v1.0.0

Open Standard

Verify Standard.

A minimal JSON schema for verifying that an ERC-20 token was launched through a specific launchpad on Base. Any launchpad can self-host the endpoint. Any consumer can query without coordination. MIT-licensed.

JSON Spec ↗Live example ↗

The contract

One method, one path, no auth, must allow CORS:

GET /api/verify/{address}

Address format: 0x-prefixed lowercase 20-byte hex
Auth:           none
CORS:           must allow * (anti-impersonation
                primitives are useless if browsers
                can't query them)
Caching:        public, max-age 60-300s recommended

Response shape

{
  "verified": true | false | null,
  "address":  "0x...",
  "name":     "Token Name" | null,
  "symbol":   "SYM" | null,
  "deployedAt": "2026-04-15T..." | null,
  "txHash":   "0x..." | "external" | null,
  "kind":     "platform" | "ecosystem" | "user",
  "chainId":  8453,
  "launcher": {
    "name": "Your Launchpad",
    "site": "https://...",
    "tokenPage": "https://.../t/0x...",
    "agentCard": "https://.../.well-known/agent-card.json" | null,
    "erc8004AgentId": "50962" | null
  },
  "feeSplitBps": { ... } | null,
  "asOf": "2026-..."
}

Three states for verified: true (launched here), false (legitimate ERC-20 but not from this launchpad — the anti-impersonation primitive), null (index temporarily unavailable, retry later).

Why this exists

Token launchpads need a way to prove provenance without users having to trust a centralized API. By making the schema deterministic and self-hosted, any launchpad can publish their own endpoint and any wallet, indexer, or aggregator can verify across launchpads with one code path.

The verified: falsecase matters most: it's how a launchpad deniesa token that's claiming fake provenance. That's the anti-impersonation primitive ecosystems need.

Implement it (5 minutes)

  1. 1. Index your deploys. Maintain a registry of every token your launchpad deploys (address, name, symbol, deploy timestamp, tx hash, kind).
  2. 2. Expose the route. At /api/verify/[address] on your domain, return the JSON shape above. CORS enabled. No auth.
  3. 3. Handle three cases:
    • address found → verified: true + full payload
    • valid address but not in registry → verified: false
    • upstream/index down → verified: null + 502
  4. 4. (Optional) link your spec. Add a row to the reference implementation list — open a PR or DM us. Visible in this section helps consumers discover you.

Reference implementation

LiquidPad

Live at https://www.liquidpad.site/api/verify/{address}. Source: open-source MIT, see github.com/liquidpadbot.

Try it: /api/verify/0xBF07...58bBF

If your launchpad implements this, send a PR to add yourself. We'll surface a directory once we have 3+ implementations.

Best practices

  • → Cache responses 60-300 seconds. Keeps your infra cheap.
  • → Treat verified: null as “unknown, retry” — never as “failed verification”.
  • → Pair this lookup with on-chain bytecode verification for highest assurance.
  • → Reject mismatches between the launchpad name in this response and the launchpad you're claiming integration with.

Versioning

The spec follows semver. Breaking changes bump major; additive fields bump minor. Consumers should pin to a major version. The current spec is at /api/verify-spec and includes a spec.version field.

Currently: v1.0.0. No breaking changes planned.

No vendor lock-in. No central permission. MIT.

Build with us — or fork and ship your own. Both make the ecosystem stronger.