Contract source verification failure
bogatyy opened this issue · comments
Component
Forge
Have you ensured that all of these are up to date?
- Foundry
- Foundryup
What version of Foundry are you on?
forge 0.0.2 (f79fea9 2024-09-09T00:33:55.323592000Z)
What command(s) is the bug in?
forge create
Operating System
macOS (Apple Silicon)
Describe the bug
Using foundry-zksync for source code verification fails on Abstract.
Create project:
forge init my-abstract-project && cd my-abstract-project
Update forge.toml to
[profile.default]
src = 'src'
libs = ['lib']
fallback_oz = true
is_system = false # Note: NonceHolder and the ContractDeployer system contracts can only be called with a special isSystem flag as true
mode = "3"
solc = "0.8.13"
then try to verify:
forge build --zksync
forge create src/Counter.sol:Counter --zk-compile --account myKeystore --rpc-url https://api.testnet.abs.xyz --chain 11124 --zksync --verify --verifier-url "https://api-explorer-verify.testnet.abs.xyz/contract_verification"
fails with ETHERSCAN_API_KEY must be set
The command above should not require an Etherscan key, but it also fails when I set up ETHERSCAN_API_KEY to a valid key (via export), as well as when I use --etherscan-api-key
Permalink to reproduction steps (mirrors my actions): https://docs.abs.xyz/build-on-abstract/smart-contracts/foundry
Hey @bogatyy! Thanks for raising this issue.
We are currently developing the integration with the --verify flag, but it is not yet fully supported. To verify a contract, we do support forge verify-contract, which works similarly. However, the process requires deploying the contract first and then verifying it using that command.
You are also correct about the failure related to the Etherscan API key. This is a check inherited from the original Foundry, and to verify, you must include something like this in the foundry.toml. Keep in mind, this key is not used and can be anything as long as it follows the required format.
[etherscan]
zksyncTestnet = { key = "this-is-not-a-real-key", url = "https://api-sepolia-era.zksync.network/api", chain = 300 }
Here is the output from the steps I did to reproduce
forge create src/Counter.sol:Counter --private-key {PRIVATE_KEY} --rpc-url https://sepolia.era.zksync.dev --zksync
[⠃] Using zksolc-1.5.3
[⠊] Compiling (zksync)
No files changed, compilation skipped
Deployer: 0x1952c7B8c3aeC74F1cA83ee1273Ee882Fd8CceeD
Deployed to: 0x0b1892a95a2678ABD802dAcA4c1eC28035e30279
Transaction hash: 0x0b2731acd2948f676a50967d939246832796011aed27b0b78397a7aa7be5e340
And then verify
forge verify-contract 0x0b1892a95a2678ABD802dAcA4c1eC28035e30279 src/Counter.sol:Counter --rpc-url https://sepolia.era.zksync.dev --chain-id 300 --watch --zksync -e {API_KEY}
Start verifying contract `0x0b1892a95a2678ABD802dAcA4c1eC28035e30279` deployed on 300
Submitting verification for [src/Counter.sol:Counter] 0x0b1892a95a2678ABD802dAcA4c1eC28035e30279.
Submitted contract for verification:
Response: `OK`
GUID: `uwvlqc7ahvrspzcgnwppgstpzrgndhixgnnke1lttdjz5i24ix`
URL: https://api-sepolia-era.zksync.network/address/0x0b1892a95a2678abd802daca4c1ec28035e30279
Contract verification status:
Response: `NOTOK`
Details: `Pending in queue`
Contract verification status:
Response: `OK`
Details: `Pass - Verified`
Contract successfully verified
Here is the verified contract
Let me know if have any further issues.
Hi @Jrigada, thanks for your guide.
Sophon uses a fork of https://sepolia.explorer.zksync.io instead of etherscan.
Trying to verify on zkSync Sepolia on that explorer returns an error
forge verify-contract 0xA6bBa479D4e6dB2678F7ba2c6C0CE020E7466dBF src/Counter.sol:Counter --rpc-url https://sepolia.era.zksync.dev --chain-id 300 --watch --zksync -e "test"
Start verifying contract `0xA6bBa479D4e6dB2678F7ba2c6C0CE020E7466dBF` deployed on 300
Submitting verification for [src/Counter.sol:Counter] 0xA6bBa479D4e6dB2678F7ba2c6C0CE020E7466dBF.
Encountered an error verifying this contract:
Response: `NOTOK`
Details: `Missing zkCompilerVersion`
Getting the same error on Sophon:
forge verify-contract 0x0822de97c7e75269107cf19a90e5e809f4b106c4 src/Counter.sol:Counter --rpc-url https://rpc.testnet.sophon.xyz/ --chain-id 531050104
--watch --zksync
Start verifying contract `0x0822DE97c7e75269107CF19A90e5e809F4B106c4` deployed on 531050104
Submitting verification for [src/Counter.sol:Counter] 0x0822DE97c7e75269107CF19A90e5e809F4B106c4.
Encountered an error verifying this contract:
Response: `NOTOK`
Details: `Missing zkCompilerVersion`
Having this in my .toml
[etherscan]
sophonTestnet = { key = "this-is-not-a-real-key", url = "https://block-explorer-api.testnet.sophon.xyz/api", chain = 531050104 }
zksyncTestnet = { key = "this-is-not-a-real-key", url = "https://block-explorer-api.sepolia.zksync.dev/api", chain = 300 }
I imagine this is due to API differences?
Yes, that’s correct. Foundry uses its block-explorers crate and the VerifyContract struct to comply with the Etherscan API. However, due to differences between APIs, we currently do not support the block explorer endpoint for verification.
So is verifying on non-Etherscan block explorers possible?
i.e. the Abstract block explorer? https://explorer.testnet.abs.xyz/
@jarrodwatts we are investigating what changes we need to make on the block explorer api to facilitate verification seamlessly using foundry-zksync. The same will have to be done for other ZK chain explorers. In the meantime, you can review this repo that provides more insight / workaround on verification.
So to verify, a manual POST request with the object is required? Is that the correct understanding?
Checking in on the above?