Using Foundry

Foundry is a smart contract development toolchain. Foundry manages your dependencies, compiles your project, runs tests, deploys, and lets you interact with the chain from the command line and via Solidity scripts.

Forge is a command-line tool that ships with Foundry. Forge tests, builds, and deploys your smart contracts. Forge supports contract verification out of the box (https://book.getfoundry.sh/reference/forge/forge-verify-contract)

Get Started

1) Install Foundry

https://book.getfoundry.sh/getting-started/installation

2) Create a project

To start a new project with Foundry, use forge init:

forge init foundry_verify_demo

Let's check out what forge generated for us:

cd foundry_verify_demo
tree . -d -L 1
.
├── lib
├── script
├── src
└── test

4 directorie

Config File

foundry.toml

[profile.default]
src = 'src'
out = 'out'
libs = ['lib']
solc = "0.8.13"
eth-rpc-url = "https://rpc-testnet.kcc.network"
optimizer = true
optimizer-runs = 10_000_000

# See more config options https://github.com/foundry-rs/foundry/tree/master/config

Deploying

Forge can deploy smart contracts to a given network with the forge create command.

Forge can deploy only one contract at a time.

To deploy a contract, you must provide a RPC URL (env: ETH_RPC_URL) and the private key of the account that will deploy the contract.

Deploy the MyContract to the network:

forge create --rpc-url <your_rpc_url> --private-key <your_private_key> src/MyContract.sol:MyContract
compiling...
success.
Deployer: 0xa735b3c25f...
Deployed to: 0x4054415432...
Transaction hash: 0x6b4e0ff93a...

Solidity files may contain multiple contracts. :MyContract above specifies which contract to deploy from the src/MyContract.sol file.

Use the --constructor-args flag to pass arguments to the constructor:

KCC Testnet Example

// SPDX-License-Identifier: UNLICENSED
pragma solidity ^0.8.13;

contract TestVerify {
    string public name;
    uint256 public number;

    constructor(
        string memory _name,
        uint256  _number
    )  {
        name=_name;
        number = _number;
    }

    function setNumber(uint256 newNumber) public {
        number = newNumber;
    }

    function increment() public {
        number++;
    }
}

Ddeploy the TestVerify to the KCC Testnet:

forge create \
    --rpc-url https://rpc-testnet.kcc.network/ \
    --constructor-args "counter-verify" 123 \
    --private-key <your_private_key> \
    src/TestVerify.sol:TestVerify \
    --constructor-args "" \
    --legacy

[⠢] Compiling...
No files changed, compilation skipped
Deployer: 0xC4E82486c745dF7Ff21498A32914558e255dfffa
Deployed to: 0x1E8e3E6d1a71a6267F199A5568f88A00aa4d10C4
Transaction hash: 0x66ca760f1532aacf383da0c747bddf3f81d1b6dec10846c9b45d3bded50446da

Additionally, we can tell Forge to verify our contract on Etherscan, Sourcify or Blockscout, if the network is supported, by passing --verify.

forge create \
    --rpc-url https://rpc-testnet.kcc.network/ \
    --constructor-args "counter-verify" 123 \
    --private-key <your_private_key> \
    src/TestVerify.sol:TestVerify \
    --verify \
    --verifier=blockscout \
    --verifier-url=https://scan-testnet.kcc.network/api \
    --legacy


[⠢] Compiling...
No files changed, compilation skipped
Deployer: 0xC4E82486c745dF7Ff21498A32914558e255dfffa
Deployed to: 0x713b499f4cD5E4f65CaD22B4245Cd38ece8285eD
Transaction hash: 0x3f07b8e249241254c051d19cd09f10561f36984a2509c5d1b576629490bb34fd
Starting contract verification...
Waiting for blockscout to detect contract deployment...
Start verifying contract `0x713b499f4cd5e4f65cad22b4245cd38ece8285ed` deployed on 322

Submitting verification for [src/TestVerify.sol:TestVerify] "0x713b499f4cD5E4f65CaD22B4245Cd38ece8285eD".
Submitted contract for verification:
        Response: `OK`
        GUID: `713b499f4cd5e4f65cad22b4245cd38ece8285ed642b8f33`
        URL:
        https://scan-testnet.kcc.network/apiaddress/0x713b499f4cd5e4f65cad22b4245cd38ece8285ed
Contract verification status:
Response: `OK`
Details: `Pending in queue`
Contract verification status:
Response: `OK`
Details: `Pass - Verified`
Contract successfully verified

Verifying a pre-existing contract

If you are verifying an already deployed contract, read on.

You can verify a contract on Etherscan, Sourcify or Blockscout with the forge verify-contract command.

You must provide:

  • the contract address

  • the contract name or the path to the contract <path>:<contractname>

Moreover, you may need to provide:

  • the constructor arguments in the ABI-encoded format, if there are any

  • compiler version used for build, with 8 hex digits from the commit version prefix (the commit will usually not be a nightly build). It is auto-detected if not specified.

  • the number of optimizations, if the Solidity optimizer was activated. It is auto-detected if not specified.

  • the chain ID

Let's say you want to verify TestVerify (see above). You set the number of optimizations to 1 million, compiled it with v0.8.13, and deployed it, as shown above, to the KCC Testnet (chain ID: 322). Note that --num-of-optimizations will default to 0 if not set on verification, while it defaults to 200 if not set on deployment, so make sure you pass --num-of-optimizations 200 if you left the default compilation settings.

Here's how to verify it:

forge verify-contract \
    --chain-id 322 \
    --num-of-optimizations 1000000 \
    --watch \
    --constructor-args $(cast abi-encode "constructor(string,uint256)" "counter-verify" 123) \
    --verifier=blockscout \
    --verifier-url=https://scan-testnet.kcc.network/api \
    --compiler-version v0.8.13+commit.abaa5c0e \
    0x1E8e3E6d1a71a6267F199A5568f88A00aa4d10C4 \
    src/TestVerify.sol:TestVerify

Submitting verification for [src/TestVerify.sol:TestVerify] "0x1E8e3E6d1a71a6267F199A5568f88A00aa4d10C4".
Submitted contract for verification:
        Response: `OK`
        GUID: `1e8e3e6d1a71a6267f199a5568f88a00aa4d10c4642b9477`
        URL:
        https://scan-testnet.kcc.network/apiaddress/0x1e8e3e6d1a71a6267f199a5568f88a00aa4d10c4
Contract verification status:
Response: `OK`
Details: `Pending in queue`
Contract verification status:
Response: `OK`
Details: `Pass - Verified`
Contract successfully verified

It is recommended to use the --watch flag along with verify-contract command in order to poll for the verification result.

If the --watch flag was not supplied, you can check the verification status with the forge verify-check command:

Tips:

  1. Setting the —verifier=blockscout flag allows you to not specify any Api key.

  2. While specifying --verifier-url flag omit the final slash (e.g., --verifier-url=https://scan-testnet.kcc.network/api). Otherwise, you will encounter an “Failed to deserialize response” error.

  3. You can specify most configuration options (e.g., evm version, disabling optimizations) via the usual Forge configuration (see https://github.com/foundry-rs/foundry/blob/master/config/README.md).

  4. Use Cast's abi-encode to ABI-encode arguments.

    In this example, we ran cast abi-encode "constructor(string,uint256)" "counter-verify" 123 to ABI-encode the arguments.

  5. KCC Mainnet Scan --verifier-url=https://scan.kcc.io/api

Troubleshooting

EIP-1559 not activated

EIP-1559 is not supported or not activated on the RPC server. Pass the --legacy flag to use legacy transactions instead of the EIP-1559 ones. If you do development in a local environment, you can use Hardhat instead of Ganache.

Compiler version commit for verify

If you want to check the exact commit you are running locally, try: ~/.svm/0.x.y/solc-0.x.y --version where x and y are major and minor version numbers respectively. The output of this will be something like:

solc, the solidity compiler commandline interface
Version: 0.8.12+commit.f00d7308.Darwin.appleclang

Note: You cannot just paste the entire string "0.8.12+commit.f00d7308.Darwin.appleclang" as the argument for the compiler-version. But you can use the 8 hex digits of the commit to look up exactly what you should copy and paste from compiler version.

PreviousUsing HardhatNextUsing Remix

Last updated