To increase decentralization, it would be great to have a verified repository of smart contract source codes. Due to the metadata being part of the bytecode, we should have everything that is needed to actually perform the verification. This repository could be an actual repository on github, where people can create pull requests to have their smart contract code compiled and verified. There could be a CI job that does the verification as follows:
- fetch the bytecode from the chain via infura or another service
- install the correct compiler version using npm
- only flag the PR green, if the compilation output matches the bytecode
If the directory name is the address of the contract, the source code should be easy to find, even if multiple