blockscout
blockscout copied to clipboard
blockscout
200 status code returned from verify contract when verification failed
Describe your issue here. 200 status code is returned from the verify contract api response when an incorrect compilerVersion is passed as an argument. It would be better if the response status code returned a non 2XX code when the verification fails, so that it is not necessary to parse the response message to check if the verification succeeded.
Environment
- Elixir & Erlang/OTP versions (
elixir -version): Elixir 1.12.2 (compiled with Erlang/OTP 24) - Operating System: Ubuntu 22.04 LTS
- Blockscout Version/branch: v4.0.0-beta
Steps to reproduce
Deploy the Multicall contract to a local Ethereum chain using hardhat with the solc v0.6.11 compiler.
Call POST ${explorerUrl}/api?module=contract&action=verify with the following application/json payload:
{
name: "Multicall",
compilerVersion: "v0.5.0+commit.7338295f",
optimization: true,
sourceCode: "/**\n *Submitted for verification at Etherscan.io on 2019-06-10\n */\n\npragma solidity >=0.5.0;\npragma experimental ABIEncoderV2;\n\n/// @title Multicall - Aggregate results from multiple read-only function calls\n/// @author Michael Elliot <[email protected]>\n/// @author Joshua Levine <[email protected]>\n/// @author Nick Johnson <[email protected]>\n\ncontract Multicall {\n struct Call {\n address target;\n bytes callData;\n }\n\n function aggregate(Call[] memory calls) public returns (uint256 blockNumber, bytes[] memory returnData) {\n blockNumber = block.number;\n returnData = new bytes[](calls.length);\n for (uint256 i = 0; i < calls.length; i++) {\n (bool success, bytes memory ret) = calls[i].target.call(calls[i].callData);\n require(success);\n returnData[i] = ret;\n }\n }\n\n // Helper functions\n function getEthBalance(address addr) public view returns (uint256 balance) {\n balance = addr.balance;\n }\n\n function getBlockHash(uint256 blockNumber) public view returns (bytes32 blockHash) {\n blockHash = blockhash(blockNumber);\n }\n\n function getLastBlockHash() public view returns (bytes32 blockHash) {\n blockHash = blockhash(block.number - 1);\n }\n\n function getCurrentBlockTimestamp() public view returns (uint256 timestamp) {\n timestamp = block.timestamp;\n }\n\n function getCurrentBlockDifficulty() public view returns (uint256 difficulty) {\n difficulty = block.difficulty;\n }\n\n function getCurrentBlockGasLimit() public view returns (uint256 gaslimit) {\n gaslimit = block.gaslimit;\n }\n\n function getCurrentBlockCoinbase() public view returns (address coinbase) {\n coinbase = block.coinbase;\n }\n}\n",
detectCtorArgs: false,
optimizationRuns: 200,
libraries: [],
}
Note the declared compiler version is invalid: it does not match the actual compiler used to deploy the Multicall contract and the commit hash is wrong.
Expected behaviour
API should return non-2XX status code when verification fails.
Actual behaviour
API returns 200 OK with following body:
{
message: 'Something went wrong while publishing the contract.'
result: null,
status: '0'
}
@matthewherman2
200 status code is returned from the verify contract api response when an incorrect compilerVersion is passed as an argument.
I can agree that we could change 200 status code to 400 bad input in case of wrong compiler version because this is validated before compilation - verification, on the stage of extraction of compiler version from metadata hash.
However, I would argue, that we should change 200 HTTP status codes in other cases of a failed verification. In the current architecture, 2XX code means that verification has been completed whatever the status of verification is. And the result of business logic is inside of the message and status properties of response json.
Could you be more specific about which HTTP status codes you and why would you suggest in different cases of failed verification?
facing the same error. when I went through the logs i found the following:
Sep 24 07:28:28 ip-172-31-22-179 mix[98572]: 2022-09-24T07:28:28.165 application=plug request_id=Fxe7SK3cwzZu-HUABIJD [info] POST /api
Sep 24 07:28:28 ip-172-31-22-179 mix[98572]: 2022-09-24T07:28:28.166 application=explorer request_id=Fxe7SK3cwzZu-HUABIJD [error] Error while verifying smart-contract address: 0x65ec06aF7b8A6cBa7E7226e70dd2eBd117b823Cd, params: %{"address_hash" => "0x65ec06aF7b8A6cBa7E7226e70dd2eBd117b823Cd", "compiler_version" => "v0.8.4 commit.c7e474f2", "contract_source_code" => "pragma solidity >=0.7.0 <0.9.0;contract Storage {uint256 number;function store(uint256 num) public {number = num;}function retrieve() public view returns (uint256){return number;}}", "external_libraries" => %{}, "name" => "Storage", "optimization" => "true", "optimization_runs" => 200}: ** (MatchError) no match of right hand side value: ["v0.8.4 commit.c7e474f2"]
Sep 24 07:28:28 ip-172-31-22-179 mix[98572]: 2022-09-24T07:28:28.175 application=block_scout_web request_id=Fxe7SK3cwzZu-HUABIJD [error] Something went wrong while publishing the contract: #Ecto.Changeset<action: :insert, changes: %{address_hash: %Explorer.Chain.Hash{byte_count: 20, bytes: <<101, 236, 6, 175, 123, 138, 108, 186, 126, 114, 38, 231, 13, 210, 235, 209, 23, 184, 35, 205>>}, compiler_version: "v0.8.4 commit.c7e474f2", contract_code_md5: "d40b469c44220cfa79766e9b9280da53", contract_source_code: "pragma solidity >=0.7.0 <0.9.0;contract Storage {uint256 number;function store(uint256 num) public {number = num;}function retrieve() public view returns (uint256){return number;}}", is_vyper_contract: false, name: "Storage", optimization: true, optimization_runs: 200}, errors: [contract_source_code: {"There was an error validating your contract, please try again.", []}], data: #Explorer.Chain.SmartContract<>, valid?: false>
Sep 24 07:28:28 ip-172-31-22-179 mix[98572]: 2022-09-24T07:28:28.175 application=plug request_id=Fxe7SK3cwzZu-HUABIJD [info] Sent 200 in 9ms
summary of logs
** (MatchError) no match of right hand side value: ["v0.8.4 commit.c7e474f2"]
Question
- what does this error mean?
- in the request im setting param as
compilerVersion=v0.8.4+commit.c7e474f2. why is the+being removed?
I am closing the original issue since no response from the author. @jessepinkman9900 if you still experience issue, you mentioned above, with the latest Rust smart contract verifier https://github.com/blockscout/blockscout-rs/tree/main/smart-contract-verifier, please open a new GH issue.