Follow these 4 steps to embed SEP-58 metadata and get your Soroban contract showing as ✅ Contract Verified on CSV Verify.
Use a pinned SHA — branches move, SHAs don't. The verifier rebuilds from this exact commit.
git add .
git commit -m "ready to deploy"
git push origin main
# Copy this — you'll need it in the next step
git rev-parse HEAD
# example: a1b2c3d4e5f6789012345678901234567890abcdChoose your contract type:
stellar contract build \
--meta source_repo=https://github.com/your-org/your-contract \
--meta source_rev=a1b2c3d4e5f6789012345678901234567890abcdEvery flag you pass to select your contract must also be passed as --meta bldopt=. The verifier replays those exact flags when rebuilding.
stellar contract deploy \
--wasm target/wasm32v1-none/release/your_contract.wasm \
--network testnet \
--source YOUR_ACCOUNT_NAMEThe command prints your Contract ID — starts with C, 56 characters long. Copy it.
Or call the API directly:
curl -X POST https://stellar-contract-verification.vercel.app/api/verify \
-H "Content-Type: application/json" \
-d '{"contract_id": "YOUR_CONTRACT_ID"}'The UI does this automatically, but you can also call the API from CI or scripts. Always check the cache first — if the contract is already verified it returns instantly.
Check if already verified (instant):
curl "https://stellar-contract-verification.vercel.app/api/v1/contracts/YOUR_CONTRACT_ID/verifications?network=testnet"Trigger verification (2–6 min):
curl -X POST https://stellar-contract-verification.vercel.app/api/verify \
-H "Content-Type: application/json" \
-d '{"contract_id": "YOUR_CONTRACT_ID"}'Only testnet is supported today. Pass ?network=testnet — mainnet support is coming soon.
Deployed without --meta flags. Rebuild with metadata from Step 2, redeploy, and use the new Contract ID.
source_rev points to wrong commit, missing bldopt flags, or uncommitted local changes were included. Always commit before building for deployment.
Either source_repo or source_rev is missing. Both are required to attempt a rebuild.
The verifier clones without authentication. Your repository must be public on GitHub.