol using other contracts Ownable.sol and ERC20.sol, you will be asked to select MyContract.sol as the contract to verify.
The format of the contract identifier is path:contractName e.g.
path/to/contractName.sol:contractName
The verification UI will parse the files and give you a list of contracts to choose from. You can always input the contract identifier manually.
(Optional) Creation Transaction Hash
Sourcify needs to find the transaction the contract was deployed in to get the creation bytecode. We get this information from different sources like block explorers (see here). You can still provide a creation transaction hash manually if you want to, or if Sourcify fails to verify via creation bytecode.
Hardhat/Foundry build-info files
If you are using Hardhat or Foundry, the best way to verify is to directly use the CLI of the frameworks (see the commands below). However, it is also possible to use the Sourcify build-info files to verify.
The build-info files are generated by the frameworks and contain the compilation information. This can be parsed and used by the verify.sourcify.dev UI to verify the contract.
You can find the build-info files in:
- Hardhat:
artifacts/build-info/<build-hash>.json - Foundry:
out/build-info/<build-hash>.json
Click on the toggle to "Upload build-info file" and select the build-info file.
Verification Job
Once you've provided all the information, you can submit the verification. This will create a verification job. You can see the job in the UI and get the verification result.
If the verification fails you can see the error message and why it failed.
You can see the diffs of the bytecodes if the compilation succeeds but the bytecodes did not match.
Foundry (legacy API)
Foundry natively supports Sourcify verification. You can verify contracts with the additional verify flags in Forge.
(This is still using the legacy Sourcify API)
forge create --rpc-url <your_rpc_url> \
--constructor-args "ForgeUSD" "FUSD" 18 1000000000000000000000 \
--private-key <your_private_key> \
src/MyToken.sol:MyToken \
--verify \
--verification-provider sourcify
--verifier-url https://localhost:5555 # optional, defaults to https://sourcify.dev/server/
forge verify-contract 0x55f7d4279CE387067f12561e7E0c194f5186cFba \
src/MyToken.sol:MyToken \
--chain-id 11155111 \
--verifier sourcify
--verifier-url https://localhost:5555 # optional, defaults to https://sourcify.dev/server/
forge verify-check 0x55f7d4279CE387067f12561e7E0c194f5186cFba \
--chain-id 11155111 \
--verifier sourcify
Hardhat (legacy API)
hardhat-verify plugin
The Hardhat plugin @nomicfoundation/hardhat-verify has official Sourcify support.
(This is still using the legacy Sourcify API)
In order to enable Sourcify support, add this to hardhat.config.js:
sourcify: {
enabled: true,
// Optional: specify a different Sourcify server
apiUrl: "https://sourcify.dev/server",
// Optional: specify a different Sourcify repository
browserUrl: "https://repo.sourcify.dev",
}
After deploying your contracts you can verify on Sourcify with:
npx hardhat verify --network mainnet DEPLOYED_CONTRACT_ADDRESS
Remix
You can use the "unified verification plugin" written by the Sourcify team to verify on multiple verifiers on Remix.
- Click on the "Plugins" tab in bottom of the sidebar and search for "Contract Verification"
- Enable the plugin "Contract Verification"
- Click on the "Contract Verification" tab in the sidebar
- Enter the contract address and select a chain
- Select the contract to verify (you need to have compiled a contract on Remix first)
- By default all verifiers are enabled. For Etherscan you need to add your API key in the "Settings" tab
- You can see the verification result in the "Receipts" tab
API
See the API docs for more information.
Other Sourcify wrappers and tools
Do you have a tool to be listed? Let us know!