github.com/nftgem/hardhat-fantomscan
Hardhat plugin for integration with Etherscan's contract verification service.
This plugin helps you verify the source code for your Solidity contracts on Etherscan.
It's smart and it tries to do as much as possible to facilitate the process:
npm install --save-dev @nomiclabs/hardhat-etherscan
And add the following statement to your hardhat.config.js:
require("@nomiclabs/hardhat-etherscan");
Or, if you are using TypeScript, add this to your hardhat.config.ts:
import "@nomiclabs/hardhat-etherscan";
This plugin provides the verify task, which allows you to verify contracts through Etherscan's service.
This plugin does not extend the environment.
You need to add the following Etherscan config to your hardhat.config.js file:
module.exports = {
networks: {
mainnet: { ... }
},
etherscan: {
// Your API key for Etherscan
// Obtain one at https://etherscan.io/
apiKey: "YOUR_ETHERSCAN_API_KEY"
}
};
Lastly, run the verify task, passing the address of the contract, the network where it's deployed, and the constructor arguments that were used to deploy it (if any):
npx hardhat verify --network mainnet DEPLOYED_CONTRACT_ADDRESS "Constructor argument 1"
When the constructor has a complex argument list, it might be easier to write a javascript module that exports the argument list. The expected format is the same as a constructor list for an ethers contract. For example, if you have a contract like this:
struct Point {
uint x;
uint y;
}
contract Foo {
constructor (uint x, string s, Point memory point, bytes b) { ... }
}
then you can use an arguments.js file like this:
module.exports = [
50,
"a string argument",
{
x: 10,
y: 5,
},
// bytes have to be 0x-prefixed
"0xabcdef",
];
Where the third argument represents the value for the point parameter.
The module can then be loaded by the verify task when invoked like this:
npx hardhat verify --constructor-args arguments.js DEPLOYED_CONTRACT_ADDRESS
Some library addresses are undetectable. If your contract uses a library only in the constructor, then its address cannot be found in the deployed bytecode.
To supply these missing addresses, you can create a javascript module that exports a library dictionary and pass it through the --libraries parameter:
hardhat verify --libraries libraries.js OTHER_ARGS
where libraries.js looks like this:
module.exports = {
SomeLibrary: "0x...",
}
To call the verification task from within a Hardhat task or script, use the "verify:verify" subtask. Assuming the same contract as above, you can run the subtask like this:
await hre.run("verify:verify", {
address: contractAddress,
constructorArguments: [
50,
"a string argument",
{
x: 10,
y: 5,
},
"0xabcdef",
],
})
If the verification is not successful, an error will be thrown.
If your contract has libraries with undetectable addresses, you may pass the libraries parameter with a dictionary specifying them:
hre.run("verify:verify", {
// other args
libraries: {
SomeLibrary: "0x...",
}
}
The plugin works by fetching the bytecode in the given address and using it to check which contract in your project corresponds to it. Besides that, some sanity checks are performed locally to make sure that the verification won't fail.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.