{Solidity:​log}

Posted by Solidity Team on October 7, 2020

On September 17, 2020, a bug in the Solidity code generator was found. The bug is fixed with version 0.7.3 released on October 7, 2020. The bug is present in all prior versions of Solidity. We assigned the bug a severity level of "medium". Technical Details of the Bug Summary: For a dynamically-sized storage-array with types of size at most 16 bytes, assignments that require deleting slots did not zero out the deleted slots properly. Consider a dynamically-sized array in storage whose base-type is small enough...

Posted by Solidity Team on October 7, 2020

Solidity v0.7.3 fixes a bug in the dynamic-array cleanup. To learn more about the bug and check if your contract is vulnerable please read this post with further details about the bug. Additionally, v0.7.3 adds the option to stop compilation after the parsing stage using solc --stop-after parsing. Important Bugfixes Code Generator: Properly cleanup after copying dynamic-array to storage for packed types. Read more here. Notable New Features Stop Compilation after Parsing solc --stop-after parsing (or settings.stopAfter = 'parsing' in standard-json) can now be used to instruct...

Posted by Solidity Team on September 28, 2020

Solidity v0.7.2 fixes a bug in free functions, which had been introduced with v0.7.1, and adds compiler-generated utility file export. Furthermore, it comes with a considerably broadened language support of the SMTChecker. Important Bugfixes Free Function Overloading Checks Free functions were introduced in the previous release (Solidity v0.7.1). It turned out that it was possible to define a function with the same name multiple times, even containing the same parameter types. Allowing two functions with the same name, but different parameter types is called "overloading" and...

Posted by Franziska Heintel on September 21, 2020

We're excited to share that the Underhanded Solidity Contest is finally back! Inspired by the Underhanded C Contest and the first Underhanded Solidity Contest, organized in 2017 by Nick Johnson, we decided it is time for a much needed revival. Underhanded Solidity Contest The goal of this contest is to write innocent-looking Solidity code, which pretends to be clear and straightforward, but actually contains malicious behavior or backdoors. By hosting such a contest we aim to: Raise awareness about smart contract security. Uncover language design flaws. Battle-test...

Posted by Solidity Team on September 18, 2020

As you might know, Solidity is an open-source community project mainly developed and maintained by a core team. Today, we would like to introduce some of our team members and share insights into their professional background, which components of Solidity they mostly work on, what they would like to see in Solidity and in the ecosystem in future and more! Since almost all of our work happens on Github you can find each team member's Github handle next to their name. Before...

Posted by Solidity Team on September 2, 2020

Solidity v0.7.1 adds functions at file-level and fixes several small bugs. Notable New Features Functions At File-Level Functions can now be defined at file-level. Such functions are called "free functions" (as opposed to functions bound to a specific contract). Free functions are always internal functions and are meant to replace internal library functions and their very special behaviour. A free function behaves like an internal function of the contract that called it. The main difference is that a free function cannot directly access state variables and internal functions of...

Posted by Solidity Team on July 28, 2020

Solidity 0.7.0 is a breaking release of the Solidity compiler and language. This release does not include many features but rather changes that require a backwards-incompatible adjustment in syntax or semantics. For a detailed explanation, please see the documentation. Most notably, further cleanup of visibility and state mutability has been performed and several unpopular keywords have been removed. Types with mappings in memory are disallowed and shift and exponentiation operations use more reasonable types. Since we usually do not backport bugfixes, it is recommended to upgrade all...

Posted by Solidity Team on July 22, 2020

Solidity v0.6.12 adds more flexibility when using inheritance with NatSpec comments and introduces many small improvements to the optimizer. Notable New Features NatSpec Inheritance As explained in the Solidity 0.6.11 release announcement, NatSpec comments are now inherited automatically if you do not provide any NatSpec in the derived function. Starting from Solidity 0.6.12, you can explicitly inherit comments from a base contract using the tag @inheritdoc even if you specify some of the tags. The tags that are not given will then be taken from the specified base class' function. //...

Posted by Franziska Heintel on July 8, 2020

Solidity v0.1.0 turns 5 With happiness and a tad of nostalgia, we'd like to share that Solidity v0.1.0 turns 5 years old today! (To be fair, v0.1.0 wasn't an actual release, but it marks the time where the Solidity team started appointing version numbers.) We are puzzled over how fast time flew by. We'd like to use this opportunity to take a look back and walk down the Solidity memory lane together with you. In short: The Solidity language evolved rapidly, the...

Posted by Solidity Team on July 7, 2020

Solidity v0.6.11 adds inheritance to NatSpec comments, improves debugging data output and fixes some minor issues with opening up calldata for non-external functions. Notable New Features NatSpec Inheritance and on Events NatSpec comments are a way to describe the behaviour of a function to end-users. It also allows to provide more detailed information to developers. One regular use-case is that you document the behaviour of an interface and then implement the interface in a derived contract. Previously, you had to repeat the documentation in the derived contract. This...