Solidity Memory Array Creation Overflow Bug

On the 28th of March, a bug in the Solidity code generator was reported through the Ethereum Foundation Bounty program, by John Toman of Certora. The bug is fixed with version 0.6.5, released on 2020-04-06. The bug is present in all prior versions of Solidity. We assigned a severity level of “low” because we found the bug to be uncommon and at the same time hard to exploit. [Read More]

Solidity 0.6.x features: fallback and receive functions

In versions of Solidity before 0.6.x, developers typically used the fallback function to handle logic in two scenarios: contract received ether and no data contract received data but no function matched the function called The main use case of the pre-0.6.x fallback function is to receive ether and react to it, a typical pattern used by token-style contracts to reject transfers, emit events or forward the ether. The function executes when a contract is called without any data e.g. via... [Read More]

Solidity 0.5.17 Release Announcement

This maintenance release of the 0.5.x series fixes a bug that was always present in the compiler. Some people do not even consider it a bug, though, which might explain why it was undiscovered for so long: A private function can be overridden in a derived contract by a private function of the same name and types. In other words, the virtual function calling mechanism does not respect visibility. The same applies to two private functions of the same name... [Read More]

Solidity 0.6.4 Release Announcement

Version 0.6.4 of Solidity fixes a bug that did not allow calling base contract functions directly, another bug that caused issues with variable scoping in try/catch and it allows for greater flexibility with regards to storage: It is now possible to set storage slots for storage reference variables from inline assembly. We expect this to allow new patterns in connection to delegatecall proxies and upgradable contracts. Please be careful when using this feature! Language Features: General: Deprecated value(...) and gas(...)... [Read More]

Solidity 0.6.3 Release Announcement

This release adds reason strings for compiler-generated reverts if you specify revert-strings debug or use the setting settings.debug.revertStrings = "debug". Furthermore, contract types and enums are now allowed as keys for mappings and the doxygen-style comments are better supported by the AST. Language Features: Allow contract types and enums as keys for mappings. Allow function selectors to be used as compile-time constants. Compiler Features: AST: Add a new node for doxygen-style, structured documentation that can be received by contract, function,... [Read More]

Solidity 0.6.x features: try/catch statement

This post was originally published on the Ethereum blog. The try/catch syntax introduced in 0.6.0 is arguably the biggest leap in error handling capabilities in Solidity, since reason strings for revert and require were released in v0.4.22. Both try and catch have been reserved keywords since v0.5.9 and now we can use them to handle failures in external function calls without rolling back the complete transaction (state changes in the called function are still rolled back, but the ones in... [Read More]

Solidity 0.6.2 Release Announcement

After long discussions, we finally enabled a high-level way to use the create2 opcode introduced in Constantinople: When creating a contract, you can specify the salt as a “function call option”: new Contract{salt: 0x1234}(arg1, arg2). We took this opportunity and also extended the use of these function call options to specifying the gas and value options in external function calls: c.f{value: 10, gas: 20000}(arg1, arg2). Furthermore, interfaces can now inherit from interfaces, making them even more useful for specification purposes.... [Read More]

Solidity 0.6.1 Release Announcement

This release fixes a bug in the Yul optimizer related to break and continue statements in loops. The Yul optimizer is part of the regular optimizer since version 0.6.0. In version 0.5.x, you had to explicitly activate the Yul optimizer in addition to the regular optimizer. The Yul optimizer only operates on the code generated by ABIEncoderV2 or if you use it in a stand-alone way. The code generated by ABIEncoderV2 does not make use of break and continue, but... [Read More]

Solidity 0.5.16 Release Announcement

This release fixes a bug in the Yul optimizer. You are only affected if you manually enabled the Yul optimizer (not the regular optimizer) and either used Yul stand-alone or via ABIEncoderV2. For more details, please see buglist.json. Bugfixes: Yul Optimizer: Fix bug in redundant assignment remover in combination with break and continue statements. A big thank you to all contributors who helped make this release possible! Download the new version of Solidity here.

Solidity 0.6.0 Release Announcement

This is a major breaking release of the Solidity compiler and language. Changes include explicit virtual and override keywords in inheritance, support for try/catch, splitting the fallback function into a receive Ether function and an actual fallback function and limitations on how the length of an array can be changed, among others. For a detailed explanation, please see the documentation or refer to the list below that shows every single change. From this release on, ABIEncoderV2 is not considered experimental... [Read More]