honeypot logo

Contract Verification

Contract Verification checks if the contract is open source or not. No actual analysis of the contract happens in this endpoint and it is not a substitute for an Audit. It is a simple check to see if the contract is open source or not.

However, unlike many other contract verification tools, we do not simply check the contract for the address specified. We check every contract that the contract makes calls to. As such, we require the contract to be trade-able in order to get a full call stack of the contract - so that we can determine what contracts it calls.

GET/v2/GetContractVerification

Check if a contract is open source

This endpoint allows you to retrieve a list of contracts that get called by the contract you specify and whether they are open source or not.

Root contract refers to the address being checked.

Required attributes

  • Name
    address
    Type
    address
    Description

    The address of the contract you want to check.

Optional attributes

  • Name
    chainID
    Type
    integer
    Description

    The chain you want to check the token on. If not specified, it will try to find the most suitable chain based on liquidity.

Response

To get list of all the external contracts called, this endpoint attempts to simulate buy/sell to get the list of contracts being called. If the simulation fails, fullCheckPerformed will be false and summary/contractsOpenSource/contractCalls may not be present.

summary contains a summary of the results, generated from contractsOpenSource and contractCalls. summary.isOpenSource is true if the root contract and every contract called is open sourced. summary.hasProxyCalls is true if there are any delegatecalls made in the call tree.

contractsOpenSource contains a list of contracts that are called in the tree and if they are open source or not. There is no guarantee if root contract will be present or not.

contractCalls contains a list of all unique calls made in the call tree, in no specific order.

Request

GET
/v2/GetContractVerification
curl -G https://api.honeypot.is/v2/GetContractVerification \
-H "X-API-KEY: {APIKEY}" \
-d address=0x8a50b28242a88e051a0c08b11050aae6a663493c

Response

GET
/v2/GetContractVerification
{
  "isContract": true, // If the address being checked is a contract.
  "isRootOpenSource": true, // If the address being checked is open source.
  "fullCheckPerformed": true, // If the full check was performed. If false, summary/contractsOpenSource/contractCalls may not be present.
  "summary": {
      "isOpenSource": true, // If all the contracts called by the contract are open source, as well as the root contract.
      "hasProxyCalls": false // If there are any delegatecalls made.
  },

  // List of all contracts called and if they are open source or not.
  "contractsOpenSource": {
      "0x8a50B28242A88e051A0C08b11050AAE6A663493C": true
  },
  "contractCalls": []
}