Verifying the Unity Prop Smart Contract

2 min readMay 3, 2022


The source code for the Unity prop smart contract is available in the cw-unity-prop repository, but for the purposes of verifying with mintscan we have forked the code to securityDAO’s GitHub org.

To verify the contents of the contract deployed on chain you will need docker and junod installed on your machine.

Compile contracts locally

Clone the repository and enter the directory:

git clone
cd cw-unity-prop
git checkout v0.3.0

Compile the contracts:

docker run --rm -v "$(pwd)":/code \
--mount type=volume,source="$(basename "$(pwd)")_cache",target=/code/target \
--mount type=volume,source=registry_cache,target=/usr/local/cargo/registry \

This should output info about the contract sha256 hash:

Optimizing cw_unity_prop.wasm ...
Creating hashes ...
3481e613b412706204124ce081ac9cba18eb044d5c78c922e55e162e411d4b47 cw_unity_prop.wasm
Info: sccache stats after build

Make note of this for later.

Verifying the contract code on chain

The contract has already been deployed on chain. You can view it on MintScan here.

In the v4.0.0 junod tag you can find the address hard coded in the code:

// UnityContractByteAddress is the bytes of the public key for the address of the Unity contract
// $ junod keys parse juno1nz96hjc926e6a74gyvkwvtt0qhu22wx049c6ph6f4q8kp3ffm9xq5938mr
// human: juno
// bytes: 5BEF9E5318ED6716A11179C70B06656E9FB91D241A1C594F344B325D9110D94C
const UnityContractByteAddress = "5BEF9E5318ED6716A11179C70B06656E9FB91D241A1C594F344B325D9110D94C"

You can query info about this contract on chain:

junod q wasm contract juno1nz96hjc926e6a74gyvkwvtt0qhu22wx049c6ph6f4q8kp3ffm9xq5938mr --node

This should return:

address: juno1nz96hjc926e6a74gyvkwvtt0qhu22wx049c6ph6f4q8kp3ffm9xq5938mr
admin: ""
code_id: "253"
created: null
creator: juno1cdqa6wd7fyxx4nq3fh630zsvjrwqj9tgea6npm
extension: null
ibc_port_id: ""
label: Juno Unity Prop v0.3.0

Note the code_id 253, now lets download the wasm binary for that code:

junod q wasm code 253 cw_unity_prop.wasm --node

Get the hash and not that it matches the checksums in v0.3.0:

shasum -a 256 cw_unity_prop.wasm --node

It should output:

3481e613b412706204124ce081ac9cba18eb044d5c78c922e55e162e411d4b47  cw_unity_prop.wasm


A service provided by Mintscan allows code to be uploaded by third parties for them to validate that contracts deployed on chain match the code found on GitHub and is uploaded to their storage medium.

Here is Juno Unity Prop v0.3.0, contract, aka contract 253.

You can see that this contract has not been verified, though following the steps above we have submitted the code and steps required to the team at Mintscan.

The verified contract now looks like this.

More info on verifying smart contracts