Solidity Developer Survey 2022 is Live!

It’s that time of the year. Drumroll, please! 🥁🥁🥁 We are launching the Solidity Developer Survey 2022! Before we wrap up 2022 for good, we want to reach out to collect your feedback and insights so we can improve on it! 📝 TAKE THE SURVEY! 📝 You can find the previous results of the Solidity Developer Survey 2021 here. In 2021, 435 developers from 73 different countries participated with 80% of respondents using Solidity daily or weekly. [Read More]

Solidity Core Team Updates

More than two years have passed since we introduced Solidity core team members on the blog and we realized it is high time for some updates: Meet new team members, find out who moved on to other adventures and learn about recent changes in the team structure! Before we dive in, a reminder that the Solidity programming language and compiler are open-source community projects. This post dives into the core team that leads the development. Nevertheless, we cannot stress enough... [Read More]

Storage Write Removal Bug On Conditional Early Termination

On September 5, 2022, a bug in Solidity’s Yul optimizer was found by differential fuzzing. The bug was introduced in version 0.8.13 and Solidity version 0.8.17, released on September 08, 2022, provides a fix. The bug is significantly easier to trigger with optimized via-IR code generation, but can theoretically also occur in optimized legacy code generation. We assigned the bug a severity of “medium/high”. [Read More]

Solidity 0.8.16 Release Announcement

Solidity v0.8.16 fixes an important bug. The bug may result in small parts of dynamic tuple components being inadvertently zeroed during ABI re-encoding when the last component is a statically-sized uint or bytes32 calldata array. See Head Overflow Bug in Calldata Tuple ABI-Reencoding for more information. Apart from that, there are several minor bug fixes and improvements like more gas-efficient overflow checks for addition and subtraction. [Read More]

Head Overflow Bug in Calldata Tuple ABI-Reencoding

On July 5, 2022, Chance Hudson (@vimwitch) from the Ethereum Foundation discovered a bug in the Solidity code generator. The earliest affected version of the compiler is 0.5.8, which introduced ABI-reencoding of calldata arrays and structs. Solidity version 0.8.16, released on August 08, 2022, provides a fix. We assigned the bug a severity of “medium”. [Read More]

Optimizer Bug Regarding Memory Side Effects of Inline Assembly

On June 5, 2022, John Toman of the Certora development team reported an optimizer bug that can cause memory writes in inline assembly blocks to be incorrectly removed under certain conditions. The bug was introduced in Solidity 0.8.13 with a new Yul optimizer step meant to remove unused writes to memory and storage. We assigned the bug a severity of “medium”. [Read More]

Bug when Copying Dirty Bytes Arrays to Storage

On July 1, 2021, a bug in the Solidity code generator was found by differential fuzzing. The bug causes the legacy code generation pipeline to generate code that may write dirty values to storage when copying bytes arrays from calldata or memory. Initially, it was assumed that the dirty values in storage are only observable using inline assembly. However, resizing a bytes array using an empty .push() without actually writing values to it, can expose the dirty bytes without any... [Read More]

Solidity 0.8.14 Release Announcement

Solidity v0.8.14 fixes two important bugs. The first one is related to ABI-encoding nested arrays directly from calldata. You can find more information in the blog post. The second bug is triggered in certain inheritance structures and can cause a memory pointer to be interpreted as a calldata pointer or vice-versa. We also have a dedicated blog post about this bug. Apart from these, there are several minor bug fixes and improvements. Please note: Unfortunately, the npm wrapper package of... [Read More]