Skip to content
Vrfier

Quick Start

This guide walks through verifying a deployed Soroban contract against its source.

Prerequisites

Section titled “Prerequisites”
  • A deployed contract address on a Stellar network (testnet or mainnet).
  • The source repository and the exact commit the contract was built from.
  • The Rust toolchain and wasm32v1-none target used for the original build.

1. Install the CLI

Section titled “1. Install the CLI”
Terminal window
# placeholder — installation method TBD
cargo install vrfier-cli

2. Verify a contract

Section titled “2. Verify a contract”

Point Vrfier at the on-chain contract and your local source tree:

Terminal window
vrfier verify CC4U…7Q2 \
  --source ./my-contract \
  --network testnet

Vrfier will:

  1. Resolve the contract’s installed WASM hash from the ledger.
  2. Rebuild the source in a pinned, reproducible environment.
  3. Compare the hashes and print the verdict.
✔ Rebuilt WASM hash:  9f2c…a1b4
✔ On-chain WASM hash: 9f2c…a1b4
✔ VERIFIED — source matches deployed bytecode

3. Publish the result

Section titled “3. Publish the result”

Submit the verification so others can find it in the public registry:

Terminal window
vrfier publish CC4U…7Q2 --source-url https://github.com/you/my-contract

Using Vrfier in CI

Section titled “Using Vrfier in CI”

Add a verification step to your pipeline so every release proves its bytecode:

- name: Verify contract source
  run: vrfier verify "$CONTRACT_ID" --source . --network mainnet

Next steps

Section titled “Next steps”