Add verifying-contracts-on-basescan skill

[xam-dev-ux]

Closes #35

Summary

Adds verifying-contracts-on-basescan skill covering smart contract verification on Base Mainnet and Base Sepolia.

Motivation

A common failure mode for both developers and AI coding agents is recommending the deprecated Basescan V1 API instead of the unified Etherscan V2 API. V1 was fully deactivated on August 15, 2025. The exact error it returns:

You are using a deprecated V1 endpoint, switch to Etherscan API V2
using https://docs.etherscan.io/v2-migration

Stale docs and LLM training data keep surfacing api.basescan.org/api and per-chain Basescan keys. This skill is the authoritative reference so agents stop suggesting V1 endpoints.

Verification is also only mentioned in passing inside deploying-contracts-on-base, with no coverage of standalone verification, Hardhat, Sourcify, or already-deployed contracts.

This was tested live on Base Sepolia before opening this PR

• Deployed SimpleStorage with a constructor argument
• Verified via Etherscan V2 (forge verify-contract --verifier-url "https://api.etherscan.io/v2/api?chainid=84532"): 0xA6E4e2977dD3470Fa3E9683B98DC30B888755D0a → Pass - Verified
• Verified via Sourcify (--verifier sourcify, no API key): 0xF0E6DF13b99525f9144D82f23b9DF860BAB4EE1e → exact_match
• Confirmed V1 endpoint returns the exact error above
• Confirmed Foundry's already verified. Skipping verification behaviour (graceful, not an error — corrected in the skill from the live test)

Scope

• V1 → V2 migration table with the exact error message
• Foundry forge verify-contract (Mainnet/Sepolia, constructor args, --watch, linked libraries)
• foundry.toml V2 config replacing the deprecated per-chain basescan URLs
• Hardhat @nomicfoundation/hardhat-verify — single apiKey string + customChains pointing to V2
• Manual UI verification on basescan.org (single file vs standard JSON input)
• Sourcify as a decentralised alternative (no API key)
• Common errors table with causes and fixes (8 entries, messages taken from live test output)
• Cross-reference to deploying-contracts-on-base for deploy+verify flow — no duplication

Out of scope

Deployment — that lives in deploying-contracts-on-base.

Checklist

• Scope approved in Proposal: add verifying-contracts-on-basescan skill #35
• Frontmatter and structure match existing skills
• Description optimised for skill triggering
• All chain IDs and endpoints verified against docs.etherscan.io / docs.base.org
• Error messages taken from live test output, not paraphrased
• README "Available Skills" table updated
• Single skill, single commit, no overlap with existing skills

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 1 Sum 2