Remove blocking dependency on etherscan

[SidestreamColdMelon]

Goal

Spell process is not blocked in case etherscan is down/not available

Context

As per the parent issue #29, currently there are multiple places in process which refer to etherscan as place to check something. But as etherscan is a centralised tool, we have to expect a possibility that 1) it is down 2) it is compromised and prepare accordingly.

Places where we refer to etherscan

• Check Rely events
  

  pe-checklists/spell/spell-reviewer-mainnet-checklist.md

  Line 92 in 1aa58ee

  * [ ] Ensure that there are no other `Rely` events except for `PAUSE_PROXY` and `MCD_ESM` (using a block explorer like [etherscan](https://etherscan.io))

• Check source code of a new contract
  

  pe-checklists/spell/spell-reviewer-mainnet-checklist.md

  Line 93 in 1aa58ee

  * [ ] Source code matches corresponding github source code (e.g. diffcheck via vscode `code --diff etherscan.sol github.sol`)

• Check deployed spell (manually)
  

  pe-checklists/spell/spell-reviewer-mainnet-checklist.md

  Line 347 in 1aa58ee

  * [ ] Deployed spell is verified on etherscan

  
  

  pe-checklists/spell/spell-reviewer-mainnet-checklist.md

  Line 368 in 1aa58ee

  * [ ] Ensure Etherscan `Libraries Used` matches DssExecLib [Latest Release](https://github.com/makerdao/dss-exec-lib/releases/latest)

• Checks deployed spell (using API)
  

  pe-checklists/spell/spell-reviewer-mainnet-checklist.md

  Lines 355 to 360 in 1aa58ee

  	* Automated checks via `make check-deployed-spell`
  	* [ ] Verified
  	* [ ] Valid license
  	* [ ] Version matches
  	* [ ] Optimizations are disabled
  	* [ ] dss-exec-lib library address used (under 'Libraries Used') matches the hardcoded local `DssExecLib.address` file

• Get priority fee
  

  pe-checklists/spell/spell-crafter-mainnet-workflow.md

  Line 182 in 1aa58ee

  * [ ] Check [current gas priority fee](https://etherscan.io/gastracker) and set `ETH_PRIO_FEE` accordingly (e.g. 2 gwei)

Proposed circumvention

Use multiple different services to verify the source code.

Tasks

• Extend the verification script
  • Send flattened code to multiple services (potentially using forge verify-contract instead of making raw requests)
  • Ensure requests to services are non-blocking (in case one service is down)
• Editing checklists
  • Replace "etherscan" with "at least 2 trusted block scanners"
  • Define/refer to a "list of trusted blocks canners" (used by the verification script)
  • Get priority fee from a more decentralised source (or otherwise make it a recommendation)
• Replace or remove automatic check of the source code

[0x3phemeralsoul]

it should verify on:
Etherscan
Sourcify
Blockscout

This ticket should also update the checklist to include 2 out 3 verified sources from the above. Spell should always be verified in 2 sources at least, normally on the 3.