Skip to content

feat: add Etherscan API key to Cloudflare Worker for free verification lookups #322

New issue
New issue
Open
Open
feat: add Etherscan API key to Cloudflare Worker for free verification lookups#322
Assignees
AugustoL
Labels
enhancementNew feature or request
Milestone
v1.2.5-a
@AugustoL

Description

@AugustoL
AugustoL
opened on Mar 17, 2026

name: Feature Request
about: Suggest a new feature or enhancement
title: "feat: "
labels: enhancement

Summary

Add an Etherscan API key to the existing Cloudflare Worker proxy so that users can get free contract verification lookups (Etherscan as a parallel source alongside Sourcify) without needing to configure their own API key.

Motivation

Currently, Etherscan verification is opt-in — users must provide their own Etherscan API key in Settings to enable it. Most users won't bother, which means they miss out on contracts that are verified on Etherscan but not on Sourcify. Since we already have a Cloudflare Worker proxy for Groq AI analysis (with rate limiting and CORS protection), we can extend the same pattern to proxy Etherscan V2 API calls, making verification lookups free for all users out of the box.

Proposed Solution

  1. Add an ETHERSCAN_API_KEY secret to the existing Cloudflare Worker
  2. Add a new route (e.g., /etherscan/verify) that proxies contract verification requests to the Etherscan V2 API
  3. Apply the same security controls already in place: CORS origin allowlist, per-IP rate limiting, and payload validation
  4. Update the frontend contractLookup utility to use the worker proxy as the default Etherscan source when no user key is configured
  5. Keep user-provided keys as an override (bypass the proxy for users who want higher rate limits)

Alternatives Considered

  • Require users to get their own key — Current approach; low adoption means many verified contracts appear unverified
  • Bundle the key in the frontend — Exposes the key publicly; not acceptable
  • Server-side only — OpenScan is a standalone client-side app; the Worker proxy is the closest we have to a backend

Additional Context

The Cloudflare Worker proxy pattern is already proven with the Groq AI integration (#306). This follows the same architecture.

Acceptance Criteria

  • Etherscan API key added as a Worker secret
  • New Worker route for contract verification proxying
  • Rate limiting applied (separate from AI rate limits)
  • Frontend falls back to Worker proxy when no user Etherscan key is set
  • User-provided keys still work and bypass the proxy
  • Works with Etherscan V2 API (60+ chains, single key)

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions