Ethereum platform offers transparency by default. All data on Ethereum's blockchain is public and accessible by anyone. The problem is that all contracts code on Ethereum is binary code, easily executed by Ethereum Virtual Machine, but hardly human-readable. Although most devs write smart contracts using Solidity language, what is deployed is not Solidity, but binary code.
Questions that come to mind: what is the point of deploying a smart contract if no one can verify that it's doing what it's supose to do? Should you entrust your money to unverified code? No.
Verification helps with building a trust betweeen a customer using smart contract and a counter-party that deployed contract. Etherscan has implemented an online tool to help developers verify their code. Verification is a process of connecting a Solidity source code to smart contract's deployed binary code. The tool checks if the compiled version of Solidity code matches binary code. Once contract is verified, anyone can check the source code, review and audit it.
Before we explain how to verify your code, if you are using our tool to mint some ERC-20 tokens, you do not need to do anything; contracts are auto-verified. Here's an example token's Solidity code on Etherscan deployed using our tool.
This guide is for devs using Truffle and Solidity for contract development.
truffle-flattener concats solidity files developed under Truffle with all of their dependencies.
Install it with the following:
npm install truffle-flattener -g
Use truffle-flattener to concatenate all dependencies of the deployed contract. Example code
is as follows:
truffle-flattener contracts/ERC20/TokenMintERC20Token.sol > FlatTokenMintERC20Token.sol
A new file named FlatTokenMintERC20Token.sol should be created with the content of all solidity
contracts used in the hierarchy.
This section will guide you through the Etherscan's Verify and publish tool and help you fill in all the fields on their page. We'll go step by step.
Find your contract on Etherscan, then navigate to code tab, click on the Verify And Publish link. Etherscan will autofill some of the form fields so you don't have to (contract address and constructor arguments ABI encoded).
Next, you'll fill in the Contract Name using name of the contract from solidity file (for example from TokenMintERC20Token.sol the name is TokenMintERC20Token).
The version of Solidity compiler you used can be viewed with following command:
You'll get something like this:
Truffle v4.1.14 (core: 4.1.14)
Solidity v0.4.24 (solc-js)
Find your compiler version from the dropdown, use commit version, not nightly (for
To check if optimization is enabled, open the truffle.js configuration file in your project's root folder and
look up for object named solc, something like this:
If there is an object like this, you can see that optimization is enabled, with
200 runs. If solc object is not present, then optimization is disabled.
Copy/paste the contents of the flattened file (FlatTokenMintERC20Token.sol) in the form.
Hit the Verify And Publish button, and wait a few seconds for contracts to be verified!