Etherscan: How can I verify a contract with multiple imports deployed with Truffle?

Question

When I deploy a contract with Truffle that has an import statement, and try to verify it on etherscan, my understanding is that I need to paste in the contents of the imported file.

I get an error on etherscan that the bytecodes of the concatenated and deployed files are not the same. The strange thing is that if I deploy the contract (with imports) on remix then the bytecode matches with the concatenated source file.

Example

Here is a minimal example of contracts that exhibit this behaviour.

Combined.sol is the concatenated file, and Outer.sol contains the contract that is deployed.

Here is what I am doing that gets an error:

Deploy Outer.sol with truffle
Go to deployed contract address on etherscan
Input the Concatenated.sol source code and hit verify

Error, bytecodes do not match.

More info

Using compiler 0.4.11 in remix and truffle.
Ubuntu 16.04.
On Kovan, not that it should matter.
Deployed contract

For me verification of concatenated contracts used to work like a charm. Can you provide the address of the deployed minimal example on the Kovan network so I can investigate the case? — Jakub Wojciechowski, Jul 05 '17 at 13:04
@JakubWojciechowski Updated answer with address of deployed contract — Travis Jacobs, Jul 05 '17 at 13:52
When verifying the code on Etherscan, have you tried both with and without optimizations enabled? — DeviateFish, Jul 08 '17 at 05:35

score 12 · Accepted Answer · answered Jul 10 '17 at 12:46

Currently etherscan does not support verification of multifile contracts. But there is discussion on etherscan's reddit about this issue.

Concatenating files into one worked some time ago, but since version 0.4.7 Solidity includes hash of contract's metadata at the end of compiled contract. As this metadata contains file names and hashes, you may get the same bytecode after concatenating and compiling but this hash will be different.

I think motivation behind adding hash of this metadata to deployed contract is to make source verification automatic as each deployed contract contains swarm-link to sources, compiler version and compilation options.

So basically the verification feature is pretty much useless since solidity 0.4.7 ? — n1cK, Nov 07 '17 at 10:17

score 4 · Answer 2 · answered Aug 04 '21 at 09:25

I built a CLI that may help you, called multisol. You can install it via Homebrew if you're on Mac, or download one of the executables I provide if you're on Windows or Linux:

$ brew tap paulrberg/multisol
$ brew install multisol

Then you can use it like this:

$ multisol path/to/YourContract.sol

This will generate a folder named "multisol-yourcontract" that can be used to verify the source code on Etherscan for a deployed instance of YourContract.sol. Note that the type of verification is "Solidity (Multi-Part files)".

score 2 · Answer 3 · answered Jun 02 '19 at 04:06

2

I created truffle-plugin-verify to automate Truffle contract verification on Etherscan.

Install the plugin with npm

npm install truffle-plugin-verify

Add the plugin to your truffle.js or truffle-config.js file

module.exports = {
  /* ... rest of truffle-config */

  plugins: [
    'truffle-plugin-verify'
  ]
}

Generate an API Key on your Etherscan account (see the Etherscan website)
Add your Etherscan API key to your truffle config

module.exports = {
  /* ... rest of truffle-config */

  api_keys: {
    etherscan: 'MY_API_KEY'
  }
}

After migrating your Outer contract to Kovan, you are able to verify it on Etherscan by running:

truffle run verify Outer --network kovan

More information can be found on the repository or in my article Automatically verify Truffle smart contracts on Etherscan.

answered Jun 02 '19 at 04:06

Rosco Kalis

2,137
2
14
26

I am trying to verify a contract which uses multiple contracts but it fails with the below error:
truffle run verify AdminImpl@0xCDa9A9e6990999adfebbf8cADa2a6Ed2664d70A8 --network kovan Verifying AdminImpl@0xCDa9A9e6990999adfebbf8cADa2a6Ed2664d70A8 Fail - Unable to verify Failed to verify 1 contract(s): AdminImpl@0xCDa9A9e6990999adfebbf8cADa2a6Ed2664d70A8

Code to be verified: https://github.com/dydxprotocol/solo/blob/master/contracts/protocol/impl/AdminImpl.sol

I followed exactly what you have suggested and still trying to figure what is missing.
– lingraj mahanand Mar 15 '20 at 02:34
By any chance, was the contract deployed through another contract? – Rosco Kalis Mar 15 '20 at 08:06
No, it is deployed independently. After having deployed, it is used in this contract: https://github.com/dydxprotocol/solo/blob/master/contracts/protocol/SoloMargin.sol – lingraj mahanand Mar 15 '20 at 11:37
Could you open an issue on GitHub (with the output from running the command with the --debug flag? https://github.com/rkalis/truffle-plugin-verify/issues/new – Rosco Kalis Mar 16 '20 at 12:04

Etherscan: How can I verify a contract with multiple imports deployed with Truffle?

Example

More info

3 Answers3

Linked