Smart contracts are represented as bytecode in the EVM. You get a brief intro to bytecode in this article.
The goal of “verifying deployed code” is to confirm that the source code in the GitHub pull request for a BIP is actually the same code that was deployed on-chain.
- The deployed code can be viewed on Etherscan (or by calling a trusted RPC locally via CLI).
- The source code can be viewed on the GitHub site or by pulling the GitHub repository locally (always double you check you are on the correct branch).
- Follow — after runningHow to Setup Environment
npx hardhat compile, a
artifactsdirectory will be created in the
- Double check that you are on the correct branch listed in the .BIP Runbooks
- Navigate to
- For each facet being added or changed (and
_initaddress if applicable—these will be in the
init/directory), do the following:
- Navigate to the corresponding Beanstalk module (like
XFacet.solfile should have a corresponding
- At the bottom of each JSON file, find the corresponding bytecode under the
bytecodekey (second to the bottom).
- Open a site like https://www.diffchecker.com/text-compare/ and copy the local bytecode into the first field.
- Fetch the on-chain bytecode for the respective facet address—this can be done via CLI or by visiting the Contract tab on Etherscan and scrolling down. At the bottom, you can see the on-chain bytecode for the given contract in the Contract Creation Code field.
- Copy this on-chain bytecode into the second field on Diffchecker.
- Note that you may have to prepend this bytecode with
- Click “Find Difference” on Diffchecker. If they are identical then the source code on GitHub matches the on-chain deployed bytecode. Repeat for each facet being added or changed in the BIP.