Sourcify 🧑‍💻📝🔍 – 资源化💻📝🔍区块链毕设代写

区块链毕设代写本文提供国外最新区块链项目源码下载,包括solidity,eth,fabric等blockchain区块链,Sourcify 🧑‍💻📝🔍 – 资源化💻📝🔍区块链毕设代写 是一篇很好的国外资料

Sourcify 🧑‍💻📝🔍

Sourcify wants to help make contract interactions on the blockchain safer and more transparent for users.

To achieve this goal, Sourcify supports several efforts to foster adoption of open-source source file verification, metadata files and NatSpec comments.

At its core, Sourcify currently maintains

  • an interface that helps developers to verify metadata and contract source code. It is accessible via sourcify.dev.
  • a decentralized contract repository of all verified contracts, powered by IPFS, accessible via sourcify.dev and verificat.eth(soon to be transfered to sourcify.eth).
  • a monitoring & verifier service that checks for new contracts on Ethereum blockchains (mainnet and testnets) and tries to verify them automatically.
  • the Sourcify Remix plugin, including a verifier and contract fetcher functionality.

Sourcify aims to provide a base layer allowing other tools build on top of it. Its main purpose is to keep metadata and source files available via IPFS and Swarm (preventing that the links in the bytecode turn into dead links).

Besides the technical infrastructure, Sourcify is also a collective initiative to bring transparency and awareness to the space. We want to educate and build bridges between development tools, wallets, interfaces and other components which all play an important role in demystifying interaction with smart contracts for the end user and hence making blockchain interactions safer.

This repository only contains the main components, i.e. the Sourcify monitoring & verifier service and the verification UI. The Sourcify Github organization contains all other auxiliary services and components.

Have questions or improvement ideas?

💬 Chat with us on Gitter.

🌐 Follow us and help us spread the word on Twitter.

The Basic Concept

Sourcify verifies that Ethereum bytecode was compiled from a certain Solidity source code and maintains a public repository of contract metadata.

The repository indexes metadata with IPFS or Swarm hashes which the solc compiler embeds in contract bytecode. By fetching code on-chain and extracting this hash, it is possible to obtain related metadata from Sourcify’s records.

Read more about Sourcify in the FAQ. Information on metadata can be found in Solidity documentation.

Install

$ npm install $ git submodule update --init 

The Technical Details

As mentioned above, Sourcify has several components:

  • a “monitoring & verifier service” which watches public Ethereum networks for contract deployments and tries to associate them with sources and metadata published to Swarm or IPFS. It currently watches:

    • mainnet
    • ropsten
    • rinkeby
    • kovan
    • goerli
  • a website which allows you to submit sources and metadata for a specific contract address manually

    • https://verification.komputing.org/ (Stable)
    • https://verificationstaging.komputing.org/ (Unstable)
  • a public metadata repository that contains uploaded (or discovered) metadata and their sources:

    • https://contractrepo.komputing.org/ (Stable)
    • https://contractrepostaging.komputing.org/ (Unstable)

Getting Metadata

Using solc directly on the commandline:

solc --metadata --metadata-literal <mySource.sol> 

or with JSON/IO

{   "settings": {     "metadata": { "useLiteralContent": true }   } } 

Using the Monitoring Service

If your Solidity code compiles with solc >= 0.6.0, all you need to do is to upload your contract metadata and sources to IPFS as part of your deployment process. The monitoring service will automatically add your files to the metadata repository when it sees your contract created on the network.

A simple example for Truffle projects can be found at cgewecke/metacoin-source-verify which contains a script to publish to IPFS directly from a Truffle compilation artifact.

Security Precautions

Please note that source code verification is only reliable if it is performed on the creation bytecode, i.e. the bytecode payload used when the contract was created. The deployed bytecode, i.e. the bytecode stored in the blockchain as code is not sufficient, because the constructor can still be different and set arbitrary storage entries.

Furthermore, if the constructor requires parameters, these have to be checked as well.

Also note that there can still be differences in the source code that are not visible in the bytecode. Variables can be renamed or unused code can be introduced. Since the bytecode contains a hash of the source code, such modifications have to be prepared at deploy time, but it is still a possibility.

Using the Repository

There is a repository which contains all the files that the monitoring service has found on the networks that are being watched.

The repository is accessible via this link.

The repository UI currently looks like this: Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

It offers the option to search, donwload or open folders.

For example to download:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

Or if you want to search something:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

The metadata inside is visible as raw, and can be downloaded like that:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

Alternatively, if you want to take a look at the contract in the browser, you can open it like this:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

Future Plans

  • cope with metadata that does not have in-place source code
  • automatically retrieve the metadata and the source code from SWARM or IPFS, so you only need to supply the metadata hash or bytecode
  • perform source verification given only an address instead of the bytecode or the metadata

Run inside docker

Prerequisites

Docker

Docker-compose

How to run

Prepare environment and start by running If you want to build images locally run: docker-compose -f geth.yaml -f ipfs.yaml -f localchain.yaml -f monitor.yaml -f repository.yaml -f s3.yaml -f server.yaml -f ui.yaml -f build-ipfs.yaml -f build-localchain.yaml -f build-monitor.yaml -f build-repository.yaml -f build-s3.yaml -f build-server.yaml -f build-ui.yaml build --parallel

If you just want to run it do: docker-compose -f ipfs.yaml -f localchain.yaml -f monitor.yaml -f repository.yaml -f s3.yaml -f server.yaml -f ui.yaml up -d (-d flag means that output won’t be printed in stdout)

Note: you don’t need to run all the services, just the ones you want.

How to run

Development

Launch

cp .env.testing .env docker-compose -f ipfs.yaml -f localchain.yaml -f monitor.yaml -f repository.yaml -f s3.yaml -f server.yaml -f ui.yaml up -d 

Other approach would be to run every service in docker except one that you are working on.

This will build the project in docker containers, launching the monitor and server. Verified sources and contract addresses will be stored in repository and db folders in your project root. The directories are created automatically if they don’t exist.

/ui/dist/index.html will be served to http://localhost:1234

UI

To help with manual UI testing, some contracts whose sources and metadata can be found in the test/sources/all folder are automatically deployed to a local ganache instance running on port 8545. Their contract addresses are deterministically generated at:

Contracts Addresses
Simple.sol 0x8168f192F7432C93FCb16e039B57FB890AaB3230
SimpleWithImport.sol 0x0Ef7de872C7110d6020fa5e62d7cD31Fd90FF811

Similar sources are also pre-deployed to Ropsten and can be found in the test/sources/ropsten folder:

Contracts Addresses
Simple.sol 0xEB6Cf7952c666F81f1a5678E80D4fC5Ce3a7bF0b
SimpleWithImport.sol 0x4668b709182F41837c4e06C8de1D3568df7778D9

Shutdown Stop the docker run with ctrl-c

Tests

Run tests with:

npm test 

test/sources contains contracts, compilation artifacts and metadata files which can be used for building test cases.

  • contracts/: Solidity files (browser tests)
  • metadata/: raw metadata files (browser tests)
  • pass/: compilation artifacts which should verify (unit tests)
  • fail/: compilation artifacts which should not verify (unit tests)
  • compiler.json: compiler config for generating more cases

Test sources are compiled with 0x’s sol-compiler. This lets you pick any compiler version or settings by modifying the compiler.json file as needed.

To generate more test data, go to the test/sources directory, add Solidity files to the contracts folder and run:

npx sol-compiler 

Compilation artifacts will be written to an artifacts folder.

We use optional third-party analytics cookies to understand how you use GitHub.com so we can build better products. Learn more.


基本概念

Sourcify希望帮助用户使区块链blockchain上的合同交互更安全、更透明。

为了实现这一目标,Sourcify支持多种努力,以促进开源源文件验证、元数据文件和NatSpec注释的采用。

在其核心,Sourcify目前维护着

  • 一个帮助开发人员验证元数据和合同源代码的接口。可通过资源开发.
  • 所有已验证合同的分散合同存储库,由IPFS提供支持,可通过资源开发以及验证eth(即将转入苏尔菲.eth).
  • 一种监控和验证服务,用于检查以太坊eth区块链blockchain(mainnet和testnets)上的新合同,并尝试自动验证它们。
  • Sourcify Remix插件,包括验证器和契约获取器功能。

Sourcify的目标是提供一个基础层,允许其他工具在此基础上构建。它的主要目的是通过IPFS和Swarm保持元数据和源文件可用(防止字节码中的链接变成死链接)。

除了技术基础设施,Sourcify也是一项集体行动,旨在为空间带来透明度和意识。我们希望在开发工具、钱包、接口和其他组件之间建立桥梁,这些组件在为最终用户消除与智能合约交互的神秘性,从而使区块链blockchain交互更安全方面发挥重要作用。

此存储库仅包含主要组件,即Sourcify monitoring&verifier服务和verification UI。Sourcify Github组织包含所有其他辅助服务和组件。

有问题或改进意见?

💬 在Gitter上和我们聊天。

🌐 关注我们,帮助我们在Twitter上传播信息。

使用监控服务获取元数据

Sourcify验证以太坊eth字节码是否从某个可靠的源代码编译而来,并维护合同元数据的公共存储库。

存储库使用IPFS或Swarm散列索引元数据,solc编译器将这些散列嵌入合同字节码中。通过获取链上的代码并提取这个散列,就可以从Sourcify的记录中获取相关的元数据。

在常见问题解答中了解更多有关Sourcify的信息。有关元数据的信息可以在Solidity文档中找到。

使用存储库

$ npm install $ git submodule update --init 

未来计划

如上所述,Sourcify有几个组件:

  • 一种“监视和验证服务”,用于监视公共以太坊eth网络的合同部署,并尝试将它们与发布到Swarm或IPFS的源和元数据相关联。它目前正在监视:mainnet ropsten rinkeby kovan goerli
  • https://verification.komputing.org/(稳定)
  • https://contractrepo.komputing.org/(稳定)

在docker内部运行

直接在命令行上使用solc:

solc --metadata --metadata-literal <mySource.sol> 

或使用JSON/IO

{   "settings": {     "metadata": { "useLiteralContent": true }   } } 

先决条件

使用solc&gt;=0.6.0进行编译,只需将合同元数据和源文件作为部署过程的一部分上载到IPFS。当监视服务看到您的合同在网络上创建时,它会自动将您的文件添加到元数据存储库中。

可以在cgewecke/metacoin source verify找到一个简单的Truffle项目示例,其中包含一个脚本,可以直接从Truffle编译工件发布到IPFS。

如何运行

请注意,源代码验证只有在创建字节码(即创建契约时使用的字节码有效载荷)上执行时才是可靠的。部署的字节码,即作为代码存储在区块链blockchain中的字节码是不够的,因为构造器仍然可以是不同的,并且可以设置任意的存储条目。

此外,如果构造函数需要参数,也必须检查这些参数。

还请注意,源代码中仍可能存在字节码中不可见的差异。可以重命名变量或引入未使用的代码。由于字节码包含源代码的哈希值,因此必须在部署时准备好这样的修改,但仍然有可能。

如何运行

有一个存储库,其中包含监视服务在正在监视的网络上找到的所有文件。

可通过此链接访问存储库。

存储库UI当前如下所示:Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

它提供了搜索、加载或打开文件夹的选项。

例如下载:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

或者如果您想搜索某些内容:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

其中的元数据是原始的,可以这样下载:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

或者,如果您想在浏览器中查看合同,您可以这样打开它:

Sourcify 🧑‍💻📝🔍 - 资源化💻📝🔍

开发

  • 自动从SWARM或IPFS检索元数据和源代码,因此需要提供元数据哈希或字节码
  • 只对给定地址而不是字节码或元数据执行源代码验证
  • contracts/:Solidity files(浏览器测试)

测试

基本cookies

Docker

Docker compose

始终活动的

分析cookies
  • 一个帮助开发人员验证元数据和合同源代码的接口。可通过资源开发.
  • 所有已验证合同的分散合同存储库,由IPFS提供支持,可通过资源开发以及验证eth(即将转入苏尔菲.eth).
  • 一种监控和验证服务,用于检查以太坊eth区块链blockchain(mainnet和testnets)上的新合同,并尝试自动验证它们。
  • Sourcify Remix插件,包括验证器和契约获取器功能。
  • 一种“监视和验证服务”,用于监视公共以太坊eth网络的合同部署,并尝试将它们与发布到Swarm或IPFS的源和元数据相关联。它目前正在监视:mainnet ropsten rinkeby kovan goerli
  • mainnet
  • rinkeby
  • kovan
  • goerli
  • 一个允许您手动提交特定合同地址的源和元数据的网站https://verification.komputing.org/(稳定)https://verificationstaging.komputing.org/(不稳定)
  • https://verification.komputing.org/(稳定)
  • https://verificationstaging.komputing.org/(不稳定)
  • 包含上载(或发现的)元数据及其源的公共元数据存储库:https://contractrepo.komputing.org/(稳定)https://contractrepostaging.komputing.org/(不稳定)
  • https://contractrepo.komputing.org/(稳定)
  • https://contractrepostaging.komputing.org/(不稳定)
  • 处理没有适当源代码的元数据
  • 自动从SWARM或IPFS检索元数据和源代码,因此需要提供元数据哈希或字节码
  • 只对给定地址而不是字节码或元数据执行源代码验证
  • contracts/:Solidity files(浏览器测试)
  • metadata/:原始元数据文件(浏览器测试)
  • pass/:应验证的编译工件(单元测试)
  • fail/:不应验证的编译工件(单元测试)
  • 编译器.json:用于生成更多事例的编译器配置
  • 简单。所以

    准备环境并开始运行,如果您想在本地构建映像运行:Docker compose-f盖斯.亚姆-fipfs.yaml公司-f本地链.yaml-f监视器.yaml-f存储库.yaml-f s3.yaml-f服务器.yaml-f山药-f构建-ipfs.yaml公司-f建造-本地链.yaml-f构建-监视器.yaml-f构建-存储库.yaml-f构建-s3.yaml-f构建-服务器.yaml-f构建-山药build—parallel

    如果您只想运行它,请执行以下操作:docker compose-fipfs.yaml公司-f本地链.yaml-f监视器.yaml-f存储库.yaml-f s3.yaml-f服务器.yaml-f山药up-d(-d标志表示输出不会打印在stdout中)

    注意:您不需要运行所有服务,只需要运行您想要的服务。

    分析cookies
  • 一个帮助开发人员验证元数据和合同源代码的接口。可通过资源开发.
  • 所有已验证合同的分散合同存储库,由IPFS提供支持,可通过资源开发以及验证eth(即将转入苏尔菲.eth).
  • 一种监控和验证服务,用于检查以太坊eth区块链blockchain(mainnet和testnets)上的新合同,并尝试自动验证它们。
  • Sourcify Remix插件,包括验证器和契约获取器功能。
  • 一种“监视和验证服务”,用于监视公共以太坊eth网络的合同部署,并尝试将它们与发布到Swarm或IPFS的源和元数据相关联。它目前正在监视:mainnet ropsten rinkeby kovan goerli
  • mainnet
  • rinkeby
  • kovan
  • goerli
  • 一个允许您手动提交特定合同地址的源和元数据的网站https://verification.komputing.org/(稳定)https://verificationstaging.komputing.org/(不稳定)
  • https://verification.komputing.org/(稳定)
  • https://verificationstaging.komputing.org/(不稳定)
  • 包含上载(或发现的)元数据及其源的公共元数据存储库:https://contractrepo.komputing.org/(稳定)https://contractrepostaging.komputing.org/(不稳定)
  • https://contractrepo.komputing.org/(稳定)
  • https://contractrepostaging.komputing.org/(不稳定)
  • 处理没有适当源代码的元数据
  • 自动从SWARM或IPFS检索元数据和源代码,因此需要提供元数据哈希或字节码
  • 只对给定地址而不是字节码或元数据执行源代码验证
  • contracts/:Solidity files(浏览器测试)
  • metadata/:原始元数据文件(浏览器测试)
  • pass/:应验证的编译工件(单元测试)
  • fail/:不应验证的编译工件(单元测试)
  • 编译器.json:用于生成更多事例的编译器配置
  • 简单。所以

    分析cookies

    启动

    cp .env.testing .env docker-compose -f ipfs.yaml -f localchain.yaml -f monitor.yaml -f repository.yaml -f s3.yaml -f server.yaml -f ui.yaml up -d 

    另一种方法是在docker中运行除您正在处理的服务之外的所有服务。

    这将在docker容器中构建项目,启动监视器和服务器。已验证的源和合同地址将存储在项目根目录下的repository和db文件夹中。如果目录不存在,则会自动创建这些目录。

    /ui/距离/索引.html将被送达http://localhost:1234

    UI

    为了帮助手动进行UI测试,可以在test/sources/all文件夹中找到其源和元数据的某些协定会自动部署到运行在端口8545上的本地ganache实例。它们的合同地址确定地生成在:

    Contracts Addresses
    简单。所以 0x8168f192F7432C93FCb16e039B57FB890AaB3230
    SimpleWithImport.sol 0x0Ef7de872C7110d6020fa5e62d7cD31Fd90FF811

    类似的源也预先部署到Ropsten,可以在test/sources/Ropsten文件夹中找到:

    Contracts Addresses
    Simple.sol 0xEB6Cf7952c666F81f1a5678E80D4fC5Ce3a7bF0b
    SimpleWithImport.sol 0x4668b709182F41837c4e06C8de1D3568df7778D9

    Shutdown使用ctrl-c停止docker运行

    Tests

    运行测试:

    npm test 

    测试/源包含契约,可用于构建测试用例的编译构件和元数据文件。

    • metadata/:原始元数据文件(浏览器测试)
    • pass/:应验证的编译工件(单元测试)
    • fail/:不应验证的编译工件(单元测试)
    • 编译器.json:用于生成更多事例的编译器配置
    • compiler.json: compiler config for generating more cases

    测试源是用0x的sol编译器编译的。这使您可以通过修改编译器.json根据需要归档。

    要生成更多的测试数据,请转到test/sources目录,将Solidity文件添加到contracts文件夹并运行:

    npx sol-compiler 

    编译工件将写入工件文件夹。

    我们使用可选的第三方分析cookies来了解您如何使用GitHub.com网站所以我们可以制造更好的产品。了解更多。

    部分转自网络,侵权联系删除区块链源码网

    www.interchains.cc

    https://www.interchains.cc/18185.html

    区块链毕设网(www.interchains.cc)全网最靠谱的原创区块链毕设代做网站 部分资料来自网络,侵权联系删除! 最全最大的区块链源码站 !
    区块链知识分享网, 以太坊dapp资源网, 区块链教程, fabric教程下载, 区块链书籍下载, 区块链资料下载, 区块链视频教程下载, 区块链基础教程, 区块链入门教程, 区块链资源 » Sourcify 🧑‍💻📝🔍 – 资源化💻📝🔍区块链毕设代写

    提供最优质的资源集合

    立即查看 了解详情