Signed Immutables Bug

On September 28th, 2021, the Solidity team discovered that for immutable variables of a signed integer type shorter than 256 bits, sign extension (cleanup) of its value is not always properly performed. To our knowledge, the value can only be accessed in its unclean state when using inline assembly. The bug is present since the introduction of the immutable feature in Solidity 0.6.5 and is fixed in 0.8.9. We assigned the bug a severity of “very low”. [Read More]

Solidity 0.8.8 Release Announcement

Solidity v0.8.8 introduces user defined value types as a major feature. The override keyword is now optional for interface functions, immutable variables can be read in the constructor, there is support for retrieving the smallest and largest value of an enum, you can specify include directories and the commandline interface was cleaned up. Furthermore, we fixed several bugs and the SMTChecker has improved language coverage. [Read More]

Solidity 0.8.7 Release Announcement

Solidity v0.8.7 introduces support for the London upgrade, includes various improvements to Yul to EVM code transformation, the SMTChecker and some bugfixes. Please note: Unfortunately, the npm package of this version is corrupted. Pulling the solc-js repository directly will work. [Read More]

What Happened with Solidity-related Domains?

Some time ago we decided to get a domain that the Solidity team has easy access to in order to streamline efforts and initiatives that were hosted on other domains before. And so was born! 🎉 We announced most of these domain changes individually on Twitter, but we want to take a moment to also officially announce it here on the blog and explain the various subdomains we have now, what they are for and which older domains may... [Read More]

Solidity ABI Decoder Bug For Multi-Dimensional Memory Arrays

On April 5th, 2021, a bug in the Solidity ABI decoder v2 was reported by John Toman of the Certora development team. Certora’s bug disclosure post can be found here: Memory Isolation Violation in Deserialization Code. The bug is fixed with Solidity version 0.8.4 released on April 21st, 2021. The bug is present in all prior versions of ABI coder v2. We assigned the bug a severity level of “very low”, mainly due to the fact that it is very... [Read More]

Custom Errors in Solidity

Starting from Solidity v0.8.4, there is a convenient and gas-efficient way to explain to users why an operation failed through the use of custom errors. Until now, you could already use strings to give more information about failures (e.g., revert("Insufficient funds.");), but they are rather expensive, especially when it comes to deploy cost, and it is difficult to use dynamic information in them. Custom errors are defined using the error statement, which can be used inside and outside of contracts... [Read More]