Solidity: Difference between revisions

Solidity
	The Solidity language logo
Website	github.com/ethereum/solidity
Influenced by
	JavaScript, C++, Python

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 23:24, 27 March 2022

Solidity is an object-oriented programming language for implementing smart contracts^[1]^[2] on various blockchain platforms, most notably, Ethereum.^[3] It was developed by Christian Reitwiessner, Alex Beregszaszi, and several former Ethereum core contributors.^[4] Programs in Solidity run on Ethereum Virtual Machine.

History

Solidity was proposed in August 2014 by Gavin Wood;^[5]^{[non-primary source needed]} the language was later developed by the Ethereum project's Solidity team, led by Christian Reitwiessner.

Solidity is the primary language on Ethereum^[6] as well as on other private blockchains on platforms that compete with Ethereum, such as Monax and its Hyperledger Burrow blockchain, which uses Tendermint for consensus. SWIFT deployed a proof of concept using Solidity running on Burrow.^[2]^{[non-primary source needed]}^[7]^{[unreliable source]}

Description

Solidity is a statically typed programming language designed for developing smart contracts that run on the Ethereum Virtual Machine (EVM).^[8]

Solidity uses ECMAScript-like syntax which makes it familiar for existing web developers;^{[citation needed]} however unlike ECMAScript it has static typing and variadic return types. Solidity is different from other EVM-targeting languages such as Serpent and Mutan in some important ways. It supports complex member variables for contracts, including arbitrarily hierarchical mappings and structs. Solidity contracts support inheritance, including multiple inheritance with C3 linearization. Solidity introduces an application binary interface (ABI) that facilitates multiple type-safe functions within a single contract (this was also later supported by Serpent). The Solidity proposal also includes "Natural Language Specification", a documentation system for specifying user-centric descriptions of the ramifications of method-calls.^[9]^[10]^{[non-primary source needed]}

Example of a Solidity program:^[11]^[12]

// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.4;

contract Coin {
    // The keyword "public" makes variables
    // accessible from other contracts
    address public minter;
    mapping (address => uint) public balances;

    // Events allow clients to react to specific
    // contract changes you declare
    event Sent(address from, address to, uint amount);

    // Constructor code is only run when the contract
    // is created
    constructor() {
        minter = msg.sender;
    }

    // Sends an amount of newly created coins to an address
    // Can only be called by the contract creator
    function mint(address receiver, uint amount) public {
        require(msg.sender == minter);
        balances[receiver] += amount;
    }

    // Errors allow you to provide information about
    // why an operation failed. They are returned
    // to the caller of the function.
    error InsufficientBalance(uint requested, uint available);

    // Sends an amount of existing coins
    // from any caller to an address
    function send(address receiver, uint amount) public {
        if (amount > balances[msg.sender])
            revert InsufficientBalance({
                requested: amount,
                available: balances[msg.sender]
            });

        balances[msg.sender] -= amount;
        balances[receiver] += amount;
        emit Sent(msg.sender, receiver, amount);
    }
}

Development platform availability

ErisDB by AWS^{[citation needed]}
Hardhat
Microsoft Visual Studio^[13]
Microsoft Visual Studio Code^[14]
Tendermint on Microsoft Azure^{[citation needed]}
Remix by Ethereum^{[citation needed]}

Blockchain platforms

Solidity is available on:

Ethereum
Binance Smart Chain^[15]
Ethereum Classic
Avalanche C-Chain
Counterparty (which runs on Bitcoin)^[16]^[17]^{[citation needed]}
Tron
Hedera Hashgraph

Criticism

Many security properties of smart contracts are inherently difficult to reason about directly, and the Turing-completeness of Solidity means that verification of arbitrary properties cannot be decidably automated. Current automated solutions for smart contract security analysis can miss critical violations, produce false positives, and fail to achieve sufficient code coverage on realistic contracts.^[18] Solidity has been blamed for the error-prone implementation of Ethereum smart contracts due to its counterintuitive nature, its lack of constructs to deal with blockchain domain-specific aspects, and its lack of centralized documentation of known vulnerabilities.^[19]

In 2016, a Cornell University researcher stated that Solidity was partially to blame for The DAO hack that took place that year. He stated: "this was actually not a flaw or exploit in the DAO contract itself: technically the Ethereum Virtual Machine (EVM) was operating as intended, but Solidity was introducing security flaws into contracts that were not only missed by the community, but missed by the designers of the language themselves."^[20]

Limitations of Solidity

Unlike programs in traditional programming languages, which can be debugged, in Solidity contracts mistakes cannot be edited or fixed; transactions cannot be reversed. Solidity follows the "Code is Law" mantra, which means any smart contract must be flawlessly coded when it comes into effect.

There have been some hacking cases such as the aforementioned 2016 DAO hack in which US$60 million was stolen, and a 2021 hack that caused a fork in the Ethereum system.

To prevent technical errors and mistakes, Coinbase, the largest cryptocurrency exchange in the US, introduced a new tool named Solidify. This tool is an AI auditing system that detects and classifies smart contract risks.

References

^ Afshar, Vala; Evangelist, ContributorChief Digital; Salesforce (17 July 2017). "Ethereum Is The Second Most Valuable Digital Currency, Behind Bitcoin". HuffPost. Retrieved 10 April 2019. {{cite web}}: |first2= has generic name (help)
^ ^a ^b "SOFE Berlin: Swift unveils blockchain proof-of-concept". Finextra (News). 24 November 2016. Retrieved 24 November 2016.
^ Finley, Klint. "Someone Just Stole $50 Million from the Biggest Crowdfunded Project Ever. (Humans Can't Be Trusted)". Wired.
^ "List of contributors". GitHub.
^ Benoit Schweblin. "StackEdit Viewer". stackedit.io.
^ Nikolic, Ivica; Kolluri, Aashish; Sergey, Ilya; Saxena, Prateek; Hobor, Aquinas (14 March 2018). "Finding The Greedy, Prodigal, and Suicidal Contracts at Scale". arXiv:1802.06038 [cs.CR]. Different source languages compile to the EVM semantics, the predominant of them being Solidity
^ KENTOURIS, CHRIS (13 December 2016). "Blockchain's Smart Contracts: What's Smart, What's Not". Finops (News). Retrieved 14 December 2016.
^ "Hyperledger Fabric Tutorial - Create a blockchain app for loyalty points". IBM Developer. Retrieved 10 April 2019.
^ Kapetanios-2008-06-27, p. 309.
^ ethereum. "Ethereum Natural Specification Format". GitHub.
^ "Subcurrency Example from the Solidity documentation".
^ Schneier, Karthikeyan; Schneier, Antoine; Bhargavan, Cedric; Delignat-Lavaud, Anitha; Fournet, Gollamudi; Schneier, Bruce; Rastogi, Nadim; Sibut-Pinote, Aseem; Rastogi1, Thomas; Swamy, Nikhil; Zanella-Beguelin, Santiago (27 August 2016). "Short Paper: Formal Verification of Smart Contracts" (PDF). Microsoft Research, French Institute for Research in Computer Science and Automation, Harvard University. Archived (PDF) from the original on 27 August 2016.{{cite journal}}: CS1 maint: numeric names: authors list (link)
^ Teeter, Cale (1 April 2016). "Solidity Integration with Visual Studio". Medium. Archived from the original on 27 November 2016. Retrieved 10 June 2021.
^ PatAltimore. "Use Visual Studio Code to connect to Azure Blockchain Service - Azure Blockchain". docs.microsoft.com. Retrieved 27 March 2020.
^ "Binance Smart Chain". GitHub. 26 October 2021.{{cite web}}: CS1 maint: url-status (link)
^ Vigna, Michael J. Casey and Paul (12 November 2014). "BitBeat: Bitcoin 2.0 Firm Counterparty Adopts Ethereum's Software". Wall Street Journal. ISSN 0099-9660. Retrieved 16 April 2021.
^ Swan, Melanie (2015). Blockchain : blueprint for a new economy (1st. ed.). [Sebastopol, Calif.] ISBN 978-1-4919-2047-3. OCLC 900781291.{{cite book}}: CS1 maint: location missing publisher (link)
^ Tsankov, Petar; Dan, Andrei; Drachsler-Cohen, Dana; Gervais, Arthur; Bünzli, Florian; Vechev, Martin (15 October 2018). "Securify: Practical Security Analysis of Smart Contracts" (PDF). Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery: 67–82. arXiv:1806.01143. doi:10.1145/3243734.3243780. hdl:10044/1/87935. S2CID 46936025.
^ Atzei, Nicola; Bartoletti, M.; Cimoli, Tiziana (2017). "A Survey of Attacks on Ethereum Smart Contracts (SoK)". POST. Lecture Notes in Computer Science. 10204: 164–186. doi:10.1007/978-3-662-54455-6_8. ISBN 978-3-662-54454-9. S2CID 15494854.
^ Finley, Klint (18 June 2016). "A $50 Million Hack Just Showed That the DAO Was All Too Human". Wired (News). Retrieved 18 February 2017.

[1] Afshar, Vala; Evangelist, ContributorChief Digital; Salesforce (17 July 2017). "Ethereum Is The Second Most Valuable Digital Currency, Behind Bitcoin". HuffPost. Retrieved 10 April 2019. {{cite web}}: |first2= has generic name (help)

[finextra24Nov2016-2] "SOFE Berlin: Swift unveils blockchain proof-of-concept". Finextra (News). 24 November 2016. Retrieved 24 November 2016.

[3] Finley, Klint. "Someone Just Stole $50 Million from the Biggest Crowdfunded Project Ever. (Humans Can't Be Trusted)". Wired.

[4] "List of contributors". GitHub.

[5] Benoit Schweblin. "StackEdit Viewer". stackedit.io.

[6] Nikolic, Ivica; Kolluri, Aashish; Sergey, Ilya; Saxena, Prateek; Hobor, Aquinas (14 March 2018). "Finding The Greedy, Prodigal, and Suicidal Contracts at Scale". arXiv:1802.06038 [cs.CR]. Different source languages compile to the EVM semantics, the predominant of them being Solidity

[finops-7] KENTOURIS, CHRIS (13 December 2016). "Blockchain's Smart Contracts: What's Smart, What's Not". Finops (News). Retrieved 14 December 2016.

[8] "Hyperledger Fabric Tutorial - Create a blockchain app for loyalty points". IBM Developer. Retrieved 10 April 2019.

[FOOTNOTEKapetanios-2008-06-27309-9] Kapetanios-2008-06-27, p. 309.

[10] thereum. "Ethereum Natural Specification Format". GitHub.

[11] "Subcurrency Example from the Solidity documentation".

[Bhargavan-2016-08-27-12] Schneier, Karthikeyan; Schneier, Antoine; Bhargavan, Cedric; Delignat-Lavaud, Anitha; Fournet, Gollamudi; Schneier, Bruce; Rastogi, Nadim; Sibut-Pinote, Aseem; Rastogi1, Thomas; Swamy, Nikhil; Zanella-Beguelin, Santiago (27 August 2016). "Short Paper: Formal Verification of Smart Contracts" (PDF). Microsoft Research, French Institute for Research in Computer Science and Automation, Harvard University. Archived (PDF) from the original on 27 August 2016.{{cite journal}}: CS1 maint: numeric names: authors list (link)

[13] Teeter, Cale (1 April 2016). "Solidity Integration with Visual Studio". Medium. Archived from the original on 27 November 2016. Retrieved 10 June 2021.

[14] PatAltimore. "Use Visual Studio Code to connect to Azure Blockchain Service - Azure Blockchain". docs.microsoft.com. Retrieved 27 March 2020.

[15] "Binance Smart Chain". GitHub. 26 October 2021.{{cite web}}: CS1 maint: url-status (link)

[16] Vigna, Michael J. Casey and Paul (12 November 2014). "BitBeat: Bitcoin 2.0 Firm Counterparty Adopts Ethereum's Software". Wall Street Journal. ISSN 0099-9660. Retrieved 16 April 2021.

[17] Swan, Melanie (2015). Blockchain : blueprint for a new economy (1st. ed.). [Sebastopol, Calif.] ISBN 978-1-4919-2047-3. OCLC 900781291.{{cite book}}: CS1 maint: location missing publisher (link)

[18] Tsankov, Petar; Dan, Andrei; Drachsler-Cohen, Dana; Gervais, Arthur; Bünzli, Florian; Vechev, Martin (15 October 2018). "Securify: Practical Security Analysis of Smart Contracts" (PDF). Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery: 67–82. arXiv:1806.01143. doi:10.1145/3243734.3243780. hdl:10044/1/87935. S2CID 46936025.

[19] Atzei, Nicola; Bartoletti, M.; Cimoli, Tiziana (2017). "A Survey of Attacks on Ethereum Smart Contracts (SoK)". POST. Lecture Notes in Computer Science. 10204: 164–186. doi:10.1007/978-3-662-54455-6_8. ISBN 978-3-662-54454-9. S2CID 15494854.

[wiredjune18th2016-20] Finley, Klint (18 June 2016). "A $50 Million Hack Just Showed That the DAO Was All Too Human". Wired (News). Retrieved 18 February 2017.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

@@ Line 111: / Line 111: @@
 There have been some hacking cases such as the aforementioned 2016 DAO hack in which {{Currency|60|US}} million was stolen, and a 2021 hack that caused a fork in the Ethereum system.
 To prevent technical errors and mistakes, Coinbase, the largest cryptocurrency exchange in the US, introduced a new tool named Solidify. This tool is an AI auditing system that detects and classifies smart contract risks.
-Solidity is familiar to any programmer who has a basic familiarity with C++, Java, JS, and Python. It might take between one and six months to learn Solidity{{fact|date=March 2022}}.
 ==References==