From a0d6ac63cca61e2916bbe74e2575d3fd48395467 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 15 Mar 2017 22:58:14 +0000 Subject: Replace references to browser-solidity with Remix --- docs/frequently-asked-questions.rst | 2 +- docs/index.rst | 8 ++++---- docs/installing-solidity.rst | 8 ++++---- docs/layout-of-source-files.rst | 4 ++-- docs/security-considerations.rst | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) (limited to 'docs') diff --git a/docs/frequently-asked-questions.rst b/docs/frequently-asked-questions.rst index 8a68ae5b..639eb83e 100644 --- a/docs/frequently-asked-questions.rst +++ b/docs/frequently-asked-questions.rst @@ -68,7 +68,7 @@ creator. Save it. Then ``selfdestruct(creator);`` to kill and return funds. Note that if you ``import "mortal"`` at the top of your contracts and declare ``contract SomeContract is mortal { ...`` and compile with a compiler that already -has it (which includes `browser-solidity `_), then +has it (which includes `Remix `_), then ``kill()`` is taken care of for you. Once a contract is "mortal", then you can ``contractname.kill.sendTransaction({from:eth.coinbase})``, just the same as my examples. diff --git a/docs/index.rst b/docs/index.rst index fc1a4231..8fd30b16 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -11,8 +11,8 @@ As you will see, it is possible to create contracts for voting, crowdfunding, blind auctions, multi-signature wallets and more. .. note:: - The best way to try out Solidity right now is using the - `Browser-Based Compiler `_ + The best way to try out Solidity right now is using + `Remix `_ (it can take a while to load, please be patient). Useful links @@ -33,7 +33,7 @@ Useful links Available Solidity Integrations ------------------------------- -* `Browser-Based Compiler `_ +* `Remix `_ Browser-based IDE with integrated compiler and Solidity runtime environment without server-side components. * `Ethereum Studio `_ @@ -109,7 +109,7 @@ and the :ref:`Ethereum Virtual Machine `. The next section will explain several *features* of Solidity by giving useful :ref:`example contracts ` Remember that you can always try out the contracts -`in your browser `_! +`in your browser `_! The last and most extensive section will cover all aspects of Solidity in depth. diff --git a/docs/installing-solidity.rst b/docs/installing-solidity.rst index fb405475..a3e72c5a 100644 --- a/docs/installing-solidity.rst +++ b/docs/installing-solidity.rst @@ -15,11 +15,11 @@ are not guaranteed to be working and despite best efforts they might contain und and/or broken changes. We recommend using the latest release. Package installers below will use the latest release. -Browser-Solidity -================ +Remix +===== If you just want to try Solidity for small contracts, you -can try `browser-solidity `_ +can try `Remix `_ which does not need any installation. If you want to use it without connection to the Internet, you can go to https://github.com/ethereum/browser-solidity/tree/gh-pages and @@ -31,7 +31,7 @@ npm / Node.js This is probably the most portable and most convenient way to install Solidity locally. A platform-independent JavaScript library is provided by compiling the C++ source -into JavaScript using Emscripten. It can be used in projects directly (such as Browser-Solidity). +into JavaScript using Emscripten. It can be used in projects directly (such as Remix). Please refer to the `solc-js `_ repository for instructions. It also contains a commandline tool called `solcjs`, which can be installed via npm: diff --git a/docs/layout-of-source-files.rst b/docs/layout-of-source-files.rst index 1e27b7c0..154cd2dc 100644 --- a/docs/layout-of-source-files.rst +++ b/docs/layout-of-source-files.rst @@ -151,9 +151,9 @@ remapping ``=/``. If there are multiple remappings that lead to a valid file, the remapping with the longest common prefix is chosen. -**browser-solidity**: +**Remix**: -The `browser-based compiler `_ +`Remix `_ provides an automatic remapping for github and will also automatically retrieve the file over the network: You can import the iterable mapping by e.g. diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 77e1bf08..7c3f87ee 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -117,7 +117,7 @@ Sending and Receiving Ether During the execution of the fallback function, the contract can only rely on the "gas stipend" (2300 gas) being available to it at that time. This stipend is not enough to access storage in any way. To be sure that your contract can receive Ether in that way, check the gas requirements of the fallback function - (for example in the "details" section in browser-solidity). + (for example in the "details" section in Remix). - There is a way to forward more gas to the receiving contract using ``addr.call.value(x)()``. This is essentially the same as ``addr.send(x)``, -- cgit v1.2.3 From 2d8b0fdc39eb8ddaa840fb1ecd478ad7869cb769 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 15 Mar 2017 23:41:02 +0000 Subject: Fix inconsistent use of single backticks --- docs/style-guide.rst | 2 +- docs/types.rst | 4 ++-- docs/units-and-global-variables.rst | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/style-guide.rst b/docs/style-guide.rst index 9aae3d7b..0742d2e9 100644 --- a/docs/style-guide.rst +++ b/docs/style-guide.rst @@ -164,7 +164,7 @@ Functions should be grouped according to their visibility and ordered: - internal - private -Within a grouping, place the `constant` functions last. +Within a grouping, place the ``constant`` functions last. Yes:: diff --git a/docs/types.rst b/docs/types.rst index 243a9a0c..6379f01c 100644 --- a/docs/types.rst +++ b/docs/types.rst @@ -232,7 +232,7 @@ a non-rational number). Integer literals and rational number literals belong to number literal types. Moreover, all number literal expressions (i.e. the expressions that contain only number literals and operators) belong to number literal - types. So the number literal expressions `1 + 2` and `2 + 1` both + types. So the number literal expressions ``1 + 2`` and ``2 + 1`` both belong to the same number literal type for the rational number three. .. note:: @@ -261,7 +261,7 @@ a non-rational number). String Literals --------------- -String literals are written with either double or single-quotes (``"foo"`` or ``'bar'``). They do not imply trailing zeroes as in C; `"foo"`` represents three bytes not four. As with integer literals, their type can vary, but they are implicitly convertible to ``bytes1``, ..., ``bytes32``, if they fit, to ``bytes`` and to ``string``. +String literals are written with either double or single-quotes (``"foo"`` or ``'bar'``). They do not imply trailing zeroes as in C; ``"foo"`` represents three bytes not four. As with integer literals, their type can vary, but they are implicitly convertible to ``bytes1``, ..., ``bytes32``, if they fit, to ``bytes`` and to ``string``. String literals support escape characters, such as ``\n``, ``\xNN`` and ``\uNNNN``. ``\xNN`` takes a hex value and inserts the appropriate byte, while ``\uNNNN`` takes a Unicode codepoint and inserts an UTF-8 sequence. diff --git a/docs/units-and-global-variables.rst b/docs/units-and-global-variables.rst index 49fe5d84..e4f0ea43 100644 --- a/docs/units-and-global-variables.rst +++ b/docs/units-and-global-variables.rst @@ -93,7 +93,7 @@ Mathematical and Cryptographic Functions ``keccak256(...) returns (bytes32)``: compute the Ethereum-SHA-3 (Keccak-256) hash of the (tightly packed) arguments ``sha3(...) returns (bytes32)``: - alias to `keccak256()` + alias to ``keccak256()`` ``sha256(...) returns (bytes32)``: compute the SHA-256 hash of the (tightly packed) arguments ``ripemd160(...) returns (bytes20)``: -- cgit v1.2.3 From 4c34adb799c4a4e6685e1ded414053604aa9a1d1 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Thu, 16 Mar 2017 00:42:42 +0000 Subject: Add link to version pragma --- docs/installing-solidity.rst | 2 +- docs/layout-of-source-files.rst | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/installing-solidity.rst b/docs/installing-solidity.rst index fb405475..e4808801 100644 --- a/docs/installing-solidity.rst +++ b/docs/installing-solidity.rst @@ -280,4 +280,4 @@ Example: 3. a breaking change is introduced - version is bumped to 0.5.0 4. the 0.5.0 release is made -This behaviour works well with the version pragma. +This behaviour works well with the :ref:`version pragma `. diff --git a/docs/layout-of-source-files.rst b/docs/layout-of-source-files.rst index 1e27b7c0..32b806ca 100644 --- a/docs/layout-of-source-files.rst +++ b/docs/layout-of-source-files.rst @@ -7,6 +7,8 @@ and pragma directives. .. index:: ! pragma, version +.. _version_pragma: + Version Pragma ============== -- cgit v1.2.3 From 42f2623cd3650437860604b7bb7117037416e1bb Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Thu, 16 Mar 2017 00:43:25 +0000 Subject: Fix list indentation --- docs/control-structures.rst | 3 ++- docs/index.rst | 2 +- docs/installing-solidity.rst | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/control-structures.rst b/docs/control-structures.rst index 25bf203b..a3af41dd 100644 --- a/docs/control-structures.rst +++ b/docs/control-structures.rst @@ -399,6 +399,7 @@ Currently, Solidity automatically generates a runtime exception in the following #. If you call ``assert`` with an argument that evaluates to false. While a user-provided exception is generated in the following situations: + #. Calling ``throw``. #. Calling ``require`` with an argument that evaluates to ``false``. @@ -411,4 +412,4 @@ did not occur. Because we want to retain the atomicity of transactions, the safe If contracts are written so that ``assert`` is only used to test internal conditions and ``require`` is used in case of malformed input, a formal analysis tool that verifies that the invalid -opcode can never be reached can be used to check for the absence of errors assuming valid inputs. \ No newline at end of file +opcode can never be reached can be used to check for the absence of errors assuming valid inputs. diff --git a/docs/index.rst b/docs/index.rst index fc1a4231..30f71afe 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -2,7 +2,7 @@ Solidity ======== Solidity is a contract-oriented, high-level language whose syntax is similar to that of JavaScript -and it is designed to target the Ethereum Virtual Machine. +and it is designed to target the Ethereum Virtual Machine (EVM). Solidity is statically typed, supports inheritance, libraries and complex user-defined types among other features. diff --git a/docs/installing-solidity.rst b/docs/installing-solidity.rst index e4808801..1e63f5dd 100644 --- a/docs/installing-solidity.rst +++ b/docs/installing-solidity.rst @@ -250,6 +250,7 @@ The version string in detail ============================ The Solidity version string contains four parts: + - the version number - pre-release tag, usually set to ``develop.YYYY.MM.DD`` or ``nightly.YYYY.MM.DD`` - commit in the format of ``commit.GITHASH`` -- cgit v1.2.3 From 18a37ed799e36c1112deb0122fea1b72e17e21e5 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 15 Mar 2017 23:33:26 +0000 Subject: Document all address methods in the global variables section --- docs/units-and-global-variables.rst | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/units-and-global-variables.rst b/docs/units-and-global-variables.rst index 49fe5d84..b46529f3 100644 --- a/docs/units-and-global-variables.rst +++ b/docs/units-and-global-variables.rst @@ -128,17 +128,23 @@ Address Related ``
.balance`` (``uint256``): balance of the :ref:`address` in Wei -``
.send(uint256 amount) returns (bool)``: - send given amount of Wei to :ref:`address`, returns ``false`` on failure ``
.transfer(uint256 amount)``: send given amount of Wei to :ref:`address`, throws on failure +``
.send(uint256 amount) returns (bool)``: + send given amount of Wei to :ref:`address`, returns ``false`` on failure +``
.call(...) returns (bool)``: + issue low-level ``CALL``, returns ``false`` on failure +``
.callcode(...) returns (bool)``: + issue low-level ``CALLCODE``, returns ``false`` on failure +``
.delegatecall(...) returns (bool)``: + issue low-level ``DELEGATECALL``, returns ``false`` on failure For more information, see the section on :ref:`address`. .. warning:: There are some dangers in using ``send``: The transfer fails if the call stack depth is at 1024 (this can always be forced by the caller) and it also fails if the recipient runs out of gas. So in order - to make safe Ether transfers, always check the return value of ``send`` or even better: + to make safe Ether transfers, always check the return value of ``send``, use ``transfer`` or even better: Use a pattern where the recipient withdraws the money. .. index:: this, selfdestruct -- cgit v1.2.3 From b053b6164e3104413cd0d4ce301f56a0914757cc Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Thu, 16 Mar 2017 11:20:39 +0000 Subject: Fix typo (recieve to receive) --- docs/common-patterns.rst | 2 +- docs/contracts.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/common-patterns.rst b/docs/common-patterns.rst index a2d7ce71..5fa84242 100644 --- a/docs/common-patterns.rst +++ b/docs/common-patterns.rst @@ -23,7 +23,7 @@ contract in order to become the "richest", inspired by `King of the Ether `_. In the following contract, if you are usurped as the richest, -you will recieve the funds of the person who has gone on to +you will receive the funds of the person who has gone on to become the new richest. :: diff --git a/docs/contracts.rst b/docs/contracts.rst index 9145f016..2ee04675 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -1101,7 +1101,7 @@ Restrictions for libraries in comparison to contracts: - No state variables - Cannot inherit nor be inherited -- Cannot recieve Ether +- Cannot receive Ether (These might be lifted at a later point.) -- cgit v1.2.3 From 6ece0d6c2f689de2dc82a31cea8625f168346b44 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 15 Mar 2017 23:50:58 +0000 Subject: Document the .value() and .gas() modifiers --- docs/control-structures.rst | 6 +++--- docs/types.rst | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/control-structures.rst b/docs/control-structures.rst index a3af41dd..b1e16644 100644 --- a/docs/control-structures.rst +++ b/docs/control-structures.rst @@ -113,8 +113,8 @@ actual contract has not been created yet. Functions of other contracts have to be called externally. For an external call, all function arguments have to be copied to memory. -When calling functions -of other contracts, the amount of Wei sent with the call and the gas can be specified:: +When calling functions of other contracts, the amount of Wei sent with the call and +the gas can be specified with special options ``.value()`` and ``.gas()``, respectively:: contract InfoFeed { function info() payable returns (uint ret) { return 42; } @@ -235,7 +235,7 @@ creation-dependencies are not possible. } } -As seen in the example, it is possible to forward Ether to the creation, +As seen in the example, it is possible to forward Ether to the creation using the ``.value()`` option, but it is not possible to limit the amount of gas. If the creation fails (due to out-of-stack, not enough balance or other problems), an exception is thrown. diff --git a/docs/types.rst b/docs/types.rst index 6379f01c..60235ad2 100644 --- a/docs/types.rst +++ b/docs/types.rst @@ -123,6 +123,8 @@ In a similar way, the function ``delegatecall`` can be used: The difference is t All three functions ``call``, ``delegatecall`` and ``callcode`` are very low-level functions and should only be used as a *last resort* as they break the type-safety of Solidity. +The ``.gas()`` option is available on all three methods, while the ``.value()`` option is not supported for ``delegatecall``. + .. note:: All contracts inherit the members of address, so it is possible to query the balance of the current contract using ``this.balance``. -- cgit v1.2.3 From 17443f458a311def7131dcaef00195dff3778da1 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Thu, 16 Mar 2017 11:08:21 +0000 Subject: Explain that .value() is only available if contract function is marked payable --- docs/control-structures.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/control-structures.rst b/docs/control-structures.rst index b1e16644..a2d34274 100644 --- a/docs/control-structures.rst +++ b/docs/control-structures.rst @@ -127,8 +127,8 @@ the gas can be specified with special options ``.value()`` and ``.gas()``, respe function callFeed() { feed.info.value(10).gas(800)(); } } -The modifier ``payable`` has to be used for ``info``, because otherwise, -we would not be able to send Ether to it in the call ``feed.info.value(10).gas(800)()``. +The modifier ``payable`` has to be used for ``info``, because otherwise, the `.value()` +option would not be available. Note that the expression ``InfoFeed(addr)`` performs an explicit type conversion stating that "we know that the type of the contract at the given address is ``InfoFeed``" and -- cgit v1.2.3 From 3f1468142badd2717596a4cd78f6f347b78010d7 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Sun, 12 Feb 2017 15:21:32 +0000 Subject: Document interfaces --- docs/contracts.rst | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'docs') diff --git a/docs/contracts.rst b/docs/contracts.rst index 2ee04675..33627b92 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -922,6 +922,33 @@ Such contracts cannot be compiled (even if they contain implemented functions al If a contract inherits from an abstract contract and does not implement all non-implemented functions by overriding, it will itself be abstract. +.. index:: ! contract;interface, ! interface contract + +********** +Interfaces +********** + +Interfaces are similar to abstract contracts, but they cannot have any functions implemented. There are further restrictions: + +#. Cannot inherit other contracts or interfaces. +#. Cannot define variables. +#. Cannot define structs. + +Some of these restrictions might be lifted in the future. + +Interfaces are basically limited to what the Contract ABI can represent and the conversion between the ABI and +an Interface should be possible without any information loss. + +Interfaces are denoted by their own keyword: + +:: + + interface Token { + function transfer(address recipient, uint amount); + } + +Contracts can inherit interfaces as they would inherit other contracts. + .. index:: ! library, callcode, delegatecall .. _libraries: -- cgit v1.2.3 From 2c4bce2d62dc8bfc752858db12c625aec6e5960f Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 15 Mar 2017 22:12:31 +0000 Subject: Disallow enums in interfaces --- docs/contracts.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/contracts.rst b/docs/contracts.rst index 33627b92..921d2870 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -933,6 +933,7 @@ Interfaces are similar to abstract contracts, but they cannot have any functions #. Cannot inherit other contracts or interfaces. #. Cannot define variables. #. Cannot define structs. +#. Cannot define enums. Some of these restrictions might be lifted in the future. -- cgit v1.2.3 From d5102c1db7cd2334e127ff684a6ecdd6aff156c6 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Fri, 17 Mar 2017 16:37:02 +0000 Subject: Disallow constructor in interfaces --- docs/contracts.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/contracts.rst b/docs/contracts.rst index 921d2870..28c003bd 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -931,6 +931,7 @@ Interfaces Interfaces are similar to abstract contracts, but they cannot have any functions implemented. There are further restrictions: #. Cannot inherit other contracts or interfaces. +#. Cannot define constructor. #. Cannot define variables. #. Cannot define structs. #. Cannot define enums. -- cgit v1.2.3 From 602ad1e60589afea65bbd33ff68605610aa88901 Mon Sep 17 00:00:00 2001 From: Abraham Sangha Date: Wed, 22 Mar 2017 12:57:42 -0600 Subject: small fixes --- docs/introduction-to-smart-contracts.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/introduction-to-smart-contracts.rst b/docs/introduction-to-smart-contracts.rst index f02447cf..9001a08c 100644 --- a/docs/introduction-to-smart-contracts.rst +++ b/docs/introduction-to-smart-contracts.rst @@ -146,7 +146,7 @@ single account. The line ``event Sent(address from, address to, uint amount);`` declares a so-called "event" which is fired in the last line of the function -``send``. User interfaces (as well as server appliances of course) can +``send``. User interfaces (as well as server applications of course) can listen for those events being fired on the blockchain without much cost. As soon as it is fired, the listener will also receive the arguments ``from``, ``to`` and ``amount``, which makes it easy to track @@ -161,7 +161,7 @@ transactions. In order to listen for this event, you would use :: "Sender: " + Coin.balances.call(result.args.from) + "Receiver: " + Coin.balances.call(result.args.to)); } - } + }) Note how the automatically generated function ``balances`` is called from the user interface. -- cgit v1.2.3 From ca3ceb4de21892e361657eb546fca0eb7b1aa4e6 Mon Sep 17 00:00:00 2001 From: Matt Searle Date: Mon, 27 Mar 2017 17:19:08 +1300 Subject: Fix typo --- docs/contracts.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/contracts.rst b/docs/contracts.rst index 28c003bd..9e35be84 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -436,7 +436,7 @@ execution data (``msg.gas``) or make calls to external contracts are disallowed. that might have a side-effect on memory allocation are allowed, but those that might have a side-effect on other memory objects are not. The built-in functions ``keccak256``, ``sha256``, ``ripemd160``, ``ecrecover``, ``addmod`` and ``mulmod`` -are allowed (ever though they do call external contracts). +are allowed (even though they do call external contracts). The reason behind allowing side-effects on the memory allocator is that it should be possible to construct complex objects like e.g. lookup-tables. -- cgit v1.2.3 From 3d302944823f76550c59d82aaf928b550b579199 Mon Sep 17 00:00:00 2001 From: Matt Searle Date: Tue, 28 Mar 2017 21:18:35 +1300 Subject: Fix typo in documentation Spelling mistake --- docs/assembly.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/assembly.rst b/docs/assembly.rst index 415bb1a1..30f7fc01 100644 --- a/docs/assembly.rst +++ b/docs/assembly.rst @@ -11,7 +11,7 @@ differs from standalone assembly and then specify assembly itself. TODO: Write about how scoping rules of inline assembly are a bit different and the complications that arise when for example using internal functions -of libraries. Furhermore, write about the symbols defined by the compiler. +of libraries. Furthermore, write about the symbols defined by the compiler. Inline Assembly =============== -- cgit v1.2.3 From 917175eedcd4a397cbac4c29eb8a45042a9cc10d Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 29 Mar 2017 22:21:33 +0100 Subject: Move opcodes into bytecode/deployedBytecode --- docs/using-the-compiler.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 08f18132..3b530a29 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -210,6 +210,8 @@ Output Description bytecode: { // The bytecode as a hex string. object: "00fe", + // Opcodes list (string) + opcodes: "", // The source mapping as a string. See the source mapping definition. sourceMap: "", // If given, this is an unlinked object. @@ -222,11 +224,9 @@ Output Description ] } } - } + }, // The same layout as above. deployedBytecode: { }, - // Opcodes list (string) - opcodes: "", // The list of function hashes methodIdentifiers: { "5c19a95c": "delegate(address)", -- cgit v1.2.3 From f6828fc7c3d5543837436f932a79ea9c21cf78e0 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 29 Mar 2017 22:23:35 +0100 Subject: Reorder for readiability --- docs/using-the-compiler.rst | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 3b530a29..c0602d5f 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -199,6 +199,13 @@ Output Description // The Ethereum Contract ABI. If empty, it is represented as an empty array. // See https://github.com/ethereum/wiki/wiki/Ethereum-Contract-ABI abi: [], + // See the Metadata Output documentation + metadata: {}, + // User documentation (natspec) + userdoc: {}, + // Developer documentation (natspec) + devdoc: {}, + // EVM-related outputs evm: { // Intermediate representation (string) ir: "", @@ -246,18 +253,13 @@ Output Description } } }, - // See the Metadata Output documentation - metadata: {}, + // eWASM related outputs ewasm: { // S-expressions format wast: "", // Binary format (hex string) wasm: "" - }, - // User documentation (natspec) - userdoc: {}, - // Developer documentation (natspec) - devdoc: {} + } } } }, -- cgit v1.2.3 From ded7258b01ce015b421a6c29d323adfd0d1b0da9 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 29 Mar 2017 22:25:05 +0100 Subject: Swap key/value of methodIdentifiers --- docs/using-the-compiler.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index c0602d5f..f5595929 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -236,7 +236,7 @@ Output Description deployedBytecode: { }, // The list of function hashes methodIdentifiers: { - "5c19a95c": "delegate(address)", + "delegate(address)": "5c19a95c" }, // Function gas estimates gasEstimates: { -- cgit v1.2.3 From b7368ce067f0e8fe027aabde2b4399de643d7096 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 29 Mar 2017 22:30:00 +0100 Subject: Fix input selector for evm --- docs/using-the-compiler.rst | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index f5595929..924265ad 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -127,12 +127,14 @@ Input Description // evm.ir - New assembly format before desugaring // evm.assembly - New assembly format after desugaring // evm.legacyAssemblyJSON - Old-style assembly format in JSON - // evm.opcodes - Opcodes list + // evm.bytecode - All the evm.bytecode features from below + // evm.bytecode.object - Bytecode object + // evm.bytecode.opcodes - Opcodes list + // evm.bytecode.sourceMap - Source mapping (useful for debugging) + // evm.bytecode.linkReferences - Link references (if unlinked object) + // evm.deployedBytecode* - Deployed bytecode (has the same options as evm.bytecode) // evm.methodIdentifiers - The list of function hashes // evm.gasEstimates - Function gas estimates - // evm.bytecode - Bytecode - // evm.deployedBytecode - Deployed bytecode - // evm.sourceMap - Source mapping (useful for debugging) // ewasm.wast - eWASM S-expressions format (not supported atm) // ewasm.wasm - eWASM binary format (not supported atm) outputSelection: { -- cgit v1.2.3 From 594f207606988a8a100799e5dfcfc267de4c7361 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 29 Mar 2017 22:33:14 +0100 Subject: The metadata output is serialised --- docs/using-the-compiler.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 924265ad..f31ca329 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -201,8 +201,8 @@ Output Description // The Ethereum Contract ABI. If empty, it is represented as an empty array. // See https://github.com/ethereum/wiki/wiki/Ethereum-Contract-ABI abi: [], - // See the Metadata Output documentation - metadata: {}, + // See the Metadata Output documentation (serialised JSON string) + metadata: "{...}", // User documentation (natspec) userdoc: {}, // Developer documentation (natspec) -- cgit v1.2.3 From b62a6949b58a2682af05e19deea7424e7e18b9d5 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Fri, 7 Apr 2017 14:48:35 +0100 Subject: Move the IR out of the EVM block in JSON IO --- docs/using-the-compiler.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index f31ca329..ab7761ec 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -124,7 +124,7 @@ Input Description // devdoc - Developer documentation (natspec) // userdoc - User documentation (natspec) // metadata - Metadata - // evm.ir - New assembly format before desugaring + // ir - New assembly format before desugaring // evm.assembly - New assembly format after desugaring // evm.legacyAssemblyJSON - Old-style assembly format in JSON // evm.bytecode - All the evm.bytecode features from below @@ -207,10 +207,10 @@ Output Description userdoc: {}, // Developer documentation (natspec) devdoc: {}, + // Intermediate representation (string) + ir: "", // EVM-related outputs evm: { - // Intermediate representation (string) - ir: "", // Assembly (string) assembly: "", // Old-style assembly (string) -- cgit v1.2.3 From fea26bc4ba60200219884ed6fe0a77dc8036eaeb Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Fri, 7 Apr 2017 14:59:13 +0100 Subject: Rename legacyAssemblyJSON to legacyAssembly --- docs/using-the-compiler.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index ab7761ec..9f3ac3cc 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -126,7 +126,7 @@ Input Description // metadata - Metadata // ir - New assembly format before desugaring // evm.assembly - New assembly format after desugaring - // evm.legacyAssemblyJSON - Old-style assembly format in JSON + // evm.legacyAssembly - Old-style assembly format in JSON // evm.bytecode - All the evm.bytecode features from below // evm.bytecode.object - Bytecode object // evm.bytecode.opcodes - Opcodes list @@ -213,8 +213,8 @@ Output Description evm: { // Assembly (string) assembly: "", - // Old-style assembly (string) - legacyAssemblyJSON: [], + // Old-style assembly (object) + legacyAssembly: [], // Bytecode and related details. bytecode: { // The bytecode as a hex string. -- cgit v1.2.3 From c22ba034176f2de703de4ead984aa5b45864a14c Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Fri, 7 Apr 2017 15:34:38 +0100 Subject: Support selecting group of outputs --- docs/using-the-compiler.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 9f3ac3cc..3b71e492 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -127,7 +127,6 @@ Input Description // ir - New assembly format before desugaring // evm.assembly - New assembly format after desugaring // evm.legacyAssembly - Old-style assembly format in JSON - // evm.bytecode - All the evm.bytecode features from below // evm.bytecode.object - Bytecode object // evm.bytecode.opcodes - Opcodes list // evm.bytecode.sourceMap - Source mapping (useful for debugging) @@ -137,6 +136,10 @@ Input Description // evm.gasEstimates - Function gas estimates // ewasm.wast - eWASM S-expressions format (not supported atm) // ewasm.wasm - eWASM binary format (not supported atm) + // + // Note that using a using `evm`, `evm.bytecode`, `ewasm`, etc. will select every + // target part of that output. + // outputSelection: { // Enable the metadata and bytecode outputs of every single contract. "*": { -- cgit v1.2.3 From 92fd66e4b442cf53a6614f015d4f45aa9b8aa10b Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Fri, 7 Apr 2017 15:37:11 +0100 Subject: Document formattedMessage --- docs/using-the-compiler.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 3b71e492..e1c63265 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -185,6 +185,8 @@ Output Description severity: "error", // Mandatory message: "Invalid keyword" + // Optional: the message formatted with source location + formattedMessage: "sourceFile.sol:100: Invalid keyword" } ], // This contains the file-level outputs. In can be limited/filtered by the outputSelection settings. -- cgit v1.2.3 From 291ece2bdb57481311571b282d69b1707f7e7236 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 12 Apr 2017 12:23:34 +0200 Subject: List of known bugs. --- docs/bugs.json | 92 ++++++++++++++++++++++++++++++++++++++++ docs/bugs.rst | 41 ++++++++++++++++++ docs/index.rst | 1 + docs/security-considerations.rst | 5 ++- 4 files changed, 138 insertions(+), 1 deletion(-) create mode 100644 docs/bugs.json create mode 100644 docs/bugs.rst (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json new file mode 100644 index 00000000..d50cf597 --- /dev/null +++ b/docs/bugs.json @@ -0,0 +1,92 @@ +[ + { + "name": "IdentityPrecompileReturnIgnored", + "summary": "Failure of the identity precompile was ignored.", + "description": "Calls to the identity contract, which is used for copying memory, ignored its return value. On the public chain, calls to the identity precompile can be made in a way that they never fail, but this might be different on private chains.", + "severity": "low", + "fixed": "0.4.7" + }, + { + "name": "StateKnowledgeNotResetForJumpdest", + "summary": "The optimizer did not properly reset its internal state at jump destinations, which could lead to data corruption.", + "description": "The optimizer performs symbolic execution at certain stages. At jump destinations, multiple code paths join and thus it has to compute a common state from the incoming edges. Computing this common state was simplified to just use the empty state, but this implementation was not done properly. This bug can cause data corruption.", + "severity": "medium", + "introduced": "0.4.5", + "fixed": "0.4.6", + "conditions": { + "optimizer": true + } + }, + { + "name": "HighOrderByteCleanStorage", + "summary": "For short types, the high order bytes were not cleaned properly and could overwrite existing data.", + "description": "Types shorter than 32 bytes are packed together into the same 32 byte storage slot, but storage writes always write 32 bytes. For some types, the higher order bytes were not cleaned properly, which made it sometimes possible to overwrite a variable in storage when writing to another one.", + "link": "https://blog.ethereum.org/2016/11/01/security-alert-solidity-variables-can-overwritten-storage/", + "severity": "high", + "introduced": "0.1.6", + "fixed": "0.4.4" + }, + { + "name": "StaleKnowledegAboutSHA3", + "summary": "The optimizer did not properly reset its knowledge about SHA3 operations resulting in some hashes (also used for storage variable positions) not being calculated correctly.", + "description": "The optimizer performs symbolic execution in order to save re-evaluating expressions whose value is already known. This knowledge was not properly reset across control flow paths and thus the optimizer sometimes thought that the result of a SHA3 operation is already present on the stack. This could result in data corruption by accessing the wrong storage slot.", + "severity": "low/medium", + "fixed": "0.4.3", + "conditions": { + "optimizer": true + } + }, + { + "name": "LibrariesNotCallableFromPayableFunctions", + "summary": "Library functions threw an exception when called from a call that received Ether.", + "description": "Library functions are protected against sending them Ether through a call. Since the DELEGATECALL opcode forwards the information about how much Ether was sent with a call, the library function incorrectly assumed that Ether was sent to the library and threw an exception.", + "severity": "low", + "introduced": "0.4.0", + "fixed": "0.4.2" + }, + { + "name": "SendFailsForZeroEther", + "summary": "The send function did not provide enough gas to the recipient if no Ether was sent with it.", + "description": "The recipient of an Ether transfer automatically receives a certain amount of gas from the EVM to handle the transfer. In the case of a zero-transfer, this gas is not provided which causes the recipient to throw an exception.", + "severity": "low", + "fixed": "0.4.0" + }, + { + "name": "DynamicAllocationInfiniteLoop", + "summary": "Dynamic allocation of an empty memory array caused an infinite loop and thus an exception.", + "description": "Memory arrays can be created provided a length. If this length is zero, code was generated that did not terminate and thus consumed all gas.", + "severity": "low", + "fixed": "0.3.6" + }, + { + "name": "ClearStateOnCodePathJoin", + "summary": "The optimizer did not properly reset its internal state at jump destinations, which could lead to data corruption.", + "description": "The optimizer performs symbolic execution at certain stages. At jump destinations, multiple code paths join and thus it has to compute a common state from the incoming edges. Computing this common state was not done correctly. This bug can cause data corruption, but it is probably quite hard to use for targeted attacks.", + "severity": "low", + "fixed": "0.3.6", + "conditions": { + "optimizer": true + } + }, + { + "name": "CleanBytesHigherOrderBits", + "summary": "The higher order bits of short bytesNN types were not cleaned before comparison.", + "description": "Two variables of type bytesNN were considered different if their higher order bits, which are not part of the actual value, were different. An attacker might use this to reach seemingly unreachable code paths by providing incorrectly formatted input data.", + "severity": "medium/high", + "fixed": "0.3.3" + }, + { + "name": "ArrayAccessCleanHigherOrderBits", + "summary": "Access to array elements for arrays of types with less than 32 bytes did not correctly clean the higher order bits, causing corruption in other array elements.", + "description": "Multiple elements of an array of values that are shorter than 17 bytes are packed into the same storage slot. Writing to a single element of such an array did not properly clean the higher order bytes and thus could lead to data corruption.", + "severity": "medium/high", + "fixed": "0.3.1" + }, + { + "name": "AncientCompiler", + "summary": "This compiler version is ancient and might contain several undocumented or undiscovered bugs.", + "description": "The list of bugs is only kept for compiler versions starting from 0.3.0, so older versions might contain undocumented bugs.", + "severity": "high", + "fixed": "0.3.0" + } +] \ No newline at end of file diff --git a/docs/bugs.rst b/docs/bugs.rst new file mode 100644 index 00000000..be7544d0 --- /dev/null +++ b/docs/bugs.rst @@ -0,0 +1,41 @@ +.. index:: Bugs + +.. _known_bugs: + +################## +List of Known Bugs +################## + +Below, you can find a JSON-formatted list of all known security-relevant bugs in the +Solidity compiler. The file itself is hosted in the `Github repository +`_. +The list stretches back as far as version 0.3.0, bugs known to be present only +in previous versions are not listed. The JSON file is an array of objects, one for +each bug, with the following keys: + +name + Unique name given to the bug +summary + Short description of the bug +description + Detailed description of the bug +link + URL of a website with more detailed information, optional +introduced + The first published compiler version that contained the bug, optional +fixed + The first published compiler version that did not contain the bug anymore +publish + The date at which the bug became known publicly, optional +severity + Severity of the bug: low, medium, high. Takes into account + discoverability in contract tests, likelihood of occurrence and + potential damage by exploits. +conditions + Conditions that have to be met to trigger the bug. Currently, this + is an object that can contain a boolean value ``optimizer``, which + means that the optimizer has to be switched on to enable the bug. + If no conditions are given, assume that the bug is present. + +.. literalinclude:: bugs.json + :language: js diff --git a/docs/index.rst b/docs/index.rst index 61cff7ac..c4b7ef48 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -136,5 +136,6 @@ Contents using-the-compiler.rst style-guide.rst common-patterns.rst + bugs.rst contributing.rst frequently-asked-questions.rst diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 7c3f87ee..1afaf051 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -22,7 +22,10 @@ you should be more careful. This section will list some pitfalls and general security recommendations but can, of course, never be complete. Also, keep in mind that even if your smart contract code is bug-free, the compiler or the platform itself might -have a bug. +have a bug. All known security-relevant bugs of the compiler can be found in the +:ref:`list of known bugs`, which is also machine-readable. Note +that there is a bug bounty program that covers the code generator of the +Solidity compiler. As always, with open source documentation, please help us extend this section (especially, some examples would not hurt)! -- cgit v1.2.3 From a7e605a7a1cb3d980e79b95157a0f908bbc7d806 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 12 Apr 2017 15:20:07 +0200 Subject: Create and update bugs by version list. --- docs/bugs_by_version.json | 297 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 297 insertions(+) create mode 100644 docs/bugs_by_version.json (limited to 'docs') diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json new file mode 100644 index 00000000..55df848d --- /dev/null +++ b/docs/bugs_by_version.json @@ -0,0 +1,297 @@ +{ + "0.1.0": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-07-10" + }, + "0.1.1": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-08-04" + }, + "0.1.2": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-08-20" + }, + "0.1.3": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-09-25" + }, + "0.1.4": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-09-30" + }, + "0.1.5": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-10-07" + }, + "0.1.6": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-10-16" + }, + "0.1.7": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-11-17" + }, + "0.2.0": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2015-12-02" + }, + "0.2.1": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2016-01-30" + }, + "0.2.2": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits", + "AncientCompiler" + ], + "released": "2016-02-17" + }, + "0.3.0": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits", + "ArrayAccessCleanHigherOrderBits" + ], + "released": "2016-03-11" + }, + "0.3.1": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits" + ], + "released": "2016-03-31" + }, + "0.3.2": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin", + "CleanBytesHigherOrderBits" + ], + "released": "2016-04-18" + }, + "0.3.3": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin" + ], + "released": "2016-05-27" + }, + "0.3.4": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin" + ], + "released": "2016-05-31" + }, + "0.3.5": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther", + "DynamicAllocationInfiniteLoop", + "ClearStateOnCodePathJoin" + ], + "released": "2016-06-10" + }, + "0.3.6": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "SendFailsForZeroEther" + ], + "released": "2016-08-10" + }, + "0.4.0": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "LibrariesNotCallableFromPayableFunctions" + ], + "released": "2016-09-08" + }, + "0.4.1": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3", + "LibrariesNotCallableFromPayableFunctions" + ], + "released": "2016-09-09" + }, + "0.4.10": { + "bugs": [], + "released": "2017-03-15" + }, + "0.4.2": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage", + "StaleKnowledegAboutSHA3" + ], + "released": "2016-09-17" + }, + "0.4.3": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "HighOrderByteCleanStorage" + ], + "released": "2016-10-25" + }, + "0.4.4": { + "bugs": [ + "IdentityPrecompileReturnIgnored" + ], + "released": "2016-10-31" + }, + "0.4.5": { + "bugs": [ + "IdentityPrecompileReturnIgnored", + "StateKnowledgeNotResetForJumpdest" + ], + "released": "2016-11-21" + }, + "0.4.6": { + "bugs": [ + "IdentityPrecompileReturnIgnored" + ], + "released": "2016-11-22" + }, + "0.4.7": { + "bugs": [], + "released": "2016-12-15" + }, + "0.4.8": { + "bugs": [], + "released": "2017-01-13" + }, + "0.4.9": { + "bugs": [], + "released": "2017-01-31" + } +} \ No newline at end of file -- cgit v1.2.3 From feacfcfd203c7d24b13ce28da3ce7041f5ee5287 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 12 Apr 2017 15:35:25 +0200 Subject: Typo and more explanation. --- docs/bugs.json | 2 +- docs/bugs.rst | 26 +++++++++++++++++++++++--- docs/bugs_by_version.json | 42 +++++++++++++++++++++--------------------- 3 files changed, 45 insertions(+), 25 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index d50cf597..f80816ee 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -27,7 +27,7 @@ "fixed": "0.4.4" }, { - "name": "StaleKnowledegAboutSHA3", + "name": "StaleKnowledgeAboutSHA3", "summary": "The optimizer did not properly reset its knowledge about SHA3 operations resulting in some hashes (also used for storage variable positions) not being calculated correctly.", "description": "The optimizer performs symbolic execution in order to save re-evaluating expressions whose value is already known. This knowledge was not properly reset across control flow paths and thus the optimizer sometimes thought that the result of a SHA3 operation is already present on the stack. This could result in data corruption by accessing the wrong storage slot.", "severity": "low/medium", diff --git a/docs/bugs.rst b/docs/bugs.rst index be7544d0..083759f3 100644 --- a/docs/bugs.rst +++ b/docs/bugs.rst @@ -6,12 +6,32 @@ List of Known Bugs ################## -Below, you can find a JSON-formatted list of all known security-relevant bugs in the +Below, you can find a JSON-formatted list of known security-relevant bugs in the Solidity compiler. The file itself is hosted in the `Github repository `_. The list stretches back as far as version 0.3.0, bugs known to be present only -in previous versions are not listed. The JSON file is an array of objects, one for -each bug, with the following keys: +in versions preceding that are not listed. + +There is another file called `bugs_by_version.json +`_, +which can be used to check which bugs affect a specific version of the compiler. + +Contract source verification tools and also other tools interacting with +contracts should consult this list according to the following criteria: + + - It is mildly suspicious if a contract was compiled with a nightly + compiler version instead of a released version. These compiler versions + might contain undocumented bugs. + - It is also mildly suspicious if a contract was compiled with a version that was + not the most recent at the time the contract was created. For contracts + created from other contracts, you have to follow the creation chain + back to a transaction and use the date of that transaction as creation date. + - It is highly suspicious if a contract was compiled with a compiler that + contains a known bug and the contract was created at a time where a newer + compiler version containing a fix was already released. + +The JSON file of known bugs below is an array of objects, one for each bug, +with the following keys: name Unique name given to the bug diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 55df848d..5d119807 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -2,7 +2,7 @@ "0.1.0": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -15,7 +15,7 @@ "0.1.1": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -28,7 +28,7 @@ "0.1.2": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -41,7 +41,7 @@ "0.1.3": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -54,7 +54,7 @@ "0.1.4": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -67,7 +67,7 @@ "0.1.5": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -81,7 +81,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -95,7 +95,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -109,7 +109,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -123,7 +123,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -137,7 +137,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -151,7 +151,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -164,7 +164,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -176,7 +176,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin", @@ -188,7 +188,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin" @@ -199,7 +199,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin" @@ -210,7 +210,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", "ClearStateOnCodePathJoin" @@ -221,7 +221,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "SendFailsForZeroEther" ], "released": "2016-08-10" @@ -230,7 +230,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "LibrariesNotCallableFromPayableFunctions" ], "released": "2016-09-08" @@ -239,7 +239,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3", + "StaleKnowledgeAboutSHA3", "LibrariesNotCallableFromPayableFunctions" ], "released": "2016-09-09" @@ -252,7 +252,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledegAboutSHA3" + "StaleKnowledgeAboutSHA3" ], "released": "2016-09-17" }, -- cgit v1.2.3 From 10c32362ead6b5198221a48605e16c89a7800deb Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 12 Apr 2017 15:36:59 +0200 Subject: Prefix all optimizer bug names by Optimizer. --- docs/bugs.json | 6 ++-- docs/bugs_by_version.json | 78 +++++++++++++++++++++++------------------------ 2 files changed, 42 insertions(+), 42 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index f80816ee..4e7f1245 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -7,7 +7,7 @@ "fixed": "0.4.7" }, { - "name": "StateKnowledgeNotResetForJumpdest", + "name": "OptimizerStateKnowledgeNotResetForJumpdest", "summary": "The optimizer did not properly reset its internal state at jump destinations, which could lead to data corruption.", "description": "The optimizer performs symbolic execution at certain stages. At jump destinations, multiple code paths join and thus it has to compute a common state from the incoming edges. Computing this common state was simplified to just use the empty state, but this implementation was not done properly. This bug can cause data corruption.", "severity": "medium", @@ -27,7 +27,7 @@ "fixed": "0.4.4" }, { - "name": "StaleKnowledgeAboutSHA3", + "name": "OptimizerStaleKnowledgeAboutSHA3", "summary": "The optimizer did not properly reset its knowledge about SHA3 operations resulting in some hashes (also used for storage variable positions) not being calculated correctly.", "description": "The optimizer performs symbolic execution in order to save re-evaluating expressions whose value is already known. This knowledge was not properly reset across control flow paths and thus the optimizer sometimes thought that the result of a SHA3 operation is already present on the stack. This could result in data corruption by accessing the wrong storage slot.", "severity": "low/medium", @@ -59,7 +59,7 @@ "fixed": "0.3.6" }, { - "name": "ClearStateOnCodePathJoin", + "name": "OptimizerClearStateOnCodePathJoin", "summary": "The optimizer did not properly reset its internal state at jump destinations, which could lead to data corruption.", "description": "The optimizer performs symbolic execution at certain stages. At jump destinations, multiple code paths join and thus it has to compute a common state from the incoming edges. Computing this common state was not done correctly. This bug can cause data corruption, but it is probably quite hard to use for targeted attacks.", "severity": "low", diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 5d119807..64015d4a 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -2,10 +2,10 @@ "0.1.0": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -15,10 +15,10 @@ "0.1.1": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -28,10 +28,10 @@ "0.1.2": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -41,10 +41,10 @@ "0.1.3": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -54,10 +54,10 @@ "0.1.4": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -67,10 +67,10 @@ "0.1.5": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -81,10 +81,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -95,10 +95,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -109,10 +109,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -123,10 +123,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -137,10 +137,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits", "AncientCompiler" @@ -151,10 +151,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits", "ArrayAccessCleanHigherOrderBits" ], @@ -164,10 +164,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits" ], "released": "2016-03-31" @@ -176,10 +176,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin", + "OptimizerClearStateOnCodePathJoin", "CleanBytesHigherOrderBits" ], "released": "2016-04-18" @@ -188,10 +188,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin" + "OptimizerClearStateOnCodePathJoin" ], "released": "2016-05-27" }, @@ -199,10 +199,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin" + "OptimizerClearStateOnCodePathJoin" ], "released": "2016-05-31" }, @@ -210,10 +210,10 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", "DynamicAllocationInfiniteLoop", - "ClearStateOnCodePathJoin" + "OptimizerClearStateOnCodePathJoin" ], "released": "2016-06-10" }, @@ -221,7 +221,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther" ], "released": "2016-08-10" @@ -230,7 +230,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "LibrariesNotCallableFromPayableFunctions" ], "released": "2016-09-08" @@ -239,7 +239,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3", + "OptimizerStaleKnowledgeAboutSHA3", "LibrariesNotCallableFromPayableFunctions" ], "released": "2016-09-09" @@ -252,7 +252,7 @@ "bugs": [ "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", - "StaleKnowledgeAboutSHA3" + "OptimizerStaleKnowledgeAboutSHA3" ], "released": "2016-09-17" }, @@ -272,7 +272,7 @@ "0.4.5": { "bugs": [ "IdentityPrecompileReturnIgnored", - "StateKnowledgeNotResetForJumpdest" + "OptimizerStateKnowledgeNotResetForJumpdest" ], "released": "2016-11-21" }, -- cgit v1.2.3 From 66165ff753c0300c7333c77e708788db327d7d8b Mon Sep 17 00:00:00 2001 From: Chandan Kumar Date: Fri, 14 Apr 2017 09:27:14 +0530 Subject: Update common-patterns.rst --- docs/common-patterns.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/common-patterns.rst b/docs/common-patterns.rst index 5fa84242..de2da690 100644 --- a/docs/common-patterns.rst +++ b/docs/common-patterns.rst @@ -232,7 +232,7 @@ reached at a certain point in **time**. An example for this is a blind auction contract which starts in the stage "accepting blinded bids", then transitions to "revealing bids" which is ended by -"determine auction autcome". +"determine auction outcome". .. index:: function;modifier -- cgit v1.2.3 From 98242f5409b9683166e041d6abf082d3fe80ff0c Mon Sep 17 00:00:00 2001 From: Abraham Sangha Date: Fri, 14 Apr 2017 19:05:53 -0600 Subject: minor: fix formatting and grammar --- docs/solidity-by-example.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index 7e08c6b4..3d6221e4 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -51,8 +51,7 @@ of votes. } // This is a type for a single proposal. - struct Proposal - { + struct Proposal { bytes32 name; // short name (up to 32 bytes) uint voteCount; // number of accumulated votes } @@ -285,7 +284,7 @@ activate themselves. // highestBidder.send(highestBid) is a security risk // because it can be prevented by the caller by e.g. // raising the call stack to 1023. It is always safer - // to let the recipient withdraw their money themselves. + // to let the recipients withdraw their money themselves. pendingReturns[highestBidder] += highestBid; } highestBidder = msg.sender; -- cgit v1.2.3 From ab0a0ab05da60d12ffb64207e98d2d05264fc196 Mon Sep 17 00:00:00 2001 From: Andy Milenius Date: Fri, 14 Apr 2017 19:01:57 -0700 Subject: Update index.rst --- docs/index.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/index.rst b/docs/index.rst index 61cff7ac..9c74aa51 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -78,8 +78,8 @@ Discontinued: Solidity Tools -------------- -* `Dapple `_ - Package and deployment manager for Solidity. +* `Dapp `_ + Build tool, package manager, and deployment assistant for Solidity. * `Solidity REPL `_ Try Solidity instantly with a command-line Solidity console. -- cgit v1.2.3 From fb58809c206c174603dfef381f2cd4496d5b9cfe Mon Sep 17 00:00:00 2001 From: Morgan Date: Mon, 17 Apr 2017 21:41:28 -0400 Subject: Update contracts.rst --- docs/contracts.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/contracts.rst b/docs/contracts.rst index 9e35be84..26c0c886 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -27,7 +27,7 @@ From ``web3.js``, i.e. the JavaScript API, this is done as follows:: // Need to specify some source including contract name for the data param below - var source = "contract CONTRACT_NAME { function CONTRACT_NAME(unit a, uint b) {} }"; + var source = "contract CONTRACT_NAME { function CONTRACT_NAME(uint a, uint b) {} }"; // The json abi array generated by the compiler var abiArray = [ -- cgit v1.2.3 From 11d30ec04fcc7d017fe3c419c6ad64f657a17e96 Mon Sep 17 00:00:00 2001 From: chriseth Date: Tue, 18 Apr 2017 11:40:00 +0200 Subject: Some changes after review. --- docs/bugs.json | 2 +- docs/bugs.rst | 5 ++--- docs/security-considerations.rst | 3 ++- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index 4e7f1245..2a8d167a 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -30,7 +30,7 @@ "name": "OptimizerStaleKnowledgeAboutSHA3", "summary": "The optimizer did not properly reset its knowledge about SHA3 operations resulting in some hashes (also used for storage variable positions) not being calculated correctly.", "description": "The optimizer performs symbolic execution in order to save re-evaluating expressions whose value is already known. This knowledge was not properly reset across control flow paths and thus the optimizer sometimes thought that the result of a SHA3 operation is already present on the stack. This could result in data corruption by accessing the wrong storage slot.", - "severity": "low/medium", + "severity": "medium", "fixed": "0.4.3", "conditions": { "optimizer": true diff --git a/docs/bugs.rst b/docs/bugs.rst index 083759f3..8c6f58b1 100644 --- a/docs/bugs.rst +++ b/docs/bugs.rst @@ -6,7 +6,7 @@ List of Known Bugs ################## -Below, you can find a JSON-formatted list of known security-relevant bugs in the +Below, you can find a JSON-formatted list of some of the known security-relevant bugs in the Solidity compiler. The file itself is hosted in the `Github repository `_. The list stretches back as far as version 0.3.0, bugs known to be present only @@ -20,8 +20,7 @@ Contract source verification tools and also other tools interacting with contracts should consult this list according to the following criteria: - It is mildly suspicious if a contract was compiled with a nightly - compiler version instead of a released version. These compiler versions - might contain undocumented bugs. + compiler version instead of a released version - It is also mildly suspicious if a contract was compiled with a version that was not the most recent at the time the contract was created. For contracts created from other contracts, you have to follow the creation chain diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 1afaf051..1e92afa7 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -22,7 +22,8 @@ you should be more careful. This section will list some pitfalls and general security recommendations but can, of course, never be complete. Also, keep in mind that even if your smart contract code is bug-free, the compiler or the platform itself might -have a bug. All known security-relevant bugs of the compiler can be found in the +have a bug. A list of some publicly known security-relevant bugs of the compiler +can be found in the :ref:`list of known bugs`, which is also machine-readable. Note that there is a bug bounty program that covers the code generator of the Solidity compiler. -- cgit v1.2.3 From fd109bbe6fdfa89a057059bd452bd2b6edc1bd2e Mon Sep 17 00:00:00 2001 From: chriseth Date: Tue, 18 Apr 2017 12:20:39 +0200 Subject: Update bugs.rst --- docs/bugs.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/bugs.rst b/docs/bugs.rst index 8c6f58b1..55771a35 100644 --- a/docs/bugs.rst +++ b/docs/bugs.rst @@ -20,7 +20,8 @@ Contract source verification tools and also other tools interacting with contracts should consult this list according to the following criteria: - It is mildly suspicious if a contract was compiled with a nightly - compiler version instead of a released version + compiler version instead of a released version. This list does not keep + track of unreleased or nightly versions. - It is also mildly suspicious if a contract was compiled with a version that was not the most recent at the time the contract was created. For contracts created from other contracts, you have to follow the creation chain -- cgit v1.2.3 From 8bf842050e83c33ad08789219ea62b8ace33de88 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 19 Apr 2017 16:59:03 +0100 Subject: Support --allow-paths in the CLI --- docs/using-the-compiler.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index e1c63265..1cc1f2b8 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -29,6 +29,8 @@ files reside, so things like ``import "/etc/passwd";`` only work if you add ``=/ If there are multiple matches due to remappings, the one with the longest common prefix is selected. +For security reasons the compiler has restrictions what directories it can access. Paths (and their subdirectories) of source files specified on the commandline and paths defined by remappings are allowed for import statements, but everything else is rejected. Additional paths (and their subdirectories) can be allowed via the ``--allow-paths /sample/path,/another/sample/path`` switch. + If your contracts use :ref:`libraries `, you will notice that the bytecode contains substrings of the form ``__LibraryName______``. You can use ``solc`` as a linker meaning that it will insert the library addresses for you at those points: Either add ``--libraries "Math:0x12345678901234567890 Heap:0xabcdef0123456"`` to your command to provide an address for each library or store the string in a file (one library per line) and run ``solc`` using ``--libraries fileName``. -- cgit v1.2.3 From 6ae7a87b789d9ed60360ab9b7fa6593f9ab3b5ff Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 19 Apr 2017 18:53:39 +0100 Subject: Rename ast to legacyAST in StandardCompiler --- docs/using-the-compiler.rst | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 1cc1f2b8..9e9a5eb6 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -121,7 +121,8 @@ Input Description // // The available output types are as follows: // abi - ABI - // ast - AST of all source files + // ast - AST of all source files (not supported atm) + // legacyAST - legacy AST of all source files // why3 - Why3 translated output // devdoc - Developer documentation (natspec) // userdoc - User documentation (natspec) @@ -155,9 +156,9 @@ Input Description "*": { "*": [ "evm.sourceMap" ] }, - // Enable the AST and Why3 output of every single file. + // Enable the legacy AST and Why3 output of every single file. "*": { - "": [ "ast", "why3" ] + "": [ "legacyAST", "why3" ] } } } @@ -197,7 +198,9 @@ Output Description // Identifier (used in source maps) id: 1, // The AST object - ast: {} + ast: {}, + // The legacy AST object + legacyAST: {} } }, // This contains the contract-level outputs. It can be limited/filtered by the outputSelection settings. -- cgit v1.2.3 From 3fb0072105a1851832561b7e5f99a47c3332e4f8 Mon Sep 17 00:00:00 2001 From: Morgan Date: Fri, 21 Apr 2017 01:39:14 -0400 Subject: Added link to example for ecrecover This should be helpful for now until I can write up some documentation to include here --- docs/units-and-global-variables.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/units-and-global-variables.rst b/docs/units-and-global-variables.rst index 7a43343f..50b9291e 100644 --- a/docs/units-and-global-variables.rst +++ b/docs/units-and-global-variables.rst @@ -100,6 +100,7 @@ Mathematical and Cryptographic Functions compute RIPEMD-160 hash of the (tightly packed) arguments ``ecrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) returns (address)``: recover the address associated with the public key from elliptic curve signature or return zero on error + [see here for example](https://ethereum.stackexchange.com/a/1794/7586) ``revert()``: abort execution and revert state changes -- cgit v1.2.3 From 1ac7056a1a8d782e90516596b212b06457ad8da1 Mon Sep 17 00:00:00 2001 From: chriseth Date: Fri, 21 Apr 2017 11:42:31 +0200 Subject: Correct syntax and link to question. --- docs/units-and-global-variables.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/units-and-global-variables.rst b/docs/units-and-global-variables.rst index 50b9291e..ab957c7d 100644 --- a/docs/units-and-global-variables.rst +++ b/docs/units-and-global-variables.rst @@ -100,7 +100,7 @@ Mathematical and Cryptographic Functions compute RIPEMD-160 hash of the (tightly packed) arguments ``ecrecover(bytes32 hash, uint8 v, bytes32 r, bytes32 s) returns (address)``: recover the address associated with the public key from elliptic curve signature or return zero on error - [see here for example](https://ethereum.stackexchange.com/a/1794/7586) + (`example usage `_) ``revert()``: abort execution and revert state changes -- cgit v1.2.3 From cd5fc7a6d24507ea60e816700a655369ef2532e8 Mon Sep 17 00:00:00 2001 From: Omkara <0mkara@users.noreply.github.com> Date: Sun, 23 Apr 2017 09:03:12 +0530 Subject: Update atom-ethereum-interface name change atom-ethereum-interface is renamed to etheratom, virtual machine compatibility introduced and other updates --- docs/index.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/index.rst b/docs/index.rst index 457b280f..7ffec806 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -48,8 +48,8 @@ Available Solidity Integrations * `Package for SublimeText — Solidity language syntax `_ Solidity syntax highlighting for SublimeText editor. -* `Atom Ethereum interface `_ - Plugin for the Atom editor that features syntax highlighting, compilation and a runtime environment (requires backend node). +* `Etheratom `_ + Plugin for the Atom editor that features syntax highlighting, compilation and a runtime environment (Backend node & VM compatible). * `Atom Solidity Linter `_ Plugin for the Atom editor that provides Solidity linting. -- cgit v1.2.3 From 4a3fb9638179a4a7d4b40afb44308e56573c63e0 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Mon, 24 Apr 2017 11:25:24 +0100 Subject: Enable standard json in the docs --- docs/using-the-compiler.rst | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index 9e9a5eb6..deaa1329 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -37,15 +37,13 @@ Either add ``--libraries "Math:0x12345678901234567890 Heap:0xabcdef0123456"`` to If ``solc`` is called with the option ``--link``, all input files are interpreted to be unlinked binaries (hex-encoded) in the ``__LibraryName____``-format given above and are linked in-place (if the input is read from stdin, it is written to stdout). All options except ``--libraries`` are ignored (including ``-o``) in this case. +If ``solc`` is called with the option ``--standard-json``, it will expect a JSON input (as explained below) on the standard input, and return a JSON output on the standard output. + .. _compiler-api: Compiler Input and Output JSON Description ****************************************** -.. warning:: - - This JSON interface is not yet supported by the Solidity compiler, but will be released in a future version. - These JSON formats are used by the compiler API as well as are available through ``solc``. These are subject to change, some fields are optional (as noted), but it is aimed at to only make backwards compatible changes. -- cgit v1.2.3 From 6c9dcaf7ac729ca06dad8cd839556df96f0022af Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Tue, 25 Apr 2017 18:26:33 +0100 Subject: Mention the order of the ABI in metadata --- docs/miscellaneous.rst | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/miscellaneous.rst b/docs/miscellaneous.rst index 2865d884..7be46eac 100644 --- a/docs/miscellaneous.rst +++ b/docs/miscellaneous.rst @@ -314,6 +314,8 @@ Comments are of course also not permitted and used here only for explanatory pur } } +.. note:: + Note the ABI definition above has no fixed order. It can change with compiler versions. Encoding of the Metadata Hash in the Bytecode ============================================= -- cgit v1.2.3 From 8a5feb8c490e38961da68ea059309e06cef3e1c0 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Tue, 25 Apr 2017 18:29:00 +0100 Subject: Explain that bytecode depends on metadata --- docs/miscellaneous.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/miscellaneous.rst b/docs/miscellaneous.rst index 7be46eac..914dfacd 100644 --- a/docs/miscellaneous.rst +++ b/docs/miscellaneous.rst @@ -317,6 +317,12 @@ Comments are of course also not permitted and used here only for explanatory pur .. note:: Note the ABI definition above has no fixed order. It can change with compiler versions. +.. note:: + Since the bytecode of the resulting contract contains the metadata hash, any change to + the metadata will result in a change of the bytecode. Furthermore, since the metadata + includes a hash of all the sources used, a single whitespace change in any of the source + codes will result in a different metadata, and subsequently a different bytecode. + Encoding of the Metadata Hash in the Bytecode ============================================= -- cgit v1.2.3 From a46a059e3a4b860c51821cabcfd8316b021f4245 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 26 Apr 2017 11:58:36 +0200 Subject: Document storage variable access. --- docs/assembly.rst | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'docs') diff --git a/docs/assembly.rst b/docs/assembly.rst index 30f7fc01..eb1bf276 100644 --- a/docs/assembly.rst +++ b/docs/assembly.rst @@ -323,9 +323,12 @@ Access to External Variables and Functions ------------------------------------------ Solidity variables and other identifiers can be accessed by simply using their name. -For storage and memory variables, this will push the address and not the value onto the -stack. Also note that non-struct and non-array storage variable addresses occupy two slots -on the stack: One for the address and one for the byte offset inside the storage slot. +For memory variables, this will push the address and not the value onto the +stack. Storage variables are different: Values in storage might not occupy a +full storage slot, so their "address" is composed of a slot and a byte-offset +inside that slot. To retrieve the slot pointed to by the variable ``x``, you +used ``x_slot`` and to retrieve the byte-offset you used ``x_offset``. + In assignments (see below), we can even use local Solidity variables to assign to. Functions external to inline assembly can also be accessed: The assembly will @@ -340,17 +343,13 @@ changes during the call, and thus references to local variables will be wrong. .. code:: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract C { uint b; function f(uint x) returns (uint r) { assembly { - b pop // remove the offset, we know it is zero - sload - x - mul - =: r // assign to return variable r + r := mul(x, sload(b_slot)) // ignore the offset, we know it is zero } } } -- cgit v1.2.3 From 35f1cf92dbc6082b675e41e184aefe3b24325918 Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Wed, 26 Apr 2017 17:12:26 +0100 Subject: Remove parentheses from around function return parameters --- docs/assembly.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/assembly.rst b/docs/assembly.rst index eb1bf276..420cea17 100644 --- a/docs/assembly.rst +++ b/docs/assembly.rst @@ -29,7 +29,7 @@ arising when writing manual assembly by the following features: * labels: ``let x := 10 repeat: x := sub(x, 1) jumpi(repeat, eq(x, 0))`` * loops: ``for { let i := 0 } lt(i, x) { i := add(i, 1) } { y := mul(2, y) }`` * switch statements: ``switch x case 0: { y := mul(x, 2) } default: { y := 0 }`` -* function calls: ``function f(x) -> (y) { switch x case 0: { y := 1 } default: { y := mul(x, f(sub(x, 1))) } }`` +* function calls: ``function f(x) -> y { switch x case 0: { y := 1 } default: { y := mul(x, f(sub(x, 1))) } }`` .. note:: Of the above, loops, function calls and switch statements are not yet implemented. @@ -566,7 +566,7 @@ The following example implements the power function by square-and-multiply. .. code:: assembly { - function power(base, exponent) -> (result) { + function power(base, exponent) -> result { switch exponent 0: { result := 1 } 1: { result := base } @@ -701,12 +701,12 @@ The following assembly will be generated:: } default: { jump(invalidJumpLabel) } // memory allocator - function $allocate(size) -> (pos) { + function $allocate(size) -> pos { pos := mload(0x40) mstore(0x40, add(pos, size)) } // the contract function - function f(x) -> (y) { + function f(x) -> y { y := 1 for { let i := 0 } lt(i, x) { i := add(i, 1) } { y := mul(2, y) -- cgit v1.2.3 From cd29a0315da6da0bc1f51f0a3789bba6642cf36e Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Thu, 27 Apr 2017 13:13:49 +0100 Subject: Update the gasEstimates in JSON I/O --- docs/using-the-compiler.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index deaa1329..b74da213 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -251,15 +251,15 @@ Output Description // Function gas estimates gasEstimates: { creation: { - dataCost: 420000, - // -1 means infinite (aka. unknown) - executionCost: -1 + codeDepositCost: "420000", + executionCost: "infinite", + totalCost: "infinite" }, external: { - "delegate(address)": 25000 + "delegate(address)": "25000" }, internal: { - "heavyLifting()": -1 + "heavyLifting()": "infinite" } } }, -- cgit v1.2.3 From fc3f40febe3ed7686682e2e9ef4f615b206400b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Fri, 28 Apr 2017 14:00:59 +0200 Subject: Add warning about SAR in docs --- docs/types.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/types.rst b/docs/types.rst index 60235ad2..c868adc6 100644 --- a/docs/types.rst +++ b/docs/types.rst @@ -64,6 +64,12 @@ expression ``x << y`` is equivalent to ``x * 2**y`` and ``x >> y`` is equivalent to ``x / 2**y``. This means that shifting negative numbers sign extends. Shifting by a negative amount throws a runtime exception. +.. warning:: + The results produced by shift right of negative values of signed integer types is different from those produced + by other programming languages. In Solidity, shift right maps to division so the shifted negative values + are going to be rounded towards zero (truncated). In other programming languages the shift right of negative values + works like division with rounding down (towards negative infinity). + .. index:: address, balance, send, call, callcode, delegatecall, transfer .. _address: -- cgit v1.2.3 From 4658c4f28bbfef919583b5885aa5742e6b55bdd8 Mon Sep 17 00:00:00 2001 From: AdrianClv Date: Sat, 29 Apr 2017 17:22:01 +0200 Subject: Added Doxity in the Solidity Tools section --- docs/index.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/index.rst b/docs/index.rst index 7ffec806..1312864a 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -53,7 +53,7 @@ Available Solidity Integrations * `Atom Solidity Linter `_ Plugin for the Atom editor that provides Solidity linting. - + * `Solium `_ A commandline linter for Solidity which strictly follows the rules prescribed by the `Solidity Style Guide `_. @@ -90,6 +90,9 @@ Solidity Tools * `evmdis `_ EVM Disassembler that performs static analysis on the bytecode to provide a higher level of abstraction than raw EVM operations. +* `Doxity `_ + Documentation Generator for Solidity. + Third-Party Solidity Parsers and Grammars ----------------------------------------- -- cgit v1.2.3 From fabf15de9ec565213b7da8f1d190db3b00561c5d Mon Sep 17 00:00:00 2001 From: FedericoCapello Date: Mon, 1 May 2017 20:05:25 +0200 Subject: Update units-and-global-variables.rst Consistency of explanation. --- docs/units-and-global-variables.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/units-and-global-variables.rst b/docs/units-and-global-variables.rst index ab957c7d..246cc564 100644 --- a/docs/units-and-global-variables.rst +++ b/docs/units-and-global-variables.rst @@ -22,8 +22,8 @@ unit and units are considered naively in the following way: * ``1 minutes == 60 seconds`` * ``1 hours == 60 minutes`` * ``1 days == 24 hours`` - * ``1 weeks = 7 days`` - * ``1 years = 365 days`` + * ``1 weeks == 7 days`` + * ``1 years == 365 days`` Take care if you perform calendar calculations using these units, because not every year equals 365 days and not even every day has 24 hours -- cgit v1.2.3 From daa8db81c8081234b593abdce2bf505ae5ce3872 Mon Sep 17 00:00:00 2001 From: JohnAllen Date: Mon, 1 May 2017 14:00:27 -0700 Subject: Correct form-from typo in layout-of-source-files.rst --- docs/layout-of-source-files.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/layout-of-source-files.rst b/docs/layout-of-source-files.rst index 05708964..715b29ae 100644 --- a/docs/layout-of-source-files.rst +++ b/docs/layout-of-source-files.rst @@ -26,7 +26,7 @@ The version pragma is used as follows:: pragma solidity ^0.4.0; Such a source file will not compile with a compiler earlier than version 0.4.0 -and it will also not work on a compiler starting form version 0.5.0 (this +and it will also not work on a compiler starting from version 0.5.0 (this second condition is added by using ``^``). The idea behind this is that there will be no breaking changes until version ``0.5.0``, so we can always be sure that our code will compile the way we intended it to. We do not fix -- cgit v1.2.3 From d87eb978956d0859c32af2127dac0050d8e302d6 Mon Sep 17 00:00:00 2001 From: chriseth Date: Thu, 27 Apr 2017 12:23:46 +0200 Subject: Add entry to bug list. --- docs/bugs.json | 12 ++++++++++++ docs/bugs_by_version.json | 41 +++++++++++++++++++++++++++++++++++++---- 2 files changed, 49 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index 2a8d167a..ba994932 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,4 +1,16 @@ [ + { + "name": "ConstantOptimizerSubtraction", + "short": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", + "long": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", + "link": "", + "introduced": "0.0.0", + "fixed": "0.4.11", + "severity": "low", + "check": { + "optimizer": true + } + }, { "name": "IdentityPrecompileReturnIgnored", "summary": "Failure of the identity precompile was ignored.", diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 64015d4a..7fbca437 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -1,6 +1,7 @@ { "0.1.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -14,6 +15,7 @@ }, "0.1.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -27,6 +29,7 @@ }, "0.1.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -40,6 +43,7 @@ }, "0.1.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -53,6 +57,7 @@ }, "0.1.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -66,6 +71,7 @@ }, "0.1.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStaleKnowledgeAboutSHA3", "SendFailsForZeroEther", @@ -79,6 +85,7 @@ }, "0.1.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -93,6 +100,7 @@ }, "0.1.7": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -107,6 +115,7 @@ }, "0.2.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -121,6 +130,7 @@ }, "0.2.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -135,6 +145,7 @@ }, "0.2.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -149,6 +160,7 @@ }, "0.3.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -162,6 +174,7 @@ }, "0.3.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -174,6 +187,7 @@ }, "0.3.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -186,6 +200,7 @@ }, "0.3.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -197,6 +212,7 @@ }, "0.3.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -208,6 +224,7 @@ }, "0.3.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -219,6 +236,7 @@ }, "0.3.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -228,6 +246,7 @@ }, "0.4.0": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -237,6 +256,7 @@ }, "0.4.1": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3", @@ -245,11 +265,14 @@ "released": "2016-09-09" }, "0.4.10": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-03-15" }, "0.4.2": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage", "OptimizerStaleKnowledgeAboutSHA3" @@ -258,6 +281,7 @@ }, "0.4.3": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "HighOrderByteCleanStorage" ], @@ -265,12 +289,14 @@ }, "0.4.4": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" ], "released": "2016-10-31" }, "0.4.5": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored", "OptimizerStateKnowledgeNotResetForJumpdest" ], @@ -278,20 +304,27 @@ }, "0.4.6": { "bugs": [ + "ConstantOptimizerSubtraction", "IdentityPrecompileReturnIgnored" ], "released": "2016-11-22" }, "0.4.7": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2016-12-15" }, "0.4.8": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-01-13" }, "0.4.9": { - "bugs": [], + "bugs": [ + "ConstantOptimizerSubtraction" + ], "released": "2017-01-31" } } \ No newline at end of file -- cgit v1.2.3 From 2871663cadca8355764c64bc921b2fc6126efb2c Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Tue, 2 May 2017 14:49:13 +0100 Subject: Remove why3 from standard compiler --- docs/using-the-compiler.rst | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index b74da213..890604b1 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -121,7 +121,6 @@ Input Description // abi - ABI // ast - AST of all source files (not supported atm) // legacyAST - legacy AST of all source files - // why3 - Why3 translated output // devdoc - Developer documentation (natspec) // userdoc - User documentation (natspec) // metadata - Metadata @@ -154,9 +153,9 @@ Input Description "*": { "*": [ "evm.sourceMap" ] }, - // Enable the legacy AST and Why3 output of every single file. + // Enable the legacy AST output of every single file. "*": { - "": [ "legacyAST", "why3" ] + "": [ "legacyAST" ] } } } @@ -180,7 +179,7 @@ Output Description ], // Mandatory: Error type, such as "TypeError", "InternalCompilerError", "Exception", etc type: "TypeError", - // Mandatory: Component where the error originated, such as "general", "why3", "ewasm", etc. + // Mandatory: Component where the error originated, such as "general", "ewasm", etc. component: "general", // Mandatory ("error" or "warning") severity: "error", @@ -272,7 +271,5 @@ Output Description } } } - }, - // Why3 output (string) - why3: "" + } } -- cgit v1.2.3 From ed3ab3506a8acb83bda9477f733d2cb07125a74a Mon Sep 17 00:00:00 2001 From: Alex Beregszaszi Date: Tue, 2 May 2017 15:20:27 +0100 Subject: Follow the JSON I/O spec closely --- docs/using-the-compiler.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst index b74da213..85ef9230 100644 --- a/docs/using-the-compiler.rst +++ b/docs/using-the-compiler.rst @@ -222,7 +222,7 @@ Output Description // Assembly (string) assembly: "", // Old-style assembly (object) - legacyAssembly: [], + legacyAssembly: {}, // Bytecode and related details. bytecode: { // The bytecode as a hex string. -- cgit v1.2.3 From 794a390c34d44e9f93d9735a82aa11f8cc2fde48 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 3 May 2017 11:09:21 +0200 Subject: Fix keys for bugs.json. --- docs/bugs.json | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index ba994932..78fcf06b 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -1,13 +1,12 @@ [ { "name": "ConstantOptimizerSubtraction", - "short": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", - "long": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", - "link": "", - "introduced": "0.0.0", + "summary": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", + "description": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", + "link": "https://blog.ethereum.org/2017/04/24/solidity-optimizer-bug/", "fixed": "0.4.11", "severity": "low", - "check": { + "conditions": { "optimizer": true } }, -- cgit v1.2.3 From 2b4b86aa7f72d8f7c2c4e250953d8f9018f4fd53 Mon Sep 17 00:00:00 2001 From: Matt Wisniewski Date: Wed, 19 Apr 2017 14:12:45 -0400 Subject: Update common-patterns.rst --- docs/common-patterns.rst | 22 ++++---- docs/contracts.rst | 19 +++---- docs/frequently-asked-questions.rst | 3 +- docs/security-considerations.rst | 11 ++-- docs/solidity-by-example.rst | 104 +++++++++++++++--------------------- docs/structure-of-a-contract.rst | 4 +- docs/types.rst | 9 ++-- 7 files changed, 73 insertions(+), 99 deletions(-) (limited to 'docs') diff --git a/docs/common-patterns.rst b/docs/common-patterns.rst index de2da690..37973c62 100644 --- a/docs/common-patterns.rst +++ b/docs/common-patterns.rst @@ -28,7 +28,7 @@ become the new richest. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract WithdrawalContract { address public richest; @@ -70,7 +70,7 @@ This is as opposed to the more intuitive sending pattern: :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract SendContract { address public richest; @@ -86,9 +86,7 @@ This is as opposed to the more intuitive sending pattern: // Check if call succeeds to prevent an attacker // from trapping the previous person's funds in // this contract through a callstack attack - if (!richest.send(msg.value)) { - throw; - } + richest.transfer(msg.value); richest = msg.sender; mostSent = msg.value; return true; @@ -135,7 +133,7 @@ restrictions highly readable. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract AccessRestriction { // These will be assigned at the construction @@ -152,8 +150,7 @@ restrictions highly readable. // a certain address. modifier onlyBy(address _account) { - if (msg.sender != _account) - throw; + require(msg.sender == _account); // Do not forget the "_;"! It will // be replaced by the actual function // body when the modifier is used. @@ -169,7 +166,7 @@ restrictions highly readable. } modifier onlyAfter(uint _time) { - if (now < _time) throw; + require(now >= _time); _; } @@ -190,8 +187,7 @@ restrictions highly readable. // This was dangerous before Solidity version 0.4.0, // where it was possible to skip the part after `_;`. modifier costs(uint _amount) { - if (msg.value < _amount) - throw; + require(msg.value >= _amount); _; if (msg.value > _amount) msg.sender.send(msg.value - _amount); @@ -276,7 +272,7 @@ function finishes. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract StateMachine { enum Stages { @@ -293,7 +289,7 @@ function finishes. uint public creationTime = now; modifier atStage(Stages _stage) { - if (stage != _stage) throw; + require(stage == _stage); _; } diff --git a/docs/contracts.rst b/docs/contracts.rst index 26c0c886..a26d5a5e 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -327,7 +327,7 @@ inheritable properties of contracts and may be overridden by derived contracts. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract owned { function owned() { owner = msg.sender; } @@ -341,8 +341,7 @@ inheritable properties of contracts and may be overridden by derived contracts. // function is executed and otherwise, an exception is // thrown. modifier onlyOwner { - if (msg.sender != owner) - throw; + require(msg.sender == owner); _; } } @@ -390,7 +389,7 @@ inheritable properties of contracts and may be overridden by derived contracts. contract Mutex { bool locked; modifier noReentrancy() { - if (locked) throw; + require(!locked); locked = true; _; locked = false; @@ -401,7 +400,7 @@ inheritable properties of contracts and may be overridden by derived contracts. /// The `return 7` statement assigns 7 to the return value but still /// executes the statement `locked = false` in the modifier. function f() noReentrancy returns (uint) { - if (!msg.sender.call()) throw; + require(msg.sender.call()); return 7; } } @@ -989,7 +988,7 @@ more advanced example to implement a set). :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; library Set { // We define a new struct datatype that will be used to @@ -1035,8 +1034,7 @@ more advanced example to implement a set). // The library functions can be called without a // specific instance of the library, since the // "instance" will be the current contract. - if (!Set.insert(knownValues, value)) - throw; + assert(Set.insert(knownValues, value)); } // In this contract, we can also directly access knownValues.flags, if we want. } @@ -1166,7 +1164,7 @@ available without having to add further code. Let us rewrite the set example from the :ref:`libraries` in this way:: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; // This is the same code as before, just without comments library Set { @@ -1207,8 +1205,7 @@ Let us rewrite the set example from the // corresponding member functions. // The following function call is identical to // Set.insert(knownValues, value) - if (!knownValues.insert(value)) - throw; + require(knownValues.insert(value)); } } diff --git a/docs/frequently-asked-questions.rst b/docs/frequently-asked-questions.rst index 639eb83e..029e32eb 100644 --- a/docs/frequently-asked-questions.rst +++ b/docs/frequently-asked-questions.rst @@ -665,8 +665,7 @@ What does the following strange check do in the Custom Token contract? :: - if (balanceOf[_to] + _value < balanceOf[_to]) - throw; + require(balanceOf[_to] + _value >= balanceOf[_to]); Integers in Solidity (and most other machine-related programming languages) are restricted to a certain range. For ``uint256``, this is ``0`` up to ``2**256 - 1``. If the result of some operation on those numbers diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 1e92afa7..f9ceed5d 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -79,7 +79,7 @@ outlined further below: :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract Fund { /// Mapping of ether shares of the contract. @@ -88,8 +88,7 @@ outlined further below: function withdraw() { var share = shares[msg.sender]; shares[msg.sender] = 0; - if (!msg.sender.send(share)) - throw; + require(msg.sender.send(share)); } } @@ -162,7 +161,7 @@ Never use tx.origin for authorization. Let's say you have a wallet contract like :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; // THIS CONTRACT CONTAINS A BUG - DO NOT USE contract TxUserWallet { @@ -173,8 +172,8 @@ Never use tx.origin for authorization. Let's say you have a wallet contract like } function transfer(address dest, uint amount) { - if (tx.origin != owner) { throw; } - if (!dest.call.value(amount)()) throw; + require(tx.origin == owner); + require(dest.call.value(amount)()); } } diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index 3d6221e4..a8e7eb2c 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -36,7 +36,7 @@ of votes. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; /// @title Voting with delegation. contract Ballot { @@ -87,14 +87,12 @@ of votes. // Give `voter` the right to vote on this ballot. // May only be called by `chairperson`. function giveRightToVote(address voter) { - if (msg.sender != chairperson || voters[voter].voted) { - // `throw` terminates and reverts all changes to - // the state and to Ether balances. It is often - // a good idea to use this if functions are - // called incorrectly. But watch out, this - // will also consume all provided gas. - throw; - } + // `throw` terminates and reverts all changes to + // the state and to Ether balances. It is often + // a good idea to use this if functions are + // called incorrectly. But watch out, this + // will also consume all provided gas. + require(msg.sender == chairperson || !voters[voter].voted); voters[voter].weight = 1; } @@ -102,12 +100,10 @@ of votes. function delegate(address to) { // assigns reference Voter sender = voters[msg.sender]; - if (sender.voted) - throw; + require(!sender.voted); // Self-delegation is not allowed. - if (to == msg.sender) - throw; + require(to != msg.sender); // Forward the delegation as long as // `to` also delegated. @@ -121,8 +117,7 @@ of votes. to = voters[to].delegate; // We found a loop in the delegation, not allowed. - if (to == msg.sender) - throw; + require(to != msg.sender); } // Since `sender` is a reference, this @@ -145,8 +140,7 @@ of votes. /// to proposal `proposals[proposal].name`. function vote(uint proposal) { Voter sender = voters[msg.sender]; - if (sender.voted) - throw; + require(!sender.voted); sender.voted = true; sender.vote = proposal; @@ -218,7 +212,7 @@ activate themselves. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract SimpleAuction { // Parameters of the auction. Times are either @@ -269,16 +263,16 @@ activate themselves. // the transaction. The keyword payable // is required for the function to // be able to receive Ether. - if (now > auctionStart + biddingTime) { - // Revert the call if the bidding - // period is over. - throw; - } - if (msg.value <= highestBid) { - // If the bid is not higher, send the - // money back. - throw; - } + + // Revert the call if the bidding + // period is over. + require(now < auctionStart + biddingTime); + + + // If the bid is not higher, send the + // money back. + require(msg.value <= highestBid); + if (highestBidder != 0) { // Sending back the money by simply using // highestBidder.send(highestBid) is a security risk @@ -327,18 +321,15 @@ activate themselves. // external contracts. // 1. Conditions - if (now <= auctionStart + biddingTime) - throw; // auction did not yet end - if (ended) - throw; // this function has already been called + require(now >= auctionStart + biddingTime); // auction did not yet end + require(!ended); // this function has already been called // 2. Effects ended = true; AuctionEnded(highestBidder, highestBid); // 3. Interaction - if (!beneficiary.send(highestBid)) - throw; + require(beneficiary.transfer(highestBid)); } } @@ -381,7 +372,7 @@ high or low invalid bids. :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract BlindAuction { struct Bid { @@ -409,8 +400,8 @@ high or low invalid bids. /// functions. `onlyBefore` is applied to `bid` below: /// The new function body is the modifier's body where /// `_` is replaced by the old function body. - modifier onlyBefore(uint _time) { if (now >= _time) throw; _; } - modifier onlyAfter(uint _time) { if (now <= _time) throw; _; } + modifier onlyBefore(uint _time) { require(!now >= _time); _; } + modifier onlyAfter(uint _time) { require(!now <= _time); _; } function BlindAuction( uint _biddingTime, @@ -454,13 +445,11 @@ high or low invalid bids. onlyBefore(revealEnd) { uint length = bids[msg.sender].length; - if ( - _values.length != length || - _fake.length != length || - _secret.length != length - ) { - throw; - } + require( + _values.length == length || + _fake.length == length || + _secret.length == length + ); uint refund; for (uint i = 0; i < length; i++) { @@ -481,8 +470,7 @@ high or low invalid bids. // the same deposit. bid.blindedBid = 0; } - if (!msg.sender.send(refund)) - throw; + msg.sender.transfer(refund); } // This is an "internal" function which means that it @@ -527,14 +515,12 @@ high or low invalid bids. function auctionEnd() onlyAfter(revealEnd) { - if (ended) - throw; + require(!ended); AuctionEnded(highestBidder, highestBid); ended = true; // We send all the money we have, because some // of the refunds might have failed. - if (!beneficiary.send(this.balance)) - throw; + beneficiary.transfer(this.balance); } } @@ -546,7 +532,7 @@ Safe Remote Purchase :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract Purchase { uint public value; @@ -558,26 +544,26 @@ Safe Remote Purchase function Purchase() payable { seller = msg.sender; value = msg.value / 2; - if (2 * value != msg.value) throw; + require(!2 * value != msg.value); } modifier require(bool _condition) { - if (!_condition) throw; + require(_condition); _; } modifier onlyBuyer() { - if (msg.sender != buyer) throw; + require(msg.sender == buyer); _; } modifier onlySeller() { - if (msg.sender != seller) throw; + require(msg.sender == seller); _; } modifier inState(State _state) { - if (state != _state) throw; + require(state == _state); _; } @@ -594,8 +580,7 @@ Safe Remote Purchase { aborted(); state = State.Inactive; - if (!seller.send(this.balance)) - throw; + seller.transfer(this.balance); } /// Confirm the purchase as buyer. @@ -625,8 +610,7 @@ Safe Remote Purchase state = State.Inactive; // This actually allows both the buyer and the seller to // block the refund. - if (!buyer.send(value) || !seller.send(this.balance)) - throw; + require(buyer.transfer(value) || seller.transfer(this.balance)); } } diff --git a/docs/structure-of-a-contract.rst b/docs/structure-of-a-contract.rst index 24ef69a6..224eb368 100644 --- a/docs/structure-of-a-contract.rst +++ b/docs/structure-of-a-contract.rst @@ -62,13 +62,13 @@ Function modifiers can be used to amend the semantics of functions in a declarat :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract Purchase { address public seller; modifier onlySeller() { // Modifier - if (msg.sender != seller) throw; + require(msg.sender == seller); _; } diff --git a/docs/types.rst b/docs/types.rst index c868adc6..c400aecb 100644 --- a/docs/types.rst +++ b/docs/types.rst @@ -420,7 +420,7 @@ Example that shows how to use internal function types:: Another example that uses external function types:: - pragma solidity ^0.4.5; + pragma solidity ^0.4.11; contract Oracle { struct Request { @@ -445,7 +445,7 @@ Another example that uses external function types:: oracle.query("USD", this.oracleResponse); } function oracleResponse(bytes response) { - if (msg.sender != address(oracle)) throw; + require(msg.sender == address(oracle)); // Use the data } } @@ -722,7 +722,7 @@ shown in the following example: :: - pragma solidity ^0.4.0; + pragma solidity ^0.4.11; contract CrowdFunding { // Defines a new type with two fields. @@ -763,8 +763,7 @@ shown in the following example: return false; uint amount = c.amount; c.amount = 0; - if (!c.beneficiary.send(amount)) - throw; + c.beneficiary.transfer(amount); return true; } } -- cgit v1.2.3 From 7e838fd4a875e6a1f7e7ec60d7b4c5502e22dde4 Mon Sep 17 00:00:00 2001 From: chriseth Date: Tue, 2 May 2017 14:12:25 +0200 Subject: Cleanup to make the docs more consistent. --- docs/common-patterns.rst | 29 +++++++++++++---------------- docs/contracts.rst | 2 +- docs/security-considerations.rst | 21 +++++++++++---------- docs/solidity-by-example.rst | 28 +++++++++++++++------------- 4 files changed, 40 insertions(+), 40 deletions(-) (limited to 'docs') diff --git a/docs/common-patterns.rst b/docs/common-patterns.rst index 37973c62..acef13b7 100644 --- a/docs/common-patterns.rst +++ b/docs/common-patterns.rst @@ -52,17 +52,12 @@ become the new richest. } } - function withdraw() returns (bool) { + function withdraw() { uint amount = pendingWithdrawals[msg.sender]; // Remember to zero the pending refund before // sending to prevent re-entrancy attacks pendingWithdrawals[msg.sender] = 0; - if (msg.sender.send(amount)) { - return true; - } else { - pendingWithdrawals[msg.sender] = amount; - return false; - } + msg.sender.transfer(amount); } } @@ -83,9 +78,7 @@ This is as opposed to the more intuitive sending pattern: function becomeRichest() payable returns (bool) { if (msg.value > mostSent) { - // Check if call succeeds to prevent an attacker - // from trapping the previous person's funds in - // this contract through a callstack attack + // This line can cause problems (explained below). richest.transfer(msg.value); richest = msg.sender; mostSent = msg.value; @@ -98,12 +91,16 @@ This is as opposed to the more intuitive sending pattern: Notice that, in this example, an attacker could trap the contract into an unusable state by causing ``richest`` to be -the address of a contract that has a fallback function -which consumes more than the 2300 gas stipend. That way, -whenever ``send`` is called to deliver funds to the -"poisoned" contract, it will cause execution to always fail -because there will not be enough gas to finish the execution -of the fallback function. +the address of a contract that has a fallback function +which fails (e.g. by using ``revert()`` or by just +conssuming more than the 2300 gas stipend). That way, +whenever ``transfer`` is called to deliver funds to the +"poisoned" contract, it will fail and thus also ``becomeRichest`` +will fail, with the contract being stuck forever. + +In contrast, if you use the "withdraw" pattern from the first example, +the attacker can only cause his or her own withdraw to fail and not the +rest of the contract's workings. .. index:: access;restricting diff --git a/docs/contracts.rst b/docs/contracts.rst index a26d5a5e..8d7af2c1 100644 --- a/docs/contracts.rst +++ b/docs/contracts.rst @@ -1034,7 +1034,7 @@ more advanced example to implement a set). // The library functions can be called without a // specific instance of the library, since the // "instance" will be the current contract. - assert(Set.insert(knownValues, value)); + require(Set.insert(knownValues, value)); } // In this contract, we can also directly access knownValues.flags, if we want. } diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index f9ceed5d..6479eeb8 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -88,7 +88,7 @@ outlined further below: function withdraw() { var share = shares[msg.sender]; shares[msg.sender] = 0; - require(msg.sender.send(share)); + msg.sender.transfer(share); } } @@ -123,22 +123,23 @@ Sending and Receiving Ether (for example in the "details" section in Remix). - There is a way to forward more gas to the receiving contract using - ``addr.call.value(x)()``. This is essentially the same as ``addr.send(x)``, + ``addr.call.value(x)()``. This is essentially the same as ``addr.transfer(x)``, only that it forwards all remaining gas and opens up the ability for the - recipient to perform more expensive actions. This might include calling back + recipient to perform more expensive actions (and it only returns a failure code + and does not automatically propagate the error). This might include calling back into the sending contract or other state changes you might not have thought of. So it allows for great flexibility for honest users but also for malicious actors. -- If you want to send Ether using ``address.send``, there are certain details to be aware of: +- If you want to send Ether using ``address.transfer``, there are certain details to be aware of: 1. If the recipient is a contract, it causes its fallback function to be executed which can, in turn, call back the sending contract. 2. Sending Ether can fail due to the call depth going above 1024. Since the caller is in total control of the call - depth, they can force the transfer to fail; make sure to always check the return value of ``send``. Better yet, + depth, they can force the transfer to fail; take this possibility into account or use ``send`` and make sure to always check its return value. Better yet, write your contract using a pattern where the recipient can withdraw Ether instead. 3. Sending Ether can also fail because the execution of the recipient contract - requires more than the allotted amount of gas (explicitly by using ``throw`` or + requires more than the allotted amount of gas (explicitly by using ``revert`` or because the operation is just too expensive) - it "runs out of gas" (OOG). - If the return value of ``send`` is checked, this might provide a + If you use ``transfer`` or ``send`` with a return value check, this might provide a means for the recipient to block progress in the sending contract. Again, the best practice here is to use a :ref:`"withdraw" pattern instead of a "send" pattern `. @@ -171,9 +172,9 @@ Never use tx.origin for authorization. Let's say you have a wallet contract like owner = msg.sender; } - function transfer(address dest, uint amount) { + function transferTo(address dest, uint amount) { require(tx.origin == owner); - require(dest.call.value(amount)()); + dest.transfer(amount); } } @@ -191,7 +192,7 @@ Now someone tricks you into sending ether to the address of this attack wallet: } function() { - TxUserWallet(msg.sender).transfer(owner, msg.sender.balance); + TxUserWallet(msg.sender).transferTo(owner, msg.sender.balance); } } diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index a8e7eb2c..f6d45e0a 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -87,11 +87,13 @@ of votes. // Give `voter` the right to vote on this ballot. // May only be called by `chairperson`. function giveRightToVote(address voter) { - // `throw` terminates and reverts all changes to + // If the argument of `require` evaluates to `false`, + // it terminates and reverts all changes to // the state and to Ether balances. It is often // a good idea to use this if functions are // called incorrectly. But watch out, this - // will also consume all provided gas. + // will currently also consume all provided gas + // (this is planned to change in the future). require(msg.sender == chairperson || !voters[voter].voted); voters[voter].weight = 1; } @@ -267,7 +269,6 @@ activate themselves. // Revert the call if the bidding // period is over. require(now < auctionStart + biddingTime); - // If the bid is not higher, send the // money back. @@ -329,7 +330,7 @@ activate themselves. AuctionEnded(highestBidder, highestBid); // 3. Interaction - require(beneficiary.transfer(highestBid)); + beneficiary.transfer(highestBid); } } @@ -400,8 +401,8 @@ high or low invalid bids. /// functions. `onlyBefore` is applied to `bid` below: /// The new function body is the modifier's body where /// `_` is replaced by the old function body. - modifier onlyBefore(uint _time) { require(!now >= _time); _; } - modifier onlyAfter(uint _time) { require(!now <= _time); _; } + modifier onlyBefore(uint _time) { require(now < _time); _; } + modifier onlyAfter(uint _time) { require(now > _time); _; } function BlindAuction( uint _biddingTime, @@ -446,8 +447,8 @@ high or low invalid bids. { uint length = bids[msg.sender].length; require( - _values.length == length || - _fake.length == length || + _values.length == length && + _fake.length == length && _secret.length == length ); @@ -544,10 +545,10 @@ Safe Remote Purchase function Purchase() payable { seller = msg.sender; value = msg.value / 2; - require(!2 * value != msg.value); + require(2 * value == msg.value); } - modifier require(bool _condition) { + modifier condition(bool _condition) { require(_condition); _; } @@ -589,7 +590,7 @@ Safe Remote Purchase /// is called. function confirmPurchase() inState(State.Created) - require(msg.value == 2 * value) + condition(msg.value == 2 * value) payable { purchaseConfirmed(); @@ -609,8 +610,9 @@ Safe Remote Purchase // can call in again here. state = State.Inactive; // This actually allows both the buyer and the seller to - // block the refund. - require(buyer.transfer(value) || seller.transfer(this.balance)); + // block the refund - the withdraw pattern should be used. + buyer.transfer(value); + seller.transfer(this.balance)); } } -- cgit v1.2.3 From d58a4e08daba3a672a3494402b2d448c704dd69e Mon Sep 17 00:00:00 2001 From: chriseth Date: Tue, 2 May 2017 17:33:46 +0200 Subject: Corrections and some style. --- docs/frequently-asked-questions.rst | 2 +- docs/security-considerations.rst | 3 ++- docs/solidity-by-example.rst | 20 ++++++++++---------- 3 files changed, 13 insertions(+), 12 deletions(-) (limited to 'docs') diff --git a/docs/frequently-asked-questions.rst b/docs/frequently-asked-questions.rst index 029e32eb..03ee8388 100644 --- a/docs/frequently-asked-questions.rst +++ b/docs/frequently-asked-questions.rst @@ -665,7 +665,7 @@ What does the following strange check do in the Custom Token contract? :: - require(balanceOf[_to] + _value >= balanceOf[_to]); + require((balanceOf[_to] + _value) >= balanceOf[_to]); Integers in Solidity (and most other machine-related programming languages) are restricted to a certain range. For ``uint256``, this is ``0`` up to ``2**256 - 1``. If the result of some operation on those numbers diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 6479eeb8..33c613d8 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -137,7 +137,8 @@ Sending and Receiving Ether depth, they can force the transfer to fail; take this possibility into account or use ``send`` and make sure to always check its return value. Better yet, write your contract using a pattern where the recipient can withdraw Ether instead. 3. Sending Ether can also fail because the execution of the recipient contract - requires more than the allotted amount of gas (explicitly by using ``revert`` or + requires more than the allotted amount of gas (explicitly by using ``require``, + ``assert``, ``revert``, ``throw`` or because the operation is just too expensive) - it "runs out of gas" (OOG). If you use ``transfer`` or ``send`` with a return value check, this might provide a means for the recipient to block progress in the sending contract. Again, the best practice here is to use diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index f6d45e0a..3d352843 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -94,7 +94,7 @@ of votes. // called incorrectly. But watch out, this // will currently also consume all provided gas // (this is planned to change in the future). - require(msg.sender == chairperson || !voters[voter].voted); + require((msg.sender == chairperson) && !voters[voter].voted); voters[voter].weight = 1; } @@ -268,11 +268,11 @@ activate themselves. // Revert the call if the bidding // period is over. - require(now < auctionStart + biddingTime); + require(now <= auctionStart + biddingTime); // If the bid is not higher, send the // money back. - require(msg.value <= highestBid); + require(msg.value > highestBid); if (highestBidder != 0) { // Sending back the money by simply using @@ -322,7 +322,7 @@ activate themselves. // external contracts. // 1. Conditions - require(now >= auctionStart + biddingTime); // auction did not yet end + require(now >= (auctionStart + biddingTime)); // auction did not yet end require(!ended); // this function has already been called // 2. Effects @@ -446,11 +446,9 @@ high or low invalid bids. onlyBefore(revealEnd) { uint length = bids[msg.sender].length; - require( - _values.length == length && - _fake.length == length && - _secret.length == length - ); + require(_values.length == length); + require(_fake.length == length); + require(_secret.length == length); uint refund; for (uint i = 0; i < length; i++) { @@ -609,8 +607,10 @@ Safe Remote Purchase // otherwise, the contracts called using `send` below // can call in again here. state = State.Inactive; - // This actually allows both the buyer and the seller to + + // NOTE: This actually allows both the buyer and the seller to // block the refund - the withdraw pattern should be used. + buyer.transfer(value); seller.transfer(this.balance)); } -- cgit v1.2.3 From e9458be7bdebf3fdabc9a5a63e372a56deaa9f5a Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 3 May 2017 12:02:46 +0200 Subject: Parentheses. --- docs/solidity-by-example.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index 3d352843..4ed474df 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -268,7 +268,7 @@ activate themselves. // Revert the call if the bidding // period is over. - require(now <= auctionStart + biddingTime); + require(now <= (auctionStart + biddingTime)); // If the bid is not higher, send the // money back. @@ -543,7 +543,7 @@ Safe Remote Purchase function Purchase() payable { seller = msg.sender; value = msg.value / 2; - require(2 * value == msg.value); + require((2 * value) == msg.value); } modifier condition(bool _condition) { @@ -588,7 +588,7 @@ Safe Remote Purchase /// is called. function confirmPurchase() inState(State.Created) - condition(msg.value == 2 * value) + condition(msg.value == (2 * value)) payable { purchaseConfirmed(); -- cgit v1.2.3 From 9fd34bf5c033260e4ff93c806030e632fa0488f5 Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 3 May 2017 12:31:45 +0200 Subject: Update bug list. --- docs/bugs_by_version.json | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs') diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 7fbca437..542371da 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -270,6 +270,10 @@ ], "released": "2017-03-15" }, + "0.4.11": { + "bugs": [], + "released": "2017-05-02" + }, "0.4.2": { "bugs": [ "ConstantOptimizerSubtraction", -- cgit v1.2.3 From 9df7a6fa29905ec47f7c8645c9b1f836593491db Mon Sep 17 00:00:00 2001 From: chriseth Date: Wed, 3 May 2017 12:38:33 +0200 Subject: Update permalink for optimizer bug and fix release date. --- docs/bugs.json | 2 +- docs/bugs_by_version.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/bugs.json b/docs/bugs.json index 78fcf06b..1a67d626 100644 --- a/docs/bugs.json +++ b/docs/bugs.json @@ -3,7 +3,7 @@ "name": "ConstantOptimizerSubtraction", "summary": "In some situations, the optimizer replaces certain numbers in the code with routines that compute different numbers.", "description": "The optimizer tries to represent any number in the bytecode by routines that compute them with less gas. For some special numbers, an incorrect routine is generated. This could allow an attacker to e.g. trick victims about a specific amount of ether, or function calls to call different functions (or none at all).", - "link": "https://blog.ethereum.org/2017/04/24/solidity-optimizer-bug/", + "link": "https://blog.ethereum.org/2017/05/03/solidity-optimizer-bug/", "fixed": "0.4.11", "severity": "low", "conditions": { diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json index 542371da..0f7346b4 100644 --- a/docs/bugs_by_version.json +++ b/docs/bugs_by_version.json @@ -272,7 +272,7 @@ }, "0.4.11": { "bugs": [], - "released": "2017-05-02" + "released": "2017-05-03" }, "0.4.2": { "bugs": [ -- cgit v1.2.3