All Security Alerts posts:

Solidity Memory Array Creation Overflow Bug

On the 28th of March, a bug in the Solidity code generator was reported through the Ethereum Foundation Bounty program, by John Toman of Certora. The bug is fixed with version 0.6.5, released on 2020-04-06. The bug is present in all prior versions of Solidity. We assigned a severity level of “low” because we found the bug to be uncommon and at the same time hard to exploit. [Read More]

Solidity Storage Array Bugs

This post was originally published on the Ethereum blog. This blog post is about two bugs connected to storage arrays which are otherwise unrelated. Both have been present in the compiler for a long time and have only been discovered now even though a contract containing them should very likely show malfunctions in tests. Daenam Kim with help from Nguyen Pham, both from Curvegrid discovered an issue where invalid data is stored in connection with arrays of signed integers. This... [Read More]

Solidity Optimizer and ABIEncoderV2 Bugs

This post was originally published on the Ethereum blog. Through the Ethereum bug bounty program, we received a report about a flaw within the new experimental ABI encoder (referred to as ABIEncoderV2). Upon investigation, it was found that the component suffers from a few different variations of the same type. The first part of this announcement explains this bug in detail. The new ABI encoder is still marked as experimental, but we nevertheless think that this deserves a prominent announcement... [Read More]

Solidity Bugfix Release

This post was originally published on the Ethereum blog. The latest version 0.4.25 release of Solidity fixes two important bugs. Another important bug has already been fixed in version 0.4.22 but it was only discovered recently that the bug existed. Note that the Ethereum Foundation runs a bounty program for the code generator part of Solidity. [Read More]

Solidity Optimizer Bug

This post was originally published on the Ethereum blog. A bug in the Solidity optimizer was reported through the Ethereum Foundation Bounty program, by Christoph Jentzsch. This bug is patched as of 2017-05-03, with the release of Solidity 0.4.11. [Read More]

Analysis of Storage Corruption Bug

This post was originally published on the Ethereum blog. This blog post provides an update on our findings following the discovery of the storage corruption bug last week. In summary, the bug was much less severe than we initially thought. The small number of affected contracts we found is either only exploitable by the owner, or the exploit can only cause a disruption in the user interface and not in the actual contract logic. All exploitable contracts/dapps we reviewed can... [Read More]

Security Alert: Variables can be overwritten in storage

This post was originally published on the Ethereum blog. Summary: In some situations, variables can overwrite other variables in storage. **Affected Solidity compiler versions: **0.1.6 to 0.4.3 (including 0.4.4 pre-release versions) Detailed description: Storage variables that are smaller than 256 bits are packed together into the same 256 bit slot if they can fit. If a value larger than what is allowed by the type is assigned to the first variable, that value will overwrite the second variable. This means... [Read More]

Smart Contract Security

This post was originally published on the Ethereum blog. Solidity was started in October 2014 when neither the Ethereum network nor the virtual machine had any real-world testing, the gas costs at that time were even drastically different from what they are now. Furthermore, some of the early design decisions were taken over from Serpent. During the last couple of months, examples and patterns that were initially considered best-practice were exposed to reality and some of them actually turned out... [Read More]