Automatically verify L1 contracts on etherscan

[bitwiseguy]

Overview

Whenever L1 contracts are deployed or upgraded through op-deployer, the contracts should be verified on etherscan (for mainnet or sepolia) either automatically or via a single optional op-deployer command.

Since sharing an api key publicly could lead to someone abusing access, the user could pass their own as a cli argument to the op-deployer command:

op-deployer verify l1 --api-key=XXX

Information needed for api request. Compiler and optimization information should either be stored in the state.json file, or stored on as singleton metadata on the contracts tag that was used to deploy the L1 contracts:

POST https://api.etherscan.io/api
{
  "apikey":              apiKey,
  "module":              "contract",
  "action":              "verifysourcecode",
  "contractaddress":     "0xXXX",
  "sourceCode":          "pragma solidity ^0.8.17; contract MyContract { ... }",
  "codeformat":          "solidity-single-file",
  "contractname":        "MyContract",
  "compilerversion":     "v0.8.17+commit.d19bba13",
  "optimizationUsed":    "1",          // "1" for true, "0" for false
  "runs":                "200",        // number of optimization runs
  "constructorArguments": "0x...",     // Replace with ABI-encoded constructor arguments if applicable
  "licenseType":         "3",          // Replace with correct license type ID (e.g., "3" for MIT)
}

Additional context

• Gist using forge scripting to verify contracts

[Hawthorne001]