Content
@
0 reply
0 recast
2 reactions
Matt Solomon
@msolomon.eth
Introducing the Cove alpha release: Simple, reliable, open-source contract verification. Test it out now at https://covecontracts.com Learn more: https://twitter.com/msolomon44/status/1688656321053425664
2 replies
2 recasts
15 reactions
shazow
@shazow.eth
Very cool, but wish there was more info about why a verification is partial rather than full (what exactly failed to match?)
1 reply
0 recast
0 reaction
Matt Solomon
@msolomon.eth
similar nomenclature to sourcify, where partial just means the metadata hash didn't match (ignoring this bug around constructor args https://github.com/ScopeLift/cove-backend/issues/15)
1 reply
0 recast
0 reaction
shazow
@shazow.eth
Ah right, which you can't get details for unless you have the build manifest that it's hashing which contains individual source file hashes.
1 reply
0 recast
1 reaction
Matt Solomon
@msolomon.eth
yep, so you'll pretty much never get a full match unless there's no metadata hash since it's filepath dependent, which I think is ok (it doesn't add too much value IMO)
1 reply
0 recast
0 reaction
shazow
@shazow.eth
Wonder if we should just stop appending those hashes to the initcode and get rid of the concept of full match altogether...
2 replies
0 recast
1 reaction
shazow
@shazow.eth
Or at minimum, migrate user facing stuff to use new terms, like "bytecode match" and additionally "metadata match"
0 reply
0 recast
1 reaction
Matt Solomon
@msolomon.eth
Yea I think I agree, lots of projects don’t use it anyway to ensure deterministic deploys Vyper only appends a version, no metadata The metadata hash is an ipfs hash so the idea was you get the ipfs hash from the bytecode and use that to fetch the source code. An interesting idea, but that never really panned out
1 reply
0 recast
1 reaction
