Feature: Source code verification on Sourcify

[kuzdogan]

Overview

Add Sourcify verification to Ape framework, similar to Etherscan.

Sourcify (sourcify.dev) is a decentralized and open-sourced smart contract verification service. Sourcify verifies contracts using the Solidity contract metadata to achieve "full matches" i.e. byte-by-byte matches of the original source code. We then serve these contracts on our repo over IPFS and HTTP for other tools to build on top of, such as block explorers or wallets.

Specification

Initially, the metadata of the compiled contracts needs to be output. If this is not enabled by default, it needs to be enabled in the Solidity standard JSON input's outputSelection:

"outputSelection": {
  "*": {
    "*": [
      "metadata", // <-- Add this
      "evm.bytecode",
      "evm.bytecode.sourceMap"
    ],
    ...
  }
},

This will also help contract authors verify later if they don't deploy with the Ape framework. One of the main issues has been that the metadata file gets lost after compilation and therefore a full match was not possible.

After the user deploys the contract a call to the /verify endpoint can be made with the address and the chainId. See docs

{
    "address": ...,
    "chain": ...,
    "files": {
        "metadata.json": ...,
        "file-name1.sol": ...,
        "file-name2.sol": ...
    },
}

cc: @marcocastignoli

[fubuloubu]

This is a great candidate for a plugin!

Ape has the ExplorerAPI plugin which allows you to do things like contract verification and other tasks that an explorer might have indexed for you. Under the hood, ape should have all of the data necessary in the EIP-2678 ethPM v3 manifest to replicate any deployment task (some reconfiguration might be necessary to conform to a particular tool's non-standard format)

Check out our Etherscan plugin for an example: https://github.com/ApeWorX/ape-etherscan/blob/main/ape_etherscan/explorer.py#L14

If you have an issues implementing, feel free to respond to this issue or get help from our Discord!