{Solidity:​log}

Posted by Solidity Team on July 19, 2023

On June 26, 2023, a bug in the legacy code generation pipeline of the Solidity compiler was found during investigation of a security report related to the use of abi.decode with a ternary expression that has side effects, as the type argument. The legacy code generator was not evaluating complex expressions, like assignments, function calls, or conditionals, whose .selector was being accessed. This led to the side-effects of such expressions not being executed, and therefore potentially incorrect behavior of contracts compiled using the legacy pipeline. The...

Posted by Solidity Team on July 19, 2023

On July 4, 2023, Robert Chen from OtterSec discovered a bug in the Yul optimizer. The earliest affected version of the compiler is 0.6.7, which introduced the ability to modify the optimizer step sequence. Solidity version 0.8.21, released on July 19, 2023, provides a fix. We assigned the bug an overall score of "low". The bug has "high" severity in affected cases, but we deem the likelihood of it actually affecting deployed contracts as "very low". Which Contracts are Affected? The prerequisite to trigger the bug is...

Posted by Solidity Team on May 10, 2023

We are excited to announce the latest release of the Solidity Compiler, Solidity v0.8.20. This latest version includes a range of improvements in the via-IR pipeline and improves the list of events exposed in the contract ABI, and, most importantly, support for the Shanghai hard fork! Important Note This compiler switches the default target EVM version to Shanghai, which means that the generated bytecode will include PUSH0 opcodes. Be sure to select the appropriate EVM version in case you intend to deploy on a...

Posted by Franziska Heintel on March 10, 2023

The 2022 Solidity Developer Survey results are in! In this post, we will be summarizing and analyzing them. First of all, a big thank you to everybody who took the time and participated and to everybody who helped us spread the word about it! This year, we received a smashing 1401 responses. That is more than a 3x in responses compared to the previous survey and we couldn't be happier with the turnout. Your input is invaluable to us and plays a crucial...

Posted by Kamil Śliwak, Matheus Aguiar on February 22, 2023

The highlight of Solidity 0.8.19 release is the support for defining operators on user-defined value types (UDVTs). If you have not been keeping up with recent features, UDVTs are a new class of types introduced in Solidity 0.8.8. They provide an abstraction over an elementary value type that results in a completely new type. This is similar to creating an alias, but the new type is distinct from the underlying value type and all other UDVTs derived from that underlying type. The ability to use operators...

Posted by Solidity Team on February 22, 2023

We are excited to announce the latest release of the Solidity Compiler, Solidity v0.8.19. This latest version includes a range of improvements and it also introduces the support for defining operators on user-defined value types (UDVTs)! You can learn about it at length in our feature deep-dive blogpost. Notable New Features These are the features we want to highlight in this release. Operators for User-Defined Value Types The ability to use operators is meant to bring the UDVTs closer to being as natural to use as the...

Posted by Solidity Team on February 1, 2023

Introducing the newest version of the Solidity Compiler! We are excited to announce the latest release of the Solidity Compiler, Solidity v0.8.18. This latest version includes a range of improvements and it also introduces support for the Paris upgrade! Notable New Features These are the features we want to highlight in this release. Disabling CBOR metadata A new command-line flag (--no-cbor-metadata) and Standard JSON option (settings.metadata.appendCBOR: false) to prevent compiler from appending the CBOR metadata section at the end of the bytecode. Until now, it was only...

Posted by Franziska Heintel on December 7, 2022

It’s that time of the year. Drumroll, please! 🥁🥁🥁 We are launching the Solidity Developer Survey 2022! Before we wrap up 2022 for good, we want to reach out to collect your feedback and insights so we can improve on it! 📝 TAKE THE SURVEY! 📝 You can find the previous results of the Solidity Developer Survey 2021 here. In 2021, 435 developers from 73 different countries participated with 80% of respondents using Solidity daily or weekly. About the Survey 🪄 Like in previous years, this...

Posted by Solidity Team on December 5, 2022

More than two years have passed since we introduced Solidity core team members on the blog and we realized it is high time for some updates: Meet new team members, find out who moved on to other adventures and learn about recent changes in the team structure! Before we dive in, a reminder that the Solidity programming language and compiler are open-source community projects. This post dives into the core team that leads the development. Nevertheless, we cannot stress enough how...

Posted by Solidity Team on September 8, 2022

On September 5, 2022, a bug in Solidity's Yul optimizer was found by differential fuzzing. The bug was introduced in version 0.8.13 and Solidity version 0.8.17, released on September 08, 2022, provides a fix. The bug is significantly easier to trigger with optimized via-IR code generation, but can theoretically also occur in optimized legacy code generation. We assigned the bug a severity of "medium/high". Who Should Be Concerned If you're using optimized legacy code generation, you only need to be concerned, if you use...