Smart Contract Verification, Simplified
If you‘re building a dApp and expecting others to interact with it, verifying is a must. Unless you completely trust the source, do not interact with an unverified contract.
Hold up, what is smart contract verification?
Smart contract verification is the process of corroborating your contract source code with the deployed, compiled code. This provides transparency for contract users as they will know exactly how to interact with your contract. It also allows users to see vulnerabilities in the contract and spot malicious code. Once verified, users will be able to see the entire contract that you created and can interact with it through sites such as Etherscan and Polygonscan. These sites also allow you to verify your contracts. However, they don’t work as well when trying to verify a contract with multiple imports from outside contracts (i.e. OpenZeppelin contracts). The reason for this article is to share a better, easier method of verification that will handle these more complex contracts.
As mentioned, you can verify a contract right on Etherscan or Polygonscan. However, you will run into many issues when trying to verify contracts with layers of imported contracts. Even a simple NFT contract that inherits OpenZeppelin contracts will not verify easily on these sites. The reason is that you would need to supply all of the code for each imported contract which is tedious and unnecessary. It can also lead to errors and frustration.
So how can you verify with ease? Through the command line. Hardhat has developed a package that allows for simple contract verification.
You will need to install Hardhat to use it which can be done here: https://hardhat.org/tutorial/creating-a-new-hardhat-project.html
You will also need an API key. If you are verifying an Ethereum contract use an Etherscan API key and for a Polygon contract you would use a Polygonscan API key.
Here’s How it works:
First, you want to install npm package.
- npm install — save-dev @nomiclabs/hardhat-etherscan
Next, open the hardhat config file and edit as seen below (inputing your API key).
For Polygon projects, add a polygon object inside the “etherscan” object that contains the API key for Polygonscan (as shown here).
Lastly, input the following into the command line:
- npx hardhat verify - network mainnet DEPLOYED_CONTRACT_ADDRESS “Constructor argument 1”
DEPLOYED_CONTRACT_ADDRESS = Address you are verifying against
If no constructors, leave the constructor argument blank.
This method will allow you to verify on a variety of other blockchains as well (i.e. Binance Smart Chain, Avalanche, etc.).
For more information, go here:
Hope you found this helpful! Happy developing!
