Feedback Needed: Deployment & Verification Workflows

Hi everybody!

We would love to get your feedback on something.

In an effort to continuously improve the Sourcify verification experience, we would like to learn more about your deployment and verification workflows.

Specifically, it would be amazing to know:

• How do you deploy your contracts? Which tools do you use?
• How do verify your contracts?

Additionally, it would be helpful to know if you ever tried verifying your contracts with Sourcify and if you encountered any issues during that process. If you did not manage to verify your sources, feel free to link to your source files below and the Sourcify team will try to get them verified and investigate why it did not work.

In case you don’t know what Sourcify is and are hearing about it for the first time today, here is a quick intro:

Sourcify helps to make interacting with smart contracts on the blockchain safer and more transparent for users. To achieve this goal, we support several efforts to foster adoption of open-source source verification, metadata files and NatSpec comments.

At its core, the Sourcify team currently maintains…

• the verifier - an interface that helps developers to verify metadata and contract source code: https://sourcify.dev/
• the fetcher - an interface to check if contracts have been verified.
• a contract repository of all verified contracts: https://repo.sourcify.dev/
• an automated monitoring & verifier service that checks for new contracts on Ethereum chains (mainnet and testnets) and tries to verify them: GitHub - ethereum/sourcify: Solidity re-compiler that can be used to verify that bytecode corresponds to certain source code
• verification plugin for Remix.
• a verification API: GitHub - ethereum/sourcify: Solidity re-compiler that can be used to verify that bytecode corresponds to certain source code

Together with the compilation metadata, everyone can re-compile the smart contract and be sure that the source code is exactly the same as at deploy time, including every comment. You can also use the Sourcify platform to obtain the ABI for each contract.

We use truffle for deployment as well as verification. Have a script which runs at the end of deployment, reads our config files and on each runs
truffle run verify ${contractName}@${contractAddress} --network []

works pretty well and haven’t had any problems with it

Hey, we use hardhat to deploy contracts and verify contracts, it needs a key of the etherscan, just runs:

npx hardhat verify --network mainnet DEPLOYED_CONTRACT_ADDRESS "Constructor argument 1"

works well.