New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@compound-finance/hardhat-match

Package Overview
Dependencies
Maintainers
3
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@compound-finance/hardhat-match

Hardhat plugin for matching contract bytecode

  • 1.0.0
  • latest
  • npm
  • Socket score
Version published
Maintainers
3
Created
Source

@compound-finance/hardhat-match forked from @nomiclabs/hardhat-etherscan

Hardhat plugin for matching deployed contract bytecode to locally compiled version.

Installation

Build project using npm run build and then add to your project via npm.

Add the following statement to your hardhat.config.js:

require("@compound-finance/hardhat-match");

Or, if you are using TypeScript, add this to your hardhat.config.ts:

import "@compound-finance/hardhat-match";

Tasks

This plugin provides the match task, which allows you to match contracts by pulling deployed bytecode and locally compiling contracts. If the etherscan key is set, the constructor arguments will be compaired with the verified values on etherscan.

Usage

You may add the following Etherscan config to your hardhat.config.js file:

module.exports = {
  networks: {
    mainnet: { ... }
  },
  etherscan: {
    // Your API key for Etherscan
    // Obtain one at https://etherscan.io/
    apiKey: "YOUR_ETHERSCAN_API_KEY"
  }
};

Lastly, run the match task, passing the address of the contract, the network where it's deployed, and the constructor arguments that were used to deploy it (if any):

npx hardhat match --network mainnet DEPLOYED_CONTRACT_ADDRESS "Constructor argument 1"

Using programmatically

To call the verification task from within a Hardhat task or script, use the "match:match" subtask. You can run the subtask like this:

await hre.run("match:match", {
  address: contractAddress,
  constructorArguments: [
    50,
    "a string argument",
    {
      x: 10,
      y: 5,
    },
    "0xabcdef",
  ],
});

If the match is not successful, an error will be thrown.

Known limitations

  • Adding, removing, moving or renaming new contracts to the hardhat project or reorganizing the directory structure of contracts after deployment may alter the resulting bytecode in some solc versions. See this Solidity issue for further information.
  • Bytecode metadata is not part of the match comparison. If comments or whitespacing are changed, the match will still be successful.

FAQs

Package last updated on 08 Dec 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts

Security News

Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts

Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.

By Sarah Gooding  -  Jan 24, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc