Is there any way to see the code running in a dapp (or a hash of it) to verify that it matches what has been publicly published and audited. Would be an extremely useful (almost necessary) feature request if not
There are two parts to verify here: The smart contracts that are on the blockchain, and the dAPP that is running in the wallet.
As far as I understand it, the only way to check if the deployed contracts correspond to a give source code would be to compile the latter to WASM and then simulate its deployment, with the same parameters. So, the best way to do it would probably be to have the explorer (or some external service as BeamAssets) check and register that information (like for Ethereum, BSC and co: We submit a source code and the explorer verifies and then registers that that source does indeed match the deployed contract).
For the dApp, they are normal webpages so it should be much easier to get the installed code to then compare it to the one it is supposed to be. Maybe a simple option in the dApp Store could do that (like the “Download source” in standard browsers).
1 Like