Question 1

How to add my project to the Ethereum Contracts List?

Accepted Answer

Submit a form via the GitHub issue template or send a pull request to update JSON files, ensuring they match the schemas. For future automation, add a `@custom:security-contact` natspec tag and verify on Sourcify.

Question 2

Ethereum Contracts List vs Etherscan labels – which is better for security contacts?

Accepted Answer

Etherscan provides real-time on-chain labels, but the Contracts List focuses on community-verified project mappings with dedicated security emails, making it more reliable for vulnerability disclosure purposes.

Question 3

What chains does the contracts list support?

Accepted Answer

It uses EIP155 chain IDs, so it supports any EVM-compatible network listed on chainlist.org, including Ethereum, Polygon, and Arbitrum, as organized in the contracts folder by chain ID.

Question 4

How to find security contact info for a contract address?

Accepted Answer

Look up the contract by chain ID and address in the JSON files, which map to a project entry containing the `contacts.security` email. Tools can integrate this data for easier access.

Question 5

Can I contribute to the contracts list as a developer?

Accepted Answer

Yes, by submitting pull requests to update JSON files or helping maintain the repository. Ensure contributions follow the schemas and include proof of project representation if needed.

Question 6

Is the contracts list updated automatically with new deployments?

Accepted Answer

Not currently; automatic import from natspec tags is planned but not implemented, so updates rely on manual submissions by project teams or community members.

Smart Contract Security Registry

What is Smart Contract Security Registry?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions