0

I have a question about ERC20 token contracts in general:

Apparently after verifying on Etherscan, all token contracts become visible to the public.

  • Isn't that a security risk ?
  • What if we do not verify our contract ?
  • Can some of these contracts (that are verified and visible) on the Etherscan be used again for new coins, or are they copyright protected ?

Thank you in advance!

John M
  • 13
  • 4

1 Answers1

0

Apparently after verifying on Etherscan, all token contracts become visible to the public.

Their bytecode is already public when they're deployed. You're just making the source code public too.

Isn't that a security risk ?

Only if your contract contains a security flaw.

But if your contract does contain a security flaw, it's a security risk to deploy it even without publishing the source code. There are ways to "decompile" the bytecode to some pseudocode or even Solidity to some extent, so anyone can see the logic of your contract even if the source code is not published.

What if we do not verify our contract ?

It's a fully functional contract, just without verified source code.

Can some of these contracts (that are verified and visible) on the Etherscan be used again for new coins, or are they copyright protected ?

It depends on the license under which the authors created it. It's possible to bypass the license - so if someone publishes the contract under "Do not copy" license, someone is still able to copy... But that's a legal topic, not programming.

Petr Hejda
  • 40,554
  • 8
  • 72
  • 100
  • Thank you for your reply! It definitely helped me. Kind Regards – John M May 01 '21 at 00:12
  • @JohnM Glad to have helped. If the answer was useful, you can mark it as accepted, so that others can search for it more easily. You can find more tips in the [Tour](https://stackoverflow.com/tour) page for new StackOverflow members. – Petr Hejda May 01 '21 at 14:17