Everytime we deploy a contract on any public blockchain network (like Ethereum, RSK, etc.) and the contract is mined and accepted into the network, the bytecode of our contract becomes public and anyone with access to a node can read it.
Etherscan is without any doubts the most famous explorer of Ethereum network, in this explorer you can view the details of any deployed contract (in MainNet, and TestNet networks).
The following image shows a smart contract that was deployed on Ethereum network but it was not verified:
As you can see, we are able to view the bytecode of any deployed contract. But this bytecode is non easy to read and/or understand.
Verify smart contracts by providing source code to deployed contract. To do this, you have to follow this process:
1.- Click on the “Verify and Publish” link
2.- After clicking on verify and publish, you will see the following screen:
Here there are a few fields you will have to fill:
- Contract address: self explanatory and should come filled if you clicked “verify and publish” from the contract page
- Compiler Type: here you will have to specify if you want to upload a single or multiple files. The most easy and common way is try to create a single file with all the solidity code.
- Compiler version: specific compiler version you used to compile the contract
- License: which is the license associated with the source code of the smart contract
After you filled all the required fields click on “Continue”
3.- The next screen will allow us to upload the real source code of the smart contract with the optimization options (if there is any):
After you paste the source code of the smart contract and confirm the upload etherscan will take some seconds/minutes to process. Behind the scenes Etherscan will basically compile the source code uploaded using all the specified parameters, if the bytecode resulted by the compilation is exactly equals to the one deployed in the blockchain it will mark the smart contract as verified.
4.- If everything went fine you will see a confirmation page like this:
And finally if you go again to the contract page on Etherscan now the contract should be verified (a green tick next to the “contract” tab) which means that you not only see the bytecode but also you see a readable source code, as you can see in the following picture:
Why is this important?
Verifying your deployed smart contracts in Etherscan (or any other explorer) is a normal best practice. The reason to this is because this will allow any person that can read solidity code, to verify what your contract does. This will be a valuable or required aspect if you want to have more adoption to your contracts, because it will allow your users to validate your contract behaviour in an honest and correct manner.