Cover UI Release ✅ Easily Build Submissions & Verify Canisters.

Discover a canister’s Cover verified status like never before with our new application frontend. Manage and submit new builds from our dApps form!

We’re bringing you Cover like you’ve never seen it before (literally).

Today, we’re releasing a frontend dApp that connects to Cover’s backend code validation services. You can now search & consume Cover data (like a canister’s verified status), as well as manage your own canisters and their build submissions.

In our last release, we dropped Cover’s SDK to make it super easy for dApps to integrate Cover into their experiences. Looking for an example implementation? You’re in luck, we’ve built Cover’s UI entirely using our own SDK.

• Visit the Cover dApp
• Cover dApp Github Repo

Checking a Canister’s Status 🧭

The homepage’s left-most table features a chronological list of the most recent canisters added to Cover.

See the column that kind of resembles a stoplight? 🚦 This column gives you a single glance read on a canister’s Cover status.

Green = Verified ✅

Red = Error, Not Verified ❌

Yellow = Pending, Currently Being Verified ⚠️

Looking to audit the code of a verified canister? Search by the canister ID of the canister you’re looking for and click on the highlighted section under the Repo section.

This will bring you to a public GitHub repository. If the canister is currently verified (represented by the green circle), this is the open source code associated with the canister you searched.

Submitting New Builds 🏗

Cover’s UI also allows us to extend the accessibility of build submissions through Cover. There are now three main ways to submit new builds:

1. Cover’s GitHub Action
2. Using Cover’s UI
3. A different implementation of Cover SDK

To start a new build submission use the ‘Submit Verification’ button in the top right corner of the dApp.

Most fields are self explanatory, and also have included tooltips. All inputs in this form are required for a valid build submission.

Generating Digital Signatures ✍️

The last three fields of the submission form are Timestamp, Signature, and Public Key. These fields are required because the Cover validator needs to check that you’re in fact the owner of the canister you’re making the submission for.

In order to generate a digital signature and find your identity’s public key, we need the PEM file of the identity that owns / controls the canister.

To do so, use this script we’ve created to generate your public key and signature from an Ed5519 PEM file with this command:

PEM_PATH=~/.config/dfx/identity/… node cover-sdk.js

To combat the possibility of compromised signatures, signatures are based on timestamps and are only valid for 5 minutes after generated. Submissions with signatures of timestamps older than 5 minutes will fail.

What’s in the Pipeline? 👷‍♂️

Why no Plug authentication? We know it’s a shocker, Plug seems like the perfect solution to abstract away the manual creation of digital signatures for validation of build submissions.

This feature is currently blocked because you can’t import DFX identities (PEM files) into Plug. This should be resolved in a Plug update soon, and an update to Cover’s UI will follow shortly after.

Until Next Time 👋

That’s a wrap! Want to voice your opinion or see and idea you have for Cover get implemented? Hop into our Discord to jam with our team or submit a PR of your own.

• Discord
• Twitter
• Website
• Docs
• Main Repository