Contract code verification
The team has verified the contracts on Etherscan.
They also published a tool to verify that the contracts on Etherscan match the ones on GitHub. But I don’t trust no tool and carried out the verification manually.
Manual verification
Upgrade contract
This is the upgrade contract from the proposal payload: https://etherscan.io/address/0x9a0b5d3101d111EA0edD573d45ef2208CC97984a#code
The name of the contract is RocketUpgradeOneDotTwo.
There are many Solidity files on the page but I searched for the main one which is RocketUpgradeOneDotTwo.sol.
I copy & pasted the code into a file called RocketUpgradeOneDotTwo.sol.etherscan and manually removed the banner/preamble from the header. It’s only on Etherscan and not on GitHub.
The way contract verification works on Etherscan is that the team uploads the source code of contracts and tells Etherscan which compiler version and settings were used. Etherscan compiles the contract and verifies that the compilation result matches the contract code on Ethereum. I have not verified this myself but trust that Etherscan has done it truthfully. Note that Etherscan is an Oracle DAO member.
I then went to GitHub and looked at the latest commit on the master branch. It’s 4c19daf.
This is the file on GitHub at 4c19daf: RocketUpgradeOneDotTwo.sol
I copy & pasted the contents of the file to RocketUpgradeOneDotTwo.sol.
I then compared the hashsum of these files:
$ sha1sum RocketUpgradeOneDotTwo.sol*
1f873b5fa22def16ded7e027b3de0d69f9f0cfdb RocketUpgradeOneDotTwo.sol
1f873b5fa22def16ded7e027b3de0d69f9f0cfdb RocketUpgradeOneDotTwo.sol.etherscan
They match. The source code of the contract on Etherscan matches what’s on GitHub in the v1.2 and master branches at commit 4c19daf.
Other upgraded contracts
The upgrade contract is not locked yet so it could still be changed. However, it will be easy to see what will be changed later.
I switched to the Read Contract tab and looked at all the new contract addresses.
I did not verify the ABIs because they are not used in the Rocket Pool protocol. They are used by the official JavaScript library to fetch the ABIs from the chain instead of bundling them.
Like I did before, I copy & pasted the code from each contract to a file called RocketXXX.sol.etherscan and then created a corresponding one from the GitHub repo called RocketXXX.sol.
Contracts & addresses
- RocketDAONodeTrustedSettingsMinipool 0xE535fA45e12d748393C117C6D8EEBe1a7D124d95 rocketpool/RocketDAONodeTrustedSettingsMinipool.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketDAOProtocolSettingsDeposit 0xac2245BE4C2C1E9752499Bcd34861B761d62fC27 rocketpool/RocketDAOProtocolSettingsDeposit.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketDAOProtocolSettingsMinipool 0x42d4e4B59220dA435A0bd6b5892B90fF50e1D8D4 rocketpool/RocketDAOProtocolSettingsMinipool.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketDAOProtocolSettingsNode 0x17Cf2c5d69E4F222bcaDD86d210FE9dc8BadA60B rocketpool/RocketDAOProtocolSettingsNode.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketDepositPool 0xDD3f50F8A6CafbE9b31a427582963f465E745AF8 rocketpool/RocketDepositPool.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolDelegate 0xA347C391bc8f740CAbA37672157c8aAcD08Ac567 rocketpool/RocketMinipoolDelegate.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolFactory 0x7B8c48256CaF462670f84c7e849cab216922B8D3 rocketpool/RocketMinipoolFactory.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolManager 0x6d010C43d4e96D74C422f2e27370AF48711B49bF rocketpool/RocketMinipoolManager.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolQueue 0x9e966733e3E9BFA56aF95f762921859417cF6FaA rocketpool/RocketMinipoolQueue.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNetworkBalances 0x07FCaBCbe4ff0d80c2b1eb42855C0131b6cba2F4 rocketpool/RocketNetworkBalances.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNetworkFees 0xf824e2d69dc7e7c073162C2bdE87dA4746d27a0f rocketpool/RocketNetworkFees.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNetworkPrices 0x751826b107672360b764327631cC5764515fFC37 rocketpool/RocketNetworkPrices.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNodeDeposit 0x2FB42FfE2d7dF8381853e96304300c6a5E846905 rocketpool/RocketNodeDeposit.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNodeDistributorDelegate 0x32778D6bf5b93B89177D328556EeeB35c09f472b rocketpool/RocketNodeDistributorDelegate.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNodeManager 0x89F478E6Cc24f052103628f36598D4C14Da3D287 rocketpool/RocketNodeManager.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketNodeStaking 0x0d8D8f8541B12A0e1194B7CC4b6D954b90AB82ec rocketpool/RocketNodeStaking.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketRewardsPool 0xA805d68b61956BC92d556F2bE6d18747adAeEe82 rocketpool/RocketRewardsPool.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolBase 0x560656C8947564363497E9C78A8BDEff8d3EFF33 rocketpool/RocketMinipoolBase.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
- RocketMinipoolBondReducer 0xf7aB34C74c02407ed653Ac9128731947187575C0 rocketpool/RocketMinipoolBondReducer.sol at 4c19daf911d68ac93d60a5357a94d68b52d59c21 · rocket-pool/rocketpool · GitHub
Results
$ sha1sum *.sol*
a4876b026c0e03777e1121616856b57a0fe20f0c RocketDAONodeTrustedSettingsMinipool.sol
a4876b026c0e03777e1121616856b57a0fe20f0c RocketDAONodeTrustedSettingsMinipool.sol.etherscan
05ef6bb54e501a6bdd3718a387d92fd6e0ca570a RocketDAOProtocolSettingsDeposit.sol
05ef6bb54e501a6bdd3718a387d92fd6e0ca570a RocketDAOProtocolSettingsDeposit.sol.etherscan
8fc31c1f80bc242523a19871b2d1e8d48c02a05d RocketDAOProtocolSettingsMinipool.sol
8fc31c1f80bc242523a19871b2d1e8d48c02a05d RocketDAOProtocolSettingsMinipool.sol.etherscan
63e6ead093f6801361bb30433cda500b4d533abf RocketDAOProtocolSettingsNode.sol
63e6ead093f6801361bb30433cda500b4d533abf RocketDAOProtocolSettingsNode.sol.etherscan
6d35d66760a39c8a682724ba004c03a3ee174b5c RocketDepositPool.sol
6d35d66760a39c8a682724ba004c03a3ee174b5c RocketDepositPool.sol.etherscan
38ca25f28886270a260e5c6c8077cad32733d10e RocketMinipoolBase.sol
38ca25f28886270a260e5c6c8077cad32733d10e RocketMinipoolBase.sol.etherscan
bca00fd14d453538d7a563d0aca7d252b272bd30 RocketMinipoolBondReducer.sol
bca00fd14d453538d7a563d0aca7d252b272bd30 RocketMinipoolBondReducer.sol.etherscan
b90b08e191f30ac51da00bb0d8decbcbc06bf5e0 RocketMinipoolDelegate.sol
b90b08e191f30ac51da00bb0d8decbcbc06bf5e0 RocketMinipoolDelegate.sol.etherscan
a430381f817db187adb41e9b6759bac341eaf5be RocketMinipoolFactory.sol
a430381f817db187adb41e9b6759bac341eaf5be RocketMinipoolFactory.sol.etherscan
c037d34df2969d941d5857ea35d43d79e496a045 RocketMinipoolManager.sol
c037d34df2969d941d5857ea35d43d79e496a045 RocketMinipoolManager.sol.etherscan
2fa1e7d7e69703ae18759bf4afa82a674420c01b RocketMinipoolQueue.sol
2fa1e7d7e69703ae18759bf4afa82a674420c01b RocketMinipoolQueue.sol.etherscan
30c14d031e079313f1e048c044d68103309fe1d0 RocketNetworkBalances.sol
30c14d031e079313f1e048c044d68103309fe1d0 RocketNetworkBalances.sol.etherscan
cdf2a398e2ff8f6a55ec7efd5c6c316e34ae4966 RocketNetworkFees.sol
cdf2a398e2ff8f6a55ec7efd5c6c316e34ae4966 RocketNetworkFees.sol.etherscan
ddfbdfbdb7735f3fecf61ae9bf3805eb83d5fdc2 RocketNetworkPrices.sol
ddfbdfbdb7735f3fecf61ae9bf3805eb83d5fdc2 RocketNetworkPrices.sol.etherscan
6295e89d775f1d682fe96258375e1c3fd4b32614 RocketNodeDeposit.sol
6295e89d775f1d682fe96258375e1c3fd4b32614 RocketNodeDeposit.sol.etherscan
4819626b9a9473c6aea889bf23aed5d6e9372c0f RocketNodeDistributorDelegate.sol
4819626b9a9473c6aea889bf23aed5d6e9372c0f RocketNodeDistributorDelegate.sol.etherscan
eab58b9ee6c6bf65fa8e5549ae609f2c99af0c87 RocketNodeManager.sol
eab58b9ee6c6bf65fa8e5549ae609f2c99af0c87 RocketNodeManager.sol.etherscan
728d888adab88faaf28d43a75a60ed706f84b580 RocketNodeStaking.sol
728d888adab88faaf28d43a75a60ed706f84b580 RocketNodeStaking.sol.etherscan
51ae263b4e7c860f713924d78ccff34ffa1ac801 RocketRewardsPool.sol
51ae263b4e7c860f713924d78ccff34ffa1ac801 RocketRewardsPool.sol.etherscan
1f873b5fa22def16ded7e027b3de0d69f9f0cfdb RocketUpgradeOneDotTwo.sol
1f873b5fa22def16ded7e027b3de0d69f9f0cfdb RocketUpgradeOneDotTwo.sol.etherscan
I am happy to report that the contracts on Etherscan match the ones on GitHub.
Team’s verification tool
I also ran the team’s verification tool.
Instructions
$ git clone https://github.com/rocket-pool/verify-1.2.git
$ cd verify-1.2/
$ git log --oneline | head -n1
de5451d (HEAD -> master, origin/master, origin/HEAD) Add check that upgrade contract is locked
$ cp .env.example .env
$ cat .env
ETH_RPC=http://xxx
NETWORK=mainnet
ETHERSCAN_API_KEY=xxx
# change .gitmodules to clone over HTTPS not SSH
$ cat .gitmodules
[submodule "rocketpool"]
path = rocketpool
url = https://github.com/rocket-pool/rocketpool.git
$ git submodule sync
Here is the output:
$ ./verify.sh
Cloning into '/home/user/verify-1.2/rocketpool'...
Submodule path 'rocketpool': checked out '57199268b7aef00f261377136a82c6518e938531'
...
added 992 packages, and audited 993 packages in 15s
...
/home/user/verify-1.2
✔️Verified contract at 0x9a0b5d3101d111EA0edD573d45ef2208CC97984a matches RocketUpgradeOneDotTwo
✔️Verified contract at 0x2FB42FfE2d7dF8381853e96304300c6a5E846905 matches RocketNodeDeposit
✔️Verified contract at 0xA347C391bc8f740CAbA37672157c8aAcD08Ac567 matches RocketMinipoolDelegate
✔️Verified contract at 0x42d4e4B59220dA435A0bd6b5892B90fF50e1D8D4 matches RocketDAOProtocolSettingsMinipool
✔️Verified contract at 0x9e966733e3E9BFA56aF95f762921859417cF6FaA matches RocketMinipoolQueue
✔️Verified contract at 0xDD3f50F8A6CafbE9b31a427582963f465E745AF8 matches RocketDepositPool
✔️Verified contract at 0xac2245BE4C2C1E9752499Bcd34861B761d62fC27 matches RocketDAOProtocolSettingsDeposit
✔️Verified contract at 0x6d010C43d4e96D74C422f2e27370AF48711B49bF matches RocketMinipoolManager
✔️Verified contract at 0x0d8D8f8541B12A0e1194B7CC4b6D954b90AB82ec matches RocketNodeStaking
✔️Verified contract at 0x32778D6bf5b93B89177D328556EeeB35c09f472b matches RocketNodeDistributorDelegate
✔️Verified contract at 0x7B8c48256CaF462670f84c7e849cab216922B8D3 matches RocketMinipoolFactory
✔️Verified contract at 0xf824e2d69dc7e7c073162C2bdE87dA4746d27a0f matches RocketNetworkFees
✔️Verified contract at 0x751826b107672360b764327631cC5764515fFC37 matches RocketNetworkPrices
✔️Verified contract at 0x89F478E6Cc24f052103628f36598D4C14Da3D287 matches RocketNodeManager
✔️Verified contract at 0xE535fA45e12d748393C117C6D8EEBe1a7D124d95 matches RocketDAONodeTrustedSettingsMinipool
✔️Verified contract at 0x17Cf2c5d69E4F222bcaDD86d210FE9dc8BadA60B matches RocketDAOProtocolSettingsNode
✔️Verified contract at 0x07FCaBCbe4ff0d80c2b1eb42855C0131b6cba2F4 matches RocketNetworkBalances
✔️Verified contract at 0xA805d68b61956BC92d556F2bE6d18747adAeEe82 matches RocketRewardsPool
✔️Verified contract at 0x560656C8947564363497E9C78A8BDEff8d3EFF33 matches RocketMinipoolBase
✔️Verified contract at 0xf7aB34C74c02407ed653Ac9128731947187575C0 matches RocketMinipoolBondReducer
❌ Upgrade contract is not locked
Note that 5719926 was the last commit in the v1.2 branch and 4c19daf is the merge commit.
