Verify Smart Contracts with Etherscan Plugins¶
Introduction¶
Verifying smart contracts is a great way of improving the transparency and security of contracts deployed on Moonbeam. There are a couple of plugins that integrate with Etherscan's contract verification service, including the hardhat-etherscan
plugin and the truffle-plugin-verify
plugin. Both plugins can be used to automate the process of verifying contracts by locally detecting which contracts to verify and which Solidity libraries are required, if any.
The Hardhat plugin integrates seamlessly into your Hardhat project, and likewise the Truffle plugin integrates into your Truffle project. Foundry also has Etherscan capabilities, but they are built into its Forge tool instead of being included in a separate plugin.
This guide will show you how to use both plugins to verify smart contracts deployed on Moonbase Alpha. This guide can also be adapted for Moonbeam and Moonriver.
Checking Prerequisites¶
To follow along with this tutorial, you will need to have:
- MetaMask installed and connected to the Moonbase Alpha TestNet
- An account funded with
DEV
tokens. You can get DEV tokens for testing on Moonbase Alpha once every 24 hours from the Moonbase Alpha Faucet - A Moonscan API key for the network you're trying to verify a contract on. For Moonbeam and Moonbase Alpha, you'll need a Moonbeam Moonscan API key. For Moonriver, you'll need a Moonriver Moonscan API key
- Git installed and configured
Generating a Moonscan API Key¶
To generate a Moonscan API Key, you will need to sign up for an account. Depending on which network you want to verify a contract on, you'll have to make sure you create an API key from the correct network on Moonscan. For Moonbeam or Moonbase Alpha, you can navigate to the Moonbeam Moonscan. For Moonriver, you can head to the Moonriver Moonscan. To sign up for an account, you can take the following steps:
- Click Sign In
- Select Click to sign up and then register your new account
Once you have an account and are signed in, you will then be able to create an API key.
- Select API-KEYs from the left side menu
- To add a new key, click the + Add button
You will then be prompted to enter in an AppName for your API key and once you enter a name and click Continue it will appear in your list of API keys.
Using the Hardhat Etherscan Plugin¶
The example in this section of the guide will be based off of the Box.sol
contract that was created in the Using Hardhat to Deploy To Moonbeam guide.
To get started with the Hardhat Etherscan plugin, you will need to first install the plugin library:
npm install --save-dev @nomiclabs/hardhat-etherscan
Note
Support for Moonbeam-based networks was added in version 3.0.1 of @nomiclabs/hardhat-etherscan
. You can double check what version you're using by looking under the devDependencies
section of your package.json
and updating to version 3.0.1 or greater if needed.
You can add your Moonscan API key to the secrets.json
file alongside your private key. For this example, you'll need a Moonbeam Moonscan API key. If you want to verify a contract on Moonriver, you'll need a Moonriver Moonscan API key.
From within your Hardhat project, open your hardhat.config.js
file. You'll need to import the hardhat-etherscan
plugin, your Moonscan API key, and add the config for Etherscan:
require("@nomiclabs/hardhat-etherscan");
const { privateKey, moonbeamMoonscanAPIKey, moonriverMoonscanAPIKey } = require('./secrets.json');
module.exports = {
networks: {
moonbeam: { ... },
moonriver: { ... },
moonbaseAlpha: { ... }
},
etherscan: {
apiKey: {
moonbeam: moonbeamMoonscanAPIKey, // Moonbeam Moonscan API Key
moonriver: moonriverMoonscanAPIKey, // Moonriver Moonscan API Key
moonbaseAlpha: moonbeamMoonscanAPIKey, // Moonbeam Moonscan API Key
}
}
};
To verify the contract, you will run the verify
command and pass in the address of the deployed contract and the network where it's deployed:
npx hardhat verify --network moonbase <CONTRACT-ADDRESS>
In your terminal you should see the source code for your contract was successfully submitted for verification. If the verification was successful, you should see Successfully verified contract and there will be a link to the contract code on Moonscan for Moonbase Alpha.
If you're verifying a contract that has constructor arguments, you'll need to run the above command and add the constructor arguments used to deploy the contract at the end of the command. For example:
npx hardhat verify --network moonbase <CONTRACT-ADDRESS> "<constructor argument>"
Please refer to the Hardhat Etherscan documentation for help with additional use cases such as:
- complex arguments
- libraries with undetectable addresses
- using multiple API keys
- using the
verify
command programmatically - determining the correct constructor arguments
Using the Truffle Verify Plugin¶
The example in this section of the guide will use the MyToken.sol
contract that was created in the Using Truffle to Deploy to Moonbeam guide.
To get started with truffle-plugin-verify
, open your Truffle project and install the plugin:
npm install --save-dev truffle-plugin-verify
Next you'll need to add the plugin to your truffle-config.js
file and add the Etherscan config. For this example, you'll need a Moonbeam Moonscan API key. If you want to verify a contract on Moonriver, you'll need a Moonriver Moonscan API key. The Truffle config should resemble the following:
module.exports = {
networks: { ... },
compilers: { ... },
plugins: ['moonbeam-truffle-plugin', 'truffle-plugin-verify'],
api_keys: {
moonscan: 'INSERT-YOUR-MOONSCAN-API-KEY'
}
}
To verify the contract, you will run the run verify
command and pass in the deployed contract name and the network where it's deployed:
truffle run verify MyToken --network moonbase
If the contract verification was successful, in your terminal, you should see Pass - Verified with a link to the contract code on Moonscan for Moonbase Alpha.
For further information on the plugin, please refer to the README.md file of the truffle-plugin-verify
GitHub repository.
Using Foundry to Verify¶
The example in this section of the guide will use the MyToken.sol
contract that was created in the Using Foundry to Deploy to Moonbeam guide.
In addition to the Foundry project, you will need a Moonbeam Moonscan API key. This API key can be used for both the Moonbeam and Moonbase Alpha networks. If you want to verify a contract on Moonriver, you'll need a Moonriver Moonscan API key.
If you have already deployed the example contract, you can verify it with the verify-contract
command. Before you can verify the contract, you will need to ABI-encode the constructor arguments. To do so for the example contract, you can run the following command:
cast abi-encode "constructor(uint256)" 100
The result should be 0x0000000000000000000000000000000000000000000000000000000000000064
. You can then verify the contract using the following command:
forge verify-contract --chain-id 1284 \
YOUR_CONTRACT_ADDRESS \
--constructor-args 0x0000000000000000000000000000000000000000000000000000000000000064 \
src/MyToken.sol:MyToken \
YOUR_MOONSCAN_API_KEY
forge verify-contract --chain-id 1285 \
YOUR_CONTRACT_ADDRESS \
--constructor-args 0x0000000000000000000000000000000000000000000000000000000000000064 \
src/MyToken.sol:MyToken \
YOUR_MOONSCAN_API_KEY
forge verify-contract --chain-id 1287 \
YOUR_CONTRACT_ADDRESS \
--constructor-args 0x0000000000000000000000000000000000000000000000000000000000000064 \
src/MyToken.sol:MyToken \
YOUR_MOONSCAN_API_KEY
If you wanted to deploy the example contract and verify at the same time, then you would use the following command:
forge create --rpc-url INSERT_RPC_API_ENDPOINT \
--constructor-args 100 \
--etherscan-api-key YOUR_MOONSCAN_API_KEY \
--verify --private-key YOUR_PRIVATE_KEY \
src/MyToken.sol:MyToken
forge create --rpc-url INSERT_RPC_API_ENDPOINT \
--constructor-args 100 \
--etherscan-api-key YOUR_MOONSCAN_API_KEY \
--verify --private-key YOUR_PRIVATE_KEY \
src/MyToken.sol:MyToken
forge create --rpc-url https://rpc.api.moonbase.moonbeam.network \
--constructor-args 100 \
--etherscan-api-key YOUR_MOONSCAN_API_KEY \
--verify --private-key YOUR_PRIVATE_KEY \
src/MyToken.sol:MyToken
| Created: February 15, 2022