Retry mechanism for verification in multiple explorers

[0xLaz3r]

Enhanced Contract Verification with Retry Mechanisms and Multi-Explorer Support

🎯 Summary

Enhances scripts/verify.py to eliminate single points of failure when verifying Sky Protocol spells. Adds robust retry mechanisms and support for multiple block explorers (Etherscan + Sourcify) with automatic fallback.

🔧 Key Changes

Retry Mechanisms

• Exponential backoff with jitter for all API calls and subprocess operations
• Configurable retry parameters: 3 attempts, 2s base delay, 60s max delay
• Smart error handling with detailed logging

Multi-Explorer Support

• Etherscan: Primary verifier (requires API key)
• Sourcify: Backup verifier (no API key required)
• Automatic fallback: If one fails, tries the next

Enhanced Error Handling

• Graceful degradation when verifiers are unavailable
• Comprehensive logging of all attempts and failures
• Better error messages with clear failure reasons

📝 Files Changed

• scripts/verify.py - Enhanced with retry mechanisms and multi-verifier support
• scripts/verification/README.md - Updated documentation
• scripts/verification/test_retry.py - Simple test for the retry mechanism

⚙️ Usage (Unchanged)

make verify addr=0x1234567890123456789012345678901234567890

✅ Benefits

1. Reliability: Multiple verifiers eliminate single points of failure
2. Resilience: Handles temporary network issues gracefully
3. Transparency: Detailed logging shows exactly what's happening
4. Compatibility: Existing workflows work unchanged

🧪 Testing

• ✅ Python syntax validation
• ✅ Retry mechanism verification
• ✅ Argument validation
• ✅ Environment variable validation

🎯 Addresses Requirements

• ✅ Verify on at least 2 block explorers
• ✅ Proper retry mechanisms with sane defaults
• ✅ Maintain existing Makefile command
• ✅ Eliminate single point of failure

No breaking changes - pure enhancement with full backward compatibility.

[DaiFoundation-DevOps]

All committers have signed the CLA.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[amusingaxl]

Hey there, I left some comments and suggestions.

[0xBasset]

seems like this is unused

[0xBasset]

This also seems unused

[0xBasset]

random, MagicMock, Tuple, Callable, DEFAULT_MAX_RETRIES e DEFAULT_BASE_DELAY all seem unused

[0xBasset]

Should this hardcoded value be here? Isn't it also set somewhere else?

[amusingaxl]

LGTM

[amusingaxl]

Left some suggestions.

[0xBasset]

Json, Dict and Any seems to be unused.

[0xBasset]

The test name needs updating here.

[SidestreamBurningBanana]

Since library is present in foundry.toml, can we get rid of all library parsing/passing inside the scripts?

[amusingaxl]

Agreed

[SidestreamBurningBanana]

Awareness question - would hardcoding 1 allow for verification against Tenderly Testnets?
https://docs.tenderly.co/virtual-testnets/smart-contract-frameworks/foundry#verify-existing-contracts

From my understanding, testnets created from Mainnet will report chain ID of 1, so verify.py should work with them

[amusingaxl]

Yeah, as long as we don't change the chain ID for Tenderly Virtual Testnets, it's fine.
I don't think we have a use case to change it regardless.

[SidestreamBurningBanana]

Question - why do ETH_GAS_PRICE and ETH_PRIO_FEE need to be set?

[amusingaxl]

There was a bug in cast call that caused it to fail to execute if the sender didn't have enough gas to fund the call, even though it's supposed to be a read-only function.
Usually this command is executed in the same shell that executed the deployment, so those variables would most likely be set.
Not sure if they fixed it, but explicitly setting the gas price and the prio fee to zero was the workaround.

[SidestreamBurningBanana]

Question - does it ever make sense to continue with verification when no libraries are present?

[SidestreamBurningBanana]

1. Question - what role does this index file play?

2. Please adjust Makefile to a correct file since currently Make cannot find ./scripts/verify.py

[SidestreamBurningBanana]

As mentioned in the other place, I believe that libraries should be handled by forge itself, and not parsed/provided to it

[amusingaxl]

Agreed.

[SidestreamBurningBanana]

nit: this can check against a regular expression which is safer for address detection since it also checks hex-format

[amusingaxl]

I don't think this check is necessary.
If it's not a valid address, it will fail anyway.
This is more a guard against forgetting to set the address, or setting it so something different because of bad copy-pasta.

[SidestreamBurningBanana]

Could you please check for the presence of a bug caused by the presence of a non-empty ETHERSCAN_API_KEY environment variable which causes Forge to always verify against etherscan even when other verifier has been specified.

This only happens when:

• ETHERSCAN_API_KEY was set to a non-empty value;
• --verifier sourcify.

This combination causes forge to never verify on Sourcify.

It is caused by this line which doesn't use sourcify when ETHERSCAN_API_KEY is there.

[amusingaxl]

Spells are not supposed to have constructor args. We can safely remove this.

[amusingaxl]

Left some notes.

[amusingaxl]

The CLI no longer accepts constructor args, as we're relying on foundry.toml. Please update the README do reflect that.

[amusingaxl]

Constructor args are not supported anymore.

Suggested change

	python -m scripts.verification.verify DssSpell 0xYourSpellAddress [constructorArgs]
	python -m scripts.verification.verify DssSpell 0x{spell_address}

[amusingaxl]

Unused

Suggested change

import re

[amusingaxl]

Both unused in this file:

Suggested change

	# Constants
	SOURCE_FILE_PATH = "src/DssSpell.sol"
	LIBRARY_NAME = "DssExecLib"

[amusingaxl]

Probably it's best to inject both chain_id and etherscan_api_key as parameters than to fetch them locally

Suggested change

	def verify_contract_with_verifiers(
	def verify_contract_with_verifiers(
	contract_name: str,
	contract_address: str,
	chain_id: str,
	etherscan_api_key: str,
	) -> bool:

[amusingaxl]

Suggested change

	spell_name, spell_address = parse_command_line_args()
	spell_name, spell_address = parse_command_line_args()
	chain_id = get_chain_id()
	etherscan_api_key = os.environ.get("ETHERSCAN_API_KEY", "")

[amusingaxl]

Suggested change

	spell_success = verify_contract_with_verifiers(
	spell_success = verify_contract_with_verifiers(
	contract_name=spell_name,
	contract_address=spell_address,
	chain_id=chain_id,
	etherscan_api_key=etherscan_api_key,
	)

[amusingaxl]

Suggested change

	action_success = verify_contract_with_verifiers(
	action_success = verify_contract_with_verifiers(
	contract_name="DssSpellAction",
	contract_address=action_address,
	chain_id=chain_id,
	etherscan_api_key=etherscan_api_key,
	)

[amusingaxl]

This function has one too many levels of abstraction going on.
Parsing environment variables and getting their default values shouldn't be part of its responsibilities.
You most likely want to inject those already parsed into the function as parameters and let the top level call deal with those.

[amusingaxl]

Needs to resolve the conflict.