Solidity, the Smart Contract Programming Language

Last update: Dec 31, 2022

Overview

The Solidity Contract-Oriented Programming Language

You can talk to us on Gitter and Matrix, tweet at us on Twitter or create a new topic in the Solidity forum. Questions, feedback, and suggestions are welcome!

Solidity is a statically typed, contract-oriented, high-level language for implementing smart contracts on the Ethereum platform.

For a good overview and starting point, please check out the official Solidity Language Portal.

Background
Build and Install
Example
Documentation
Development
Maintainers
License
Security

Background

Solidity is a statically-typed curly-braces programming language designed for developing smart contracts that run on the Ethereum Virtual Machine. Smart contracts are programs that are executed inside a peer-to-peer network where nobody has special authority over the execution, and thus they allow to implement tokens of value, ownership, voting, and other kinds of logic.

When deploying contracts, you should use the latest released version of Solidity. This is because breaking changes, as well as new features and bug fixes are introduced regularly. We currently use a 0.x version number to indicate this fast pace of change.

Build and Install

Instructions about how to build and install the Solidity compiler can be found in the Solidity documentation.

Example

A "Hello World" program in Solidity is of even less use than in other languages, but still:

// SPDX-License-Identifier: MIT
pragma solidity >=0.6.0 <0.9.0;

contract HelloWorld {
    function helloWorld() external pure returns (string memory) {
        return "Hello, World!";
    }
}

To get started with Solidity, you can use Remix, which is a browser-based IDE. Here are some example contracts:

Documentation

The Solidity documentation is hosted at Read the docs.

Development

Solidity is still under development. Contributions are always welcome! Please follow the Developers Guide if you want to help.

You can find our current feature and bug priorities for forthcoming releases in the projects section.

Maintainers

License

Solidity is licensed under GNU General Public License v3.0.

Some third-party code has its own licensing terms.

Security

The security policy may be found here.

Comments

File outside of allowed directories issue
I have zeppelin as a submodule, and I am trying to import a solidity contract from inside of the zeppelin submodule. solc is throwing and error when trying to compile though. File outside of allowed directories.\nimport 'zeppelin-solidity/contracts/ownership/Ownable.sol any idea what's causing this?

Here is my repository https://github.com/aleitner/MineableToken

Current state:

The following works on linux, but not on windows:

# pwd /tmp # cat a/b/c/d/a.sol import "../../x/y/r.sol"; # cat a/b/c/x/y/r.sol # (empty) # solc --allow-paths . a/b/c/d/a.sol Trying to load a/b/x/y/r.sol (boost: "a/b/x/y/r.sol" canonical: "/tmp/a/b/x/y/r.sol" ) Allowed directory: "" Is allowed: 1 # (compilation successful)
bug :bug:
opened by aleitner 84

SMT: display large values in a nicer format

nonlinear.sol:7:12: Warning: Overflow (resulting value larger than 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff) happens here
        uint c = a * b;
                 ^---^
  for:
  a = 2
  b = 0x8000000000000000000000000000000000000000000000000000000000000000
  c = 0
  value = 0x010000000000000000000000000000000000000000000000000000000000000000

I think the values should be displayed in a more friendly way. @ekpyron suggested that it should detect powers of 2 and powers of 2 minus one and display them accordingly.

It is hard to compare these numbers without sitting down to compare/calculate.

bounty worthy :moneybag: challenging difficulty

opened by axic 76

cmake/jsoncpp.cmake: update to jsoncpp v1.8.4

Fixes #2829.

To get version 1.8.4 to work, we need to get rid of the usage of deprecated API. PR #3532 (libdevcore/JSON.h - new API) will remove the deprecated API calls.

Remember, that scripts/travis-emscripten/build_emscripten.sh is currently using the systems cmake, that is shipped with trzeci/emscripten:sdk, it is not using the one that is installed with scripts/install_cmake.sh.

The new jsoncpp (at least version 1.8.4) needs a minimum cmake version of 3.1, that is currently not provided by trzeci/emscripten:sdk, at least not with version 1.37.33-64bit. So minor changes on the build scripts are needed.

opened by aarlt 59
Experimental mechanism for loading Z3 dynamically at runtime.
Ok, so this is as close as we will get. The "static" binary built by the b_ubu_static CI here now dynamically loads Z3 - it's available as CI artifact ~~(https://531866-40892817-gh.circle-artifacts.com/0/solc).~~ [Link doesn't seem to work]

The resulting binary is in fact slightly (but insignificantly) smaller than the previous static build. However, it's not entirely static anymore:

$ ldd /tmp/solc linux-vdso.so.1 (0x00007ffebdbf2000) libdl.so.2 => /usr/lib/libdl.so.2 (0x00007f0ff38c7000) libm.so.6 => /usr/lib/libm.so.6 (0x00007f0ff3781000) libc.so.6 => /usr/lib/libc.so.6 (0x00007f0ff35b8000) /lib64/ld-linux-x86-64.so.2 => /usr/lib64/ld-linux-x86-64.so.2 (0x00007f0ff43e3000)

I was strongly arguing for trying to achive entirely static binaries before today, but ;-)... all what remains here libdl.so, libm.so and libc.so are all part of glibc. The binary should work as is against any glibc>=2.14 (released 2011). Some further minor trickery could even make it compatible down to glibc>=2.4 (released 2006) - beyond that it might be a hassle. Newer versions of glibc released in the future can reasonably be expected to stay compatible basically forever.

So this is not entirely what we wanted, but I'm not sure it's all too bad.

The reason for entirely static linking not being possible is the fact that Z3 uses some thread-local storage variables and thread-local storage inherently depends on the dynamic linker and seems to work fundamentally different between static and dynamic linking - and to me it doesn't look like there is any workaround for that.

The PR is of course still draft, so not much sense to review the details, it's rather meant as proof-of-concept - e.g. we won't pull in the actual Z3 headers, but make them compile-time-only dependencies and also the CMake options need some refinement (e.g. errors for trying to do any of this on non-linux systems), etc. On the other hand, note that there are hardly any changes to the existing code - the only real change is adding Z3Interface::available(), the rest is entirely transparent.

Apart from all that, all tests were passed with this kind of linking and there is no noticable performance loss.

So yeah, opinions anyone :-)? @leonardoalt @chriseth @axic @cameel ?
opened by ekpyron 56
Allow comments to ignore compiler warnings.

I would like the ability to disable compiler warnings on a per-line basis using something like comments or pragma. C++ has a mechanism to also disable comments across a block using #pragma push (disable: 1234) and #pragma pop. I'll leave it up to the language designers to decide the exact mechanism based on which one is most reasonable to implement. The key is that I need to be able to disable any single specific warning in the source code that is generating that warning.

With solc becoming more and more opinionated with its compiler warnings, there needs to be a way to disable them selectively. At the moment, we use solc compiler warnings/errors as a CI gate block but we are finding that some of the warnings should be ignored, yet we don't have a reasonable way to do this right now.

For example, we have a SafeMath library that leverages using SafeMath for <type>. This library does function overloading/shadowing so that it can have both add(uint256,uint256) and add(int256,int256) in the same library. I appreciate the warning, but I need the ability to disable it on a case-by-case basis. The same goes for a number of other warnings that have been added recently. In general I think are all very valuable, but may not be able to be applied exhaustively to all code.

opened by MicahZoltu 56
Segmentation fault getting worse...nothing compiling now.

Relates to #571 #490 #570 #502 #486 ....I currently cannot compile anything with OS X....this leads me to believe something is wrong with the OS X slave because it should be picking up these problems in the jenkins runs. Either way...we need a fix and stat.
bug :bug:

opened by VoR0220 56
Consider using `fallback {}` instead of `function() {}` (S)
Not sure which is better:

omitting the parentheses makes sense because it can have no arguments

omitting the parentheses doesn't make sense because it is inconsistent with the rest of the language (and could be confused with modifier areas)

breaking change :warning: language design :rage4:
opened by axic 52
Unchecked block as an expression.
Abstract

Make it so unchecked { ... } blocks are an expression that return the the result of the last expression if the last thing in the block is an expression.

Motivation

Unchecked blocks are a bit unwieldy at the moment because you have to fully isolate the code inside the unchecked block from the code around it which makes it awkward to deal with. It would be nice to be able to use unchecked blocks inline, rather than having to fully isolate the unchecked code from the rest of your code.

Here are some examples of behavior that would be nice, and their counterpart in the current version of Solidity:

// proposed for (uint8 i; i < 10; unchecked { ++i }) { ... } uint256 apple = unchecked { banana + cherry }; uint256 durian = apple + unchecked { banana + cherry } - eggplant; // current for (uint8 i; i < 10;) { unchecked { ++i } ... } uint256 apple; unchecked { apple = banana + cherry; } uint256 temp; unchecked { temp = banana + cherry; } uint256 durian = apple + temp - eggplant;

Specification

When the last statement in an unchecked block is an expression, the unchecked block becomes an expression and the return value of the last statement in the block is returned from the unchecked block.

Consider: Maybe this behavior only occurs when the last statement doesn't have a trailing ; as a way to make this a bit more explicit?

Backwards Compatibility

I believe this is a feature that is purely widening, so no backward compatibility issues should exist.

Other

In general, it would be nice if all blocks were expressions, like for loops if blocks, etc. If it is just as easy to make all blocks expressions then we can adjust this issue, but I wanted to start narrow and widen if there is desire from those with a better understanding of the internals.
language design :rage4: annoys users :cry: medium effort medium impact needs design
opened by MicahZoltu 49
Provide access to source code of internal routines to debuggers

Source references already map to internal code - we should provide access to this code, at least the abi encoder / decoder written in yul. This does not need to be part of the metadata because it can be re-generated from the source.

opened by chriseth 49
ICE in virtual void solidity::frontend::CHC::endVisit(const solidity::frontend::ContractDefinition &) due to solidity/test/libsolidity/smtCheckerTests/bmc_coverage/branches_with_return/constructor_state_variable_init_chain_alternate.sol
Description

Running one of the included tests in the github master causes a crash:

ser@b884298832a1:~/solidity/test$ ../build/solc/solc libsolidity/smtCheckerTests/bmc_coverage/branches_with_return/constructor_state_variable_init_chain_alternate.sol Internal compiler error during compilation: /home/user/solidity/libsolidity/formal/CHC.cpp(159): Throw in function virtual void solidity::frontend::CHC::endVisit(const solidity::frontend::ContractDefinition &) Dynamic exception type: boost::exception_detail::clone_impl<solidity::langutil::InternalCompilerError> std::exception::what: [solidity::util::tag_comment*] = user@b884298832a1:~/solidity/test$ ../build/solc/solc --version solc, the solidity compiler commandline interface Version: 0.7.6-develop.2020.12.8+commit.71a4a4ef.Linux.clang user@b884298832a1:~/solidity/test$ date Tue Dec 8 18:51:47 UTC 2020

I can drop it from my corpus collection, but definitely weird (not systematic, this is the only instance I see of this so far).

Environment

Compiler version: 0.7.6-develop.2020.12.8+commit.71a4a4ef.Linux.clang

Target EVM version (as per compiler settings): N/A

Framework/IDE (e.g. Truffle or Remix): N/A

EVM execution environment / backend / blockchain client: N/A

Operating system: Ubuntu 18.04 in docker

Steps to Reproduce

Above shows pretty clearly, I think.
bug :bug: fuzz-blocker should compile without error
opened by agroce 48
Introduce a real constant keyword and rename the current behaviour
I think the following makes more sense compared to what we have now.

Now:

constant function should not modify the state (not fully enforced yet)

constant state variable (ie. the one in the class and not in a method) is evaluated every time it is called

After the change:

the keyword view is introduced for functions (it replaces constant). Calling a view cannot alter the behaviour of future interactions with any contract. This means such functions cannot use SSTORE, cannot send or receive ether and can only call other view or pure functions.

the keyword pure is introduced for functions, they are view functions with the additional restriction that their value only depends on the function arguments. This means they cannot use SSTORE, SLOAD, cannot send or receive ether, cannot use msg or block and can only call other pure functions.

the keyword constant is invalid on functions

the keyword constant on any variable means it cannot be modified (and could be placed into memory or bytecode by the optimiser)

~~5) the keyword volatile is introduced for variables, which read their referenced value every time (this is what constant does today to variables)~~ [agreed to remove this functionality]

Any example of the volatile keyword:

contract A { uint volatile number = block.number; function a() returns (uint) { return number; // this returns the *current* block.number every time it is called } }

I'm not sure the volatile option is useful and thus we might decide to remove it.
opened by axic 47
Allow try/catch without the catch

Abstract

Solidity always requires try { … } to be followed by catch { … }. Make catch { … } optional.

Motivation

Most of the time I do try { … } catch {} to make a non-reverting call, and do something if only there is no failure. In those cases, I have no use for catch, so I leave it empty within {}. But it just looks ugly. I want to be able to write try { … } without any trailing catch {}.

Specification

Make try { … } equivalent to try { … } catch {}.

Backwards Compatibility

This change seems to be entirely backwards compatible.

opened by Shungy 0
[codegen] Enforce Re-Entrancy Protections by Default (Solidity `0.9.X`)
Abstract

As the security space around EVM-based smart contracts matures, we can observe a recurring pattern in security vulnerabilities across all EVM spectrums; a significant portion of them arise from re-entrancy vulnerabilities,

With this issue, we aim to introduce a built-in re-entrancy check across all functions of a generated contract by default, permitting programmers to explicitly mark their functions as re-entrant via the newly introduced reentrant keyword, being declared akin to override and co.

Motivation

Rationale

Re-entrancy attacks are one of the most common root causes of multi-million dollar exploits we can observe by going through historical exploits. Additionally, the concept of a re-entrancy is very hard to grasp when coming from a traditional programming background due to the unique nature of the EVM.

Solidity is an evolving language that attempts to cater to the wider EVM development community and has historically introduced tools to aid in developing using the language more securely, such as built-in arithmetic checks introduced in 0.8.X.

With this change, we aim to introduce built-in re-entrancy protections by default with the ability to bypass these protections explicitly, empowering seasoned developers with maximum flexibility while protecting newcomers from EVM-related caveats they may not be aware of.

Proposal

The proposed keyword (reentrant) is meant to mark a function explicitly re-entrant. As a result, code generation of Solidity would need to introduce a breaking change that will cause the "entrypoint" of the bytecode to evaluate the reentrancy flag.

For the proposal to function properly, a NON_REENTRANT_FLAG_OFFSET compiler-literal would need to be introduced that signifies a storage slot's offset that is meant to indicate the re-entrant flag that is validated. This offset should be preferrably located in the upper-half of the type(uint256).max range that a smart contract's storage slot space supports to ensure no conflicts with existing implementations.

Keyword vs. Existing Syntax

Upon additional feedback from @pcaversaccio and issue #12996, I would like to add some additional insight as to why a new keyword was chosen over the existing syntax. The original issue revolved around the concept of a new keyword and switched over to the idea of using unchecked to perform external calls without triggering any re-entrancy safety checks.

The unchecked keyword is meant to be utilized in the locale it is declared in (i.e. an upper-most unchecked block will not affect the statements of internal calls it makes), as such, such a solution is not viable if we want the new re-entrancy feature to be compatible with existing programming paradigms such as inheritance.

We are faced with either breaking the existing behaviour of unchecked to apply to internal call chains or introducing a new keyword. The latter appears to be more explicit and easier to grasp for security auditors and developers alike, however, feedback is appreciated.

Example Showcase

To illustrate how the generated bytecode would be altered, let us take a subset of the WETH9 contract:

contract MockWETH9 { event Deposit(address indexed dst, uint wad); mapping (address => uint) public balanceOf; fallback() public payable { deposit(); } function deposit() public payable { balanceOf[msg.sender] += msg.value; emit Deposit(msg.sender, msg.value); } }

The above contract contains two functions that do mutate the state (fallback & deposit) as well as one function that does not mutate the state (balanceOf).

Its compilation with current tools would result in the following bytecode in pseudo-code format:

contract MockWETH9Bytecode { function main() { memory[0x40:0x60] = 0x60; // Fallback Function if (msg.data.length < 0x04) { label_00AF: var var0 = 0x00b7; deposit(); stop(); } else { // Extract Function Signature var0 = msg.data[0x00:0x20] / 0x0100000000000000000000000000000000000000000000000000000000 & 0xffffffff; // Signature Comparison if (var0 == 0xd0e30db0) { // Pseudo-Code of deposit() var1 = 0x03d2; deposit(); stop(); } else if (var0 == 0x70a08231) { // Pseudo-Code of balanceOf(address) if (msg.value) { revert(memory[0x00:0x00]); } var1 = 0x02cc; var2 = msg.data[0x04:0x24] & 0xffffffffffffffffffffffffffffffffffffffff; var2 = balanceOf(var2); var temp17 = memory[0x40:0x60]; memory[temp17:temp17 + 0x20] = var2; var temp18 = memory[0x40:0x60]; return memory[temp18:temp18 + (temp17 + 0x20) - temp18]; } else { goto label_00AF; } } } function deposit() { memory[0x00:0x20] = msg.sender; memory[0x20:0x40] = 0x03; var temp0 = keccak256(memory[0x00:0x40]); storage[temp0] = storage[temp0] + msg.value; var temp1 = memory[0x40:0x60]; memory[temp1:temp1 + 0x20] = msg.value; var temp2 = memory[0x40:0x60]; log(memory[temp2:temp2 + (temp1 + 0x20) - temp2], [0xe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c, msg.sender]); } function balanceOf(var arg0) returns (var arg0) { memory[0x20:0x40] = 0x03; memory[0x00:0x20] = arg0; return storage[keccak256(memory[0x00:0x40])]; } }

Given that the compiler can detect which parts of the generated bytecode will mutate the state and which will not (based on the view / pure keywords), we have two cases of code generation:

No reentrant Functions Defined

n > 1 reentrant Functions Defined

No reentrant Function Case

For the first case, the bytecode generation module would inject a blanket check at the beginning of main that would validate the re-entrant state of the contract. Afterwards, the bytecode generation module would introduce an assignment to the re-entrant flag solely in the if-else clauses that execute code mutating the state.

Identifying the correct points of injection should be trivial as the compiler is already aware of which functions mutate the state via the view and pure keywords. To illustrate how the bytecode generated would look like, let us take the first case with the original MockWETH9 smart contract code:

contract MockWETH9Bytecode { function main() { memory[0x40:0x60] = 0x60; // INJECTED CODE: Evaluate whether flag is already set and yield an error in case of re-entrancy if (storage[NON_REENTRANT_FLAG_OFFSET] == 0x02) { revert(memory[0x00:0x00]); } // Fallback Function if (msg.data.length < 0x04) { label_00AF: // INJECTED CODE: Mutating Function -> Set Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x02; var var0 = 0x00b7; deposit(); // INJECTED CODE: Mutating Function -> Reset Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x01; stop(); } else { // Extract Function Signature var0 = msg.data[0x00:0x20] / 0x0100000000000000000000000000000000000000000000000000000000 & 0xffffffff; // Signature Comparison if (var0 == 0xd0e30db0) { // Pseudo-Code of deposit() // INJECTED CODE: Mutating Function -> Set Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x02; var1 = 0x03d2; deposit(); // INJECTED CODE: Mutating Function -> Reset Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x01; stop(); } else if (var0 == 0x70a08231) { // Pseudo-Code of balanceOf(address) // Code Injection not necessary as function cannot mutate state if (msg.value) { revert(memory[0x00:0x00]); } var1 = 0x02cc; var2 = msg.data[0x04:0x24] & 0xffffffffffffffffffffffffffffffffffffffff; var2 = balanceOf(var2); var temp17 = memory[0x40:0x60]; memory[temp17:temp17 + 0x20] = var2; var temp18 = memory[0x40:0x60]; return memory[temp18:temp18 + (temp17 + 0x20) - temp18]; } else { goto label_00AF; } } } function deposit() { memory[0x00:0x20] = msg.sender; memory[0x20:0x40] = 0x03; var temp0 = keccak256(memory[0x00:0x40]); storage[temp0] = storage[temp0] + msg.value; var temp1 = memory[0x40:0x60]; memory[temp1:temp1 + 0x20] = msg.value; var temp2 = memory[0x40:0x60]; log(memory[temp2:temp2 + (temp1 + 0x20) - temp2], [0xe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c, msg.sender]); } function balanceOf(var arg0) returns (var arg0) { memory[0x20:0x40] = 0x03; memory[0x00:0x20] = arg0; return storage[keccak256(memory[0x00:0x40])]; } }

The bytecode generator can further optimize the gas cost of the injection by performing the re-entrant flag assignment conditionally via a temporary variable which will hold the value of storage[NON_REENTRANT_FLAG_OFFSET] that is evaluated at the very start of the main block.

reentrant Function Case

This case would simply require the blanket check in the main code block showcased above to be relocated to all if-else bodies that do NOT have the reentrant modifier set. To illustrate how the reentrant keyword would be used, let us adjust the original MockWETH9 code to now permit re-entrancy solely for the deposit function:

contract MockWETH9 { event Deposit(address indexed dst, uint wad); mapping (address => uint) public balanceOf; fallback() public payable { deposit(); } function deposit() public payable reentrant { balanceOf[msg.sender] += msg.value; emit Deposit(msg.sender, msg.value); } }

The bytecode generation would look like the following:

contract MockWETH9Bytecode { function main() { memory[0x40:0x60] = 0x60; // Fallback Function if (msg.data.length < 0x04) { label_00AF: // INJECTED CODE: Evaluate whether flag is already set and yield an error in case of re-entrancy, else set flag if (storage[NON_REENTRANT_FLAG_OFFSET] == 0x02) { revert(memory[0x00:0x00]); } else { storage[NON_REENTRANT_FLAG_OFFSET] = 0x02; } var var0 = 0x00b7; deposit(); // INJECTED CODE: Mutating Function -> Reset Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x01; stop(); } else { // Extract Function Signature var0 = msg.data[0x00:0x20] / 0x0100000000000000000000000000000000000000000000000000000000 & 0xffffffff; // Signature Comparison if (var0 == 0xd0e30db0) { // Pseudo-Code of deposit() // INJECTED CODE: Mutating Function -> Set Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x02; var1 = 0x03d2; deposit(); // INJECTED CODE: Mutating Function -> Reset Non-Reentrant Flag storage[NON_REENTRANT_FLAG_OFFSET] = 0x01; stop(); } else if (var0 == 0x70a08231) { // Pseudo-Code of balanceOf(address) // INJECTED CODE: Evaluate whether flag is already set and yield an error in case of re-entrancy if (storage[NON_REENTRANT_FLAG_OFFSET] == 0x02) { revert(memory[0x00:0x00]); } if (msg.value) { revert(memory[0x00:0x00]); } var1 = 0x02cc; var2 = msg.data[0x04:0x24] & 0xffffffffffffffffffffffffffffffffffffffff; var2 = balanceOf(var2); var temp17 = memory[0x40:0x60]; memory[temp17:temp17 + 0x20] = var2; var temp18 = memory[0x40:0x60]; return memory[temp18:temp18 + (temp17 + 0x20) - temp18]; } else { goto label_00AF; } } } function deposit() { memory[0x00:0x20] = msg.sender; memory[0x20:0x40] = 0x03; var temp0 = keccak256(memory[0x00:0x40]); storage[temp0] = storage[temp0] + msg.value; var temp1 = memory[0x40:0x60]; memory[temp1:temp1 + 0x20] = msg.value; var temp2 = memory[0x40:0x60]; log(memory[temp2:temp2 + (temp1 + 0x20) - temp2], [0xe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c, msg.sender]); } function balanceOf(var arg0) returns (var arg0) { memory[0x20:0x40] = 0x03; memory[0x00:0x20] = arg0; return storage[keccak256(memory[0x00:0x40])]; } }

A yet-to-be defined behaviour arises if we declare the fallback function as reentrant when it invokes the deposit function which has not been declared so. To ensure maximal compatibility with existing programming paradigms, we believe that the reentrant keyword should mark a function as re-entrant regardless of its internal call chain. As a result, if we have the following code:

contract MockWETH9 { event Deposit(address indexed dst, uint wad); mapping (address => uint) public balanceOf; fallback() public payable reentrant { deposit(); } function deposit() public payable { balanceOf[msg.sender] += msg.value; emit Deposit(msg.sender, msg.value); } }

The function fallback will be re-entrant even if it invokes deposit which we have not marked so. This ensures compatibility with libraries / smart contract dependencies as otherwise users who wish to set their functions as reentrant deliberately would have to reflect that modifier to the full call-chain. Additionally, given that the introduction of the keyword is a concious and deliberate choice by the developer(s), we consider them to be fully aware of the implications of the reentrant keyword.

Advanced Usage

We are aware that re-entrancy is indeed desirable in a set of limited use cases, the most common being proxy implementations that follow a fragmented logic pattern and thus invoke themselves externally (i.e. Diamond standard cross-facet invocations). To accommodate for these implementations, we propose the introduction of an argument to the reentrant keyword similarly to how arguments are present for the override keyword.

In detail, we advise the introduction of a single, optional address argument which marks a function as reentrant but solely for a particular address. In the case of the Diamond standard, for example, we can introduce the reentrant(address(this)) syntax to ensure that the facets of the Diamond can invoke each other without compromising the wider security guarantees of the system.

Additionally, this syntax permits complex smart contract systems that are meant to invoke one-another mid-execution to still function post-0.9.X securely. Multi-address support can be introduced, however, it should be delayed until a sufficient use-case is illustrated by the development community that cannot be solved by better programming practices.

Specification

While the specification of how the new reentrant keyword will operate can be extracted from the above text, we would also like to highlight which sections of the official Solidity documentation would require adjustments to accommodate for this change. Reference specification can be produced upon request for all chapters outlined below should this feature request gain traction.

Contracts Section

A new "Re-Entrancy" chapter would need to be introduced that describes how re-entrancy behaves post-0.9.X (in that it is prohibited) and how developers can make use of the reentrant keyword to bypass this security measure. A warning chapter should be introduced as well ensuring that the developers are well aware of the security guarantees they are nullifying by using the keyword.

Cheatsheet

The Modifiers section would need to be expanded with the new reentrant keyword and how it is meant to be used.

Language Grammar

An identical rule to the override specifier would need to be introduced specifying how the new reentrant keyword is meant to be parsed when reading Solidity code using machines.

Layout of State Variables In Storage

This chapter should specify the newly reserved NON_REENTRANT_FLAG_OFFSET as a matter of specification. Overwriting the storage area of the flag via overlap or a storage slot hash collision due to the usage of upgradeable patterns and standards such as EIP-1967 should be of negligible concern with a likelihood akin to that of general hash collisions.

Solidity v0.9.0 Breaking Changes

This chapter should, as its namesake indicates, highlight the breaking change of how reentrant behaves and how contracts compiled in pragma solidity ^0.9.0 will have re-entrancy protections enforced by default.

Backwards Compatibility

As the code generation's behaviour will change to enforce re-entrancy protection by default, this is a breaking change requiring a minor semver bump to prompt developers to get accustomed to the new security measure.

General Concerns

Security Bypass

Given that the change illustrated by this issue would rely on the storage space of the smart contract, developers will be able to explicitly unset the re-entrant flag via assembly blocks that access the low-level nature of the EVM and write to the NON_REENTRANT_FLAG_OFFSET storage slot. Such code is considered malicious by nature and should be flagged by auditors as well as potential static analyzers that aid them.

Bytecode & Gas Increase

The issue attempts to explain the proposed change in the Solidity language in a way that minimizes the gas footprint as well as bytecode size impact. Nevertheless, both of these numbers will increase for all contracts compiled beyond 0.9.X.

We believe the security guarantees achieved by this change to be worth the extra units of gas and size, which is evidenced by the developer community itself via the common usage of libraries implementing this trait such as ReentrancyGuard by OpenZeppelin.

Resources

The pseudo-code of the bytecode was generated by the ethervm decompiler and was consequently manually edited to illustrate the smaller subset of MockWETH9 as well as the adjustments that reentrant and post-0.9.X compilation would cause.
opened by alex-ppg 2
The Solidity compiler does not raise any warnings or errors for the incorrect use of operators in variable initialization at the function level.
// SPDX-License-Identifier: GPL-3.0 pragma solidity 0.8.17; contract Lottery{ address public owner; constructor(){ owner == msg.sender; } }

Issue: In the given code, there is a mistake in the assignment of the owner variable in the constructor function. Instead of using the assignment operator =, the double equal == operator is used, which is a comparison operator and does not assign a value to the variable. This mistake can be hard to identify, as the Solidity compiler does not raise any warnings or errors for this issue.

Feature Expected: As a result, it is essential for the compiler should carefully check the code and make sure that the correct operators are used at the time of initialization of a variable at the function level.
opened by ROOTBABU 0

[Codegen] Self imported code compiled via legacy results in EVMC_STACK_OVERFLOW whereas via-ir results in a panic (underflow)

==== Source: s1.sol ====
import {f as g, g as h} from "s1.sol";
function f() pure returns (uint) { return 100 + h() - g(); }
==== Source: s2.sol ====
import {f as h} from "s1.sol";
function f() pure returns (uint) { return 2; }
function g() pure returns (uint) { return 4; }
==== Source: s3.sol ====
import "s2.sol";
contract C {
  function foo() public pure returns (uint) {
return f() - g() - h();
  }
}
// ----
// foo() -> FAILURE

To reproduce, copy the test file in test/libsolidity/semanticTests/test.sol and run

$ isoltest --show-messages semanticTests/test

bug :bug:

opened by bshastry 0

formating the modifiers section in cheatsheet into a clean formated t…

I tried to enhance the cheat sheet as per issue #12934, and I converted the Modifiers section of cheatsheet into a clean formatted table.

I will appreciate the review on this PR.
external contribution :star:

opened by bakhtiarcr7 2

Releases(v0.8.17)

v0.8.17(Sep 8, 2022)
This release primarily fixes an important bug, but also involves some improvements in code generation, optimizer and in the language server.

For details, please see the release announcement.

Important Bugfixes:

Yul Optimizer: Prevent the incorrect removal of storage writes before calls to Yul functions that conditionally terminate the external EVM call.

Compiler Features:

Code Generator: More efficient overflow checks for multiplication.

Language Server: Analyze all files in a project by default (can be customized by setting 'file-load-strategy' to 'directly-opened-and-on-import' in LSP settings object).

Yul Optimizer: Simplify the starting offset of zero-length operations to zero.

Bugfixes:

Type Checker: Fix internal compiler error on tuple assignments with invalid left-hand side.

Yul IR Code Generation: Fix internal compiler error when accessing the .slot member of a mapping through a storage reference in inline assembly.

Build System:

Allow disabling pedantic warnings and do not treat warnings as errors during compiler build when -DPEDANTIC=OFF flag is passed to CMake.

Update emscripten to version 3.1.19.

We especially thank all the contributors that made this release possible:

Alexander Arlt, Bhargava Shastry, Christian Parpart, Damian Wechman, Daniel Kirchner, Duc Thanh Nguyen, Emmanuel Oaikhenan, Francisco Giordano, Kamil Śliwak, krakxn, Leonardo Alt, Leonid Pospelov, Luke Hutchison, Luoh Ren-Shan, Matheus Aguiar, Mathias L. Baumann, MeetRajput00, Nikola Matić, NoFaceDev, Pranay, Roman Figurin, Taylor Ferran, Thanh Tran, Yuvraj Singh, aathan, emmaodia, khue, kuzdogan, minaminao, Nishant Sachdeva, tcoyvwac, xternet

If you want to perform a source build, please only use solidity_0.8.17.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(37.09 MB)
solc-static-linux(13.66 MB)
solc-windows.exe(8.53 MB)
solidity_0.8.17.tar.gz(2.97 MB)
soljson.js(8.07 MB)
v0.8.16(Aug 8, 2022)
This release fixes one important bug and contains further minor bug fixes and features.

For details, please see the release announcement.

Important Bugfixes:

Code Generation: Fix data corruption that affected ABI-encoding of calldata values represented by tuples: structs at any nesting level; argument lists of external functions, events and errors; return value lists of external functions. The 32 leading bytes of the first dynamically-encoded value in the tuple would get zeroed when the last component contained a statically-encoded array.

Compiler Features:

Code Generator: More efficient code for checked addition and subtraction.

TypeChecker: Support using library constants in initializers of other constants.

Yul IR Code Generation: Improved copy routines for arrays with packed storage layout.

Yul Optimizer: Add rule to convert mod(add(X, Y), A) into addmod(X, Y, A), if A is a power of two.

Yul Optimizer: Add rule to convert mod(mul(X, Y), A) into mulmod(X, Y, A), if A is a power of two.

Bugfixes:

Commandline Interface: Disallow the following options outside of the compiler mode: --via-ir,--metadata-literal, --metadata-hash, --model-checker-show-unproved, --model-checker-div-mod-no-slacks, --model-checker-engine, --model-checker-invariants, --model-checker-solvers, --model-checker-timeout, --model-checker-contracts, --model-checker-targets.

Type Checker: Fix compiler crash on tuple assignments involving certain patterns with unary tuples on the left-hand side.

Type Checker: Fix compiler crash when abi.encodeCall received a tuple expression instead of an inline tuple.

Type Checker: Fix null dereference in abi.encodeCall type checking of free function.

We especially thank all the contributors that made this release possible:

a3d4, Aiman Baharna, Alex Beregszaszi, Bhargava Shastry, Christian Parpart, Christian Reitwiessner, CJ42, Damian Wechman, Daniel Kirchner, Daniel Lupu, Derek Gottfrid, Duc Thanh Nguyen, Femi Bolaji, Harikrishnan Mulackal, Ishtiaque Zahid, Kamil Śliwak, krakxn, Matheus Aguiar, Mathias L. Baumann, Maximiliano Schultheis, Midhun07, minami, Nikola Matić, Nishant Sachdeva, Quentin Garchery, Richie, Rodrigo Baraglia, Rohit Kumar Suman, Ryan, vdusart, victorknox, William Entriken, ywon0925

If you want to perform a source build, please only use solidity_0.8.16.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.86 MB)
solc-static-linux(13.65 MB)
solc-windows.exe(8.50 MB)
solidity_0.8.16.tar.gz(3.10 MB)
soljson.js(8.10 MB)
v0.8.15(Jun 15, 2022)
This release fixes two important bugs and also contains other minor bug fixes and features.

For details, please see the release announcement.

Important Bugfixes:

Code Generation: Avoid writing dirty bytes to storage when copying bytes arrays.

Yul Optimizer: Keep all memory side-effects of inline assembly blocks.

Language Features:

Add E.selector for a non-anonymous event E to access the 32-byte selector topic.

Compiler Features:

LSP: Add rudimentary support for semantic highlighting.

Type Checker: Warn about assignments involving multiple pushes to storage bytes that may invalidate references.

Yul Optimizer: Improve inlining heuristics for via IR code generation and pure Yul compilation.

Bugfixes:

ABI Encoder: When encoding an empty string coming from storage do not add a superfluous empty slot for data.

Common Subexpression Eliminator: Process assembly items in chunks with maximum size of 2000. It helps to avoid extremely time-consuming searches during code optimization.

Yul Optimizer: Do not remove returndatacopy in cases in which it might perform out-of-bounds reads that unconditionally revert as out-of-gas. Previously, any returndatacopy that wrote to memory that was never read from was removed without accounting for the out-of-bounds condition.

We especially thank all the contributors that made this release possible:

Christian Parpart, Christian Reitwiessner, Damian Wechman, Daniel Kirchner, Denis T, Dustin Alandzes, Harikrishnan Mulackal, Josep M Sobrepere, Kamil Śliwak, Matheus Aguiar, Mathias L. Baumann, Nishant Sachdeva, Prajwal Borkar, Ryan, Samuel Osewa, Saw-mon-and-Natalie, shady41, sourabh.xyz, uji, Yuri Victorovich

If you want to perform a source build, please only use solidity_0.8.15.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.70 MB)
solc-static-linux(13.57 MB)
solc-windows.exe(8.44 MB)
solidity_0.8.15.tar.gz(2.94 MB)
soljson.js(8.08 MB)
v0.8.14(May 17, 2022)
This release fixes two important bugs and also contains other minor bug fixes and features.

For details, please see the release announcement.

Important Bugfixes:

ABI Encoder: When ABI-encoding values from calldata that contain nested arrays, correctly validate the nested array length against calldatasize() in all cases.

Override Checker: Allow changing data location for parameters only when overriding external functions.

Compiler Features:

Assembly-Json Exporter: Include source list in sourceList field.

Commandline Interface: Option --pretty-json works also with the following options: --abi, --asm-json, --ast-compact-json, --devdoc, --storage-layout, --userdoc.

Language Server: Allow full filesystem access to language server.

Peephole Optimizer: Remove operations without side effects before simple terminations.

SMTChecker: Support abi.encodeCall taking into account the called selector.

Bugfixes:

Assembly-Json Exporter: Fix assembly json export to store jump types of operations in jumpType field instead of value.

SMTChecker: Fix ABI compatibility with z3 >=4.8.16.

SMTChecker: Fix bug when z3 is selected but not available at runtime.

Type Checker: Properly check restrictions of using ... global in conjunction with libraries.

TypeChecker: Convert parameters of function type to how they would be called for abi.encodeCall.

We especially thank all the contributors that made this release possible:

a3d4, aathan, Aisultan Kali, Alexander Arlt, Alexey Shekhirin, alpharush, andreb0x, Bytecurl, Christian Parpart, Damian Wechman, Daniel Kirchner, dtedesco1, Florian Sey, Hector Roussille, Joshua Quinones, Kamil Śliwak, Leo Alt, Matheus Aguiar, Mathias L. Baumann, Nishant Sachdeva, Nobuhiko Otoba, Ryan, sourabh.xyz, Tharun K

If you want to perform a source build, please only use solidity_0.8.14.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.66 MB)
solc-static-linux(13.54 MB)
solc-windows.exe(8.42 MB)
solidity_0.8.14.tar.gz(3.06 MB)
soljson.js(8.08 MB)
v0.8.13(Mar 16, 2022)
Solidity v0.8.13 fixes an important bug related to abi.encodeCall, extends the using for directive and implements "go to definition" for the language server.

Furthermore, compiling via the new Yul IR pipeline is now considered production ready.

For more details, see the release announcement.

Important Bugfixes:

Code Generator: Correctly encode literals used in abi.encodeCall in place of fixed bytes arguments.

Language Features:

General: Allow annotating inline assembly as memory-safe to allow optimizations and stack limit evasion that rely on respecting Solidity's memory model.

General: using M for Type; is allowed at file level and M can now also be a brace-enclosed list of free functions or library functions.

General: using ... for T global; is allowed at file level where the user-defined type T has been defined, resulting in the effect of the statement being available everywhere T is available.

Compiler Features:

Commandline Interface: Allow the use of --via-ir in place of --experimental-via-ir.

Compilation via Yul IR is no longer marked as experimental.

JSON-AST: Added selector field for errors and events.

LSP: Implements goto-definition.

Peephole Optimizer: Optimize comparisons in front of conditional jumps and conditional jumps across a single unconditional jump.

Yul EVM Code Transform: Avoid unnecessary pops on terminating control flow.

Yul Optimizer: Remove sstore and mstore operations that are never read from.

Bugfixes:

General: Fix internal error for locales with unusual capitalization rules. Locale set in the environment is now completely ignored.

Type Checker: Fix incorrect type checker errors when importing overloaded functions.

Yul IR Code Generation: Optimize embedded creation code with correct settings. This fixes potential mismatches between the constructor code of a contract compiled in isolation and the bytecode in type(C).creationCode, resp. the bytecode used for new C(...).

We especially thank all the contributors that made this release possible:

a3d4, Abdul Karim Moro, Alexander Arlt, Bhargava Shastry, Callis Ezenwaka, Christian Parpart, Daniel Kirchner, david-k, franzihei, hrkrshnn, Kamil Śliwak, kanedaaaa, Leo Alt, Marenz, Mate Soos, Nishant Sachdeva, Paarth Madan, Richie, Sleepy, Tyler, wechman, Wes Bouaziz,

If you want to perform a source build, please only use solidity_0.8.13.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.58 MB)
solc-static-linux(13.50 MB)
solc-windows.exe(8.40 MB)
solidity_0.8.13.tar.gz(3.03 MB)
soljson.js(8.05 MB)
v0.8.12(Feb 16, 2022)
Solidity v0.8.12 improves the javascript/wasm binary and fixes several bugs.

For more details, see the release announcement.

Language Features:

General: Add equality-comparison operators for external function types.

General: Support ContractName.functionName for abi.encodeCall, in addition to external function pointers.

Compiler Features:

Commandline Interface: Event and error signatures are also returned when using --hashes.

Yul Optimizer: Remove mstore and sstore operations if the slot already contains the same value.

Yul: Emit immutable references for pure yul code when requested.

Bugfixes:

Antlr Grammar: Allow builtin names in yulPath to support .address in function pointers.

Code Generator: Fix internal error when accessing the members of external functions occupying more than two stack slots.

Code Generator: Fix internal error when doing an explicit conversion from string calldata to bytes.

Control Flow Graph: Perform proper virtual lookup for modifiers for uninitialized variable and unreachable code analysis.

General: string.concat now properly takes strings as arguments and returns string memory. It was accidentally introduced as a copy of bytes.concat before.

Immutables: Fix wrong error when the constructor of a base contract uses return and the derived contract contains immutable variables.

Inheritance: Consider functions in all ancestors during override analysis.

IR Generator: Add missing cleanup during the conversion of fixed bytes types to smaller fixed bytes types.

IR Generator: Add missing cleanup for indexed event arguments of value type.

IR Generator: Fix internal error when copying reference types in calldata and storage to struct or array members in memory.

IR Generator: Fix IR syntax error when copying storage arrays of structs containing functions.

Natspec: Fix internal error when overriding a struct getter with a Natspec-documented return value and the name in the struct is different.

Type Checker: Fix internal error when a constant variable declaration forward references a struct.

Yul EVM Code Transform: Improved stack shuffling in corner cases.

Solc-Js:

The wrapper now requires at least nodejs v10.

The code has been ported to TypeScript.

Build System:

Emscripten builds store the embedded WebAssembly binary in LZ4 compressed format and transparently decompress on loading.

We especially thank all the contributors that made this release possible:

a3d4, Aleksey Bykhun, Amsavarthan Lv, Ayush Shukla, Bhargava Shastry, Braden Watling, Brien, Bruno Barbieri, Christian Parpart, Daniel Kirchner, Esquith Allen, Franziska Heintel, Hakeem Almidan, Harikrishnan Mulackal, joshieDo, joshuatarkwski, Kamil Śliwak, Laurent, Leo Alt, Markus Waas, Mathias L. Baumann, mejsiej, Mohamed Safouen Bouabid, Naveen Sahu, Nikita Stupin, Nishant Sachdeva, Pranay Reddy, Sean Billig, Semar Augusto, William Entriken, yatharthagoenka, Younghoon-Lee.

If you want to perform a source build, please only use solidity_0.8.12.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.40 MB)
solc-static-linux(13.34 MB)
solc-windows.exe(8.29 MB)
solidity_0.8.12.tar.gz(3.00 MB)
soljson.js(8.00 MB)
v0.8.11(Dec 20, 2021)
Solidity v0.8.11 adds a first implementation of a Language Server, allows a safer way to perform ABI-encoding and fixes several bugs.

For more details, see the release announcement.

Language Features:

General: New builtin function abi.encodeCall(functionPointer, (arg1, arg2, ...)) that type-checks the arguments and returns the ABI-encoded function call data.

Compiler Features:

Commandline Interface: Add --lsp option to get solc to act as a Language Server (LSP) communicating over stdio.

Bugfixes:

Code Generator: Fix a crash when using @use-src and compiling from Yul to ewasm.

SMTChecker: Fix internal error when an unsafe target is solved more than once and the counterexample messages are different.

SMTChecker: Fix soundness of assigned storage/memory local pointers that were not erasing enough knowledge.

Fix internal error when a function has a calldata struct argument with an internal type inside.

IR Generator: Fix IR syntax error when copying storage arrays of functions.

We especially thank all the contributors that made this release possible:

Kamil Śliwak, Leo Alt, nishant-sachdeva, Daniel Kirchner, Marenz, minami, Alessandro Coglio, Alex Beregszaszi, Bhargava Shastry, Dallon Asnes, Dallon Asnes, neel iyer, Christian Parpart, GitHubPang, Mathias Baumann, Omkar Nikhal, Saska Karsi, Tynan Richards, dinah.

If you want to perform a source build, please only use solidity_0.8.11.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.71 MB)
solc-static-linux(13.27 MB)
solc-windows.exe(8.25 MB)
solidity_0.8.11.tar.gz(2.96 MB)
soljson.js(26.01 MB)
v0.8.10(Nov 9, 2021)
Solidity v0.8.10 can now report contract invariants and reentrancy properties through the SMTChecker. It also contains some new optimizations with regards to external function calls and enabled the new EVM code generator for pure Yul mode.

For more details, see the release announcement.

Language Features:

Inline Assembly: Support .address and .selector on external function pointers to access their address and function selector.

Compiler Features:

Code Generator: Skip existence check for external contract if return data is expected. In this case, the ABI decoder will revert if the contract does not exist.

Commandline Interface: Accept nested brackets in step sequences passed to --yul-optimizations.

Commandline Interface: Add --debug-info option for selecting how much extra debug information should be included in the produced EVM assembly and Yul code.

Commandline Interface: Support --asm, --bin, --ir-optimized, --ewasm and --ewasm-ir output selection options in assembler mode.

Commandline Interface: Use different colors when printing errors, warnings and infos.

JSON AST: Set absolute paths of imports earlier, in the parsing stage.

SMTChecker: Output values for block.*, msg.* and tx.* variables that are present in the called functions.

SMTChecker: Report contract invariants and reentrancy properties. This can be enabled via the CLI option --model-checker-invariants or the Standard JSON option settings.modelChecker.invariants.

Standard JSON: Accept nested brackets in step sequences passed to settings.optimizer.details.yulDetails.optimizerSteps.

Standard JSON: Add settings.debug.debugInfo option for selecting how much extra debug information should be included in the produced EVM assembly and Yul code.

Yul EVM Code Transform: Switch to new optimized code transform when compiling via Yul with enabled optimizer.

Yul Optimizer: Take control-flow side-effects of user-defined functions into account in various optimizer steps.

Bugfixes:

Code Generator: Fix constructor source mappings for immutables.

Commandline Interface: Disallow --error-recovery option outside of the compiler mode.

Commandline Interface: Don't return zero exit code when writing linked files to disk fails.

Commandline Interface: Fix extra newline character being appended to sources passed through standard input, affecting their hashes.

Commandline Interface: Report output selection options unsupported by the selected input mode instead of ignoring them.

Commandline Interface: When linking only accept exact matches for library names passed to the --libraries option. Library names not prefixed with a file name used to match any library with that name.

SMTChecker: Fix internal error in magic type access (block, msg, tx).

SMTChecker: Fix internal error in the CHC engine when passing gas in the function options.

TypeChecker: Fix internal error when using arrays and structs with user defined value types before declaration.

TypeChecker: Fix internal error when using user defined value types in public library functions.

TypeChecker: Improved error message for constant variables with (nested) mapping types.

Yul Assembler: Fix internal error when function names are not unique.

Yul IR Generator: Do not output empty switches/if-bodies for empty contracts.

Important Bugfixes in Experimental Features:

Yul IR Generator: Changes to function return variables referenced in modifier invocation arguments were not properly forwarded if there was more than one return variable.

Build System:

Pass linker-only emscripten options only when linking.

Remove obsolete compatibility workaround for emscripten builds.

Update emscripten to version 2.0.33.

We especially thank all the contributors that made this release possible:

4molybdenum2, Adam Bliss, Alex Beregszaszi, Christian Parpart, Daniel Kirchner, David Dzhalaev, Derek Brans, Gyeonghun Park, Harikrishnan Mulackal, José López, Kamil Śliwak, Leo Arias, Leonardo Alt, Mariela Mantle, Mathias Baumann, Midhun07, Mikko Ohtamaa, MrBrain295, Saurabh Sharma, sgmoore, shikharvashistha, Shivam Rajput, soroosh-sdi, Sreekesh V, tcoyvwac, TerranCivilian, vowchick, William Entriken, Zachinquarantine

If you want to perform a source build, please only use solidity_0.8.10.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(36.90 MB)
solc-static-linux(13.14 MB)
solc-windows.exe(8.18 MB)
solidity_0.8.10.tar.gz(2.93 MB)
soljson.js(25.78 MB)
v0.8.9(Sep 29, 2021)
Solidity v0.8.9 is a pure bugfix release and fixes two important, but low severity, bugs. For more details, see the release announcement.

Important Bugfixes:

Immutables: Properly perform sign extension on signed immutables.

User Defined Value Type: Fix storage layout of user defined value types for underlying types shorter than 32 bytes.

Bugfixes:

AST: Export canonicalName for UserDefinedValueTypeDefinition and ContractDefinition.

If you want to perform a source build, please only use solidity_0.8.9.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(35.60 MB)
solc-static-linux(11.79 MB)
solc-windows.exe(7.57 MB)
solidity_0.8.9.tar.gz(2.73 MB)
soljson.js(24.96 MB)
v0.8.8(Sep 27, 2021)
Solidity v0.8.8 introduces user defined value types as a major feature, improves overriding interface functions and reading from immutables. Apart from bugfixes, we also cleaned up the command-line interface and improved the way the import mechanism resolves files.

For more details, see the release announcement.

Language Features:

Inheritance: A function that overrides only a single interface function does not require the override specifier.

Type System: Support type(E).min and type(E).max for enums.

User Defined Value Type: allows creating a zero cost abstraction over a value type with stricter type requirements.

Compiler Features:

Commandline Interface: Add --include-path option for specifying extra directories that may contain importable code (e.g. packaged third-party libraries).

Commandline Interface: Do not implicitly run evm bytecode generation unless needed for the requested output.

Commandline Interface: Normalize paths specified on the command line and make them relative for files located inside base path and/or include paths.

Immutable variables can be read at construction time once they are initialized.

SMTChecker: Add constraints to better correlate address(this).balance and msg.value.

SMTChecker: Support constants via modules.

SMTChecker: Support low level call as external calls to unknown code.

SMTChecker: Support the value option for external function calls.

SMTChecker: Support user defined value types.

Bugfixes:

Code Generator: Fix ICE on assigning to calldata structs and statically-sized calldata arrays in inline assembly.

Code Generator: Use stable source order for ABI functions.

Commandline Interface: Disallow the --experimental-via-ir option in Standard JSON, Assembler and Linker modes.

Commandline Interface: Fix resolution of paths whitelisted with --allowed-paths or implicitly due to base path, remappings and files being compiled. Correctly handle paths that do not match imports exactly due to being relative, non-normalized or empty.

Commandline Interface: Report optimizer options as invalid in Standard JSON and linker modes instead of ignoring them.

Name Resolver: Fix that when importing an aliased symbol using import {AliasedName} from "a.sol" it would use the original name of the symbol and not the aliased one.

Opcode Optimizer: Prevent the optimizer from running multiple times to avoid potential bytecode differences for referenced code.

Parser: Properly check for multiple SPDX license identifiers next to each other and validate them.

SMTChecker: Fix BMC's constraints regarding internal functions.

SMTChecker: Fix false negative caused by push on storage array references returned by internal functions.

SMTChecker: Fix false positive in external calls from constructors.

SMTChecker: Fix internal error on some multi-source uses of abi.*, cryptographic functions and constants.

Standard JSON: Fix non-fatal errors in Yul mode being discarded if followed by a fatal error.

Type Checker: Correct wrong error message in inline assembly complaining about .slot or .offset` not valid when actually.length`` was used.

Type Checker: Disallow modifier declarations and definitions in interfaces.

Yul Optimizer: Fix a crash in LoadResolver, when keccak256 has particular non-identifier arguments.

We especially thank all the contributors that made this release possible:

Ahmed Ali, Alessandro Coglio, Alex Beregszaszi, Alexander Arlt, Andrew Lyndem, Basit Raza, benldrmn, Bhargava Shastry, CrimsonGlory, Daniel Kirchner, Harikrishnan Mulackal, hawkess, istareatscreens, John Adler, Kamil Śliwak, Leonardo Alt, Marenz, Midhun07, Nikita Stupin, Paul Razvan Berg, priyansh786, Sean Hawkes, soroosh-sdi, Sreekesh V, yatharthagoenka

If you want to perform a source build, please only use solidity_0.8.8.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(35.60 MB)
solc-static-linux(11.78 MB)
solc-windows.exe(7.57 MB)
solidity_0.8.8.tar.gz(2.86 MB)
soljson.js(24.95 MB)
v0.8.7(Aug 11, 2021)
Solidity v0.8.7 introduces support for the London upgrade, includes various improvements to Yul to EVM code transformation, the SMTChecker and some bugfixes.

For more details, see the release announcement.

Language Features:

Introduce global block.basefee for retrieving the base fee of the current block.

Yul: Introduce builtin basefee() for retrieving the base fee of the current block.

Compiler Features:

AssemblyStack: Also run opcode-based optimizer when compiling Yul code.

Commandline Interface: option --pretty-json works also with --standard--json.

EVM: Set the default EVM version to "London".

SMTChecker: Do not check underflow and overflow by default.

SMTChecker: Unproved targets are hidden by default, and the SMTChecker only states how many unproved targets there are. They can be listed using the command line option --model-checker-show-unproved or the JSON option settings.modelChecker.showUnproved.

SMTChecker: new setting to enable/disable encoding of division and modulo with slack variables. The command line option is --model-checker-div-mod-slacks and the JSON option is settings.modelChecker.divModWithSlacks.

Yul EVM Code Transform: Also pop unused argument slots for functions without return variables (under the same restrictions as for functions with return variables).

Yul EVM Code Transform: Do not reuse stack slots that immediately become unreachable.

Yul Optimizer: Move function arguments and return variables to memory with the experimental Stack Limit Evader (which is not enabled by default).

Bugfixes:

Code Generator: Fix crash when passing an empty string literal to bytes.concat().

Code Generator: Fix internal compiler error when calling functions bound to calldata structs and arrays.

Code Generator: Fix internal compiler error when passing a 32-byte hex literal or a zero literal to bytes.concat() by disallowing such literals.

Commandline Interface: Apply --optimizer-runs option in assembly / yul mode.

Commandline Interface: Fix crash when a directory path is passed to --standard-json.

Commandline Interface: Read JSON from standard input when --standard-json gets - as a file name.

Standard JSON: Include source location for errors in files with empty name.

Type Checker: Fix internal error and prevent static calls to unimplemented modifiers.

Yul Code Generator: Fix internal compiler error when using a long literal with bitwise negation.

Yul Code Generator: Fix source location references for calls to builtin functions.

Yul Parser: Fix source location references for if statements.

We especially thank all the contributors that made this release possible:

Alex Beregszaszi, Alexander Arlt, Amid Moeinzadeh, Bhargava Shastry, Christian Parpart, CrimsonGlory, Daniel Kirchner, GuLiPing-Hz, Harikrishnan Mulackal, Josué, Kamil Śliwak, Ladislav Sladecek, Leo Alt, Mathias Baumann, Simon Tian, Tony, chriseth, franzihei, iskanderandrews, jaa2, qedk and t11s.

If you want to perform a source build, please only use solidity_0.8.7.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(35.18 MB)
solc-static-linux(11.57 MB)
solc-windows.exe(7.39 MB)
solidity_0.8.7.tar.gz(2.64 MB)
soljson.js(24.74 MB)
v0.8.6(Jun 22, 2021)
Solidity 0.8.6 fixes some non-critical but annoying bugs, especially a warning about unreachable code that is in fact reachable.

For more details, please see the release announcement.

Language Features:

Yul: Special meaning of ".metadata" data object in Yul object.

Bugfixes:

Control Flow Graph: Fix incorrectly reported unreachable code.

Solc-Js: When running solcjs without the --optimize flag, use settings.optimizer.enabled=false in Standard JSON instead of omitting the key.

Standard JSON: Omitting settings.optimizer.enabled was not equivalent to setting it to false. It meant disabling also the peephole optimizer and jumpdest remover which by default still run with enabled=false.

We especially thank all the contributors that made this release possible: Alex Beregszaszi, Allegheny Crypto, axeldelamarre, Djordje Mijovic, hrkrshnn, jgoodall628, Kamil Śliwak, Leonardo, Mathias Baumann, patekuru, QQ喵, TaldenV

If you want to perform a source build, please only use solidity_0.8.6.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.95 MB)
solc-static-linux(11.49 MB)
solc-windows.exe(7.33 MB)
solidity_0.8.6.tar.gz(2.69 MB)
soljson.js(24.65 MB)
v0.8.5(Jun 10, 2021)
Solidity 0.8.5 allows conversions from bytes to bytesNN values, adds the verbatim builtin function to inject arbitrary bytecode in Yul and fixes several smaller bugs.

For more details, please see the release announcement.

Language Features:

Allowing conversion from bytes and bytes slices to bytes1/.../bytes32.

Yul: Add verbatim builtin function to inject arbitrary bytecode.

Compiler Features:

Code Generator: Insert helper functions for panic codes instead of inlining unconditionally. This can reduce costs if many panics (checks) are inserted, but can increase costs where few panics are used.

EVM: Set the default EVM version to "Berlin".

SMTChecker: Function definitions can be annotated with the custom Natspec tag custom:smtchecker abstract-function-nondet to be abstracted by a nondeterministic value when called.

Standard JSON / combined JSON: New artifact "functionDebugData" that contains bytecode offsets of entry points of functions and potentially more information in the future.

Yul Optimizer: Evaluate keccak256(a, c), when the value at memory location a is known at compile time and c is a constant <= 32.

Bugfixes:

AST: Do not output value of Yul literal if it is not a valid UTF-8 string.

Code Generator: Fix internal error when function arrays are assigned to storage variables and the function types can be implicitly converted but are not identical.

Code Generator: Fix internal error when super would have to skip an unimplemented function in the virtual resolution order.

Control Flow Graph: Assume unimplemented modifiers use a placeholder.

Control Flow Graph: Take internal calls to functions that always revert into account for reporting unused or unassigned variables.

Function Call Graph: Fix internal error connected with circular constant references.

Name Resolver: Do not issue shadowing warning if the shadowing name is not directly accessible.

Natspec: Allow multiple @return tags on public state variable documentation.

SMTChecker: Fix internal error on conversion from bytes to fixed bytes.

SMTChecker: Fix internal error on external calls from the constructor.

SMTChecker: Fix internal error on struct constructor with fixed bytes member initialized with string literal.

Source Locations: Properly set source location of scoped blocks.

Standard JSON: Properly allow the inliner setting under settings.optimizer.details.

Type Checker: Fix internal compiler error related to having mapping types in constructor parameter for abstract contracts.

Type Checker: Fix internal compiler error when attempting to use an invalid external function type on pre-byzantium EVMs.

Type Checker: Fix internal compiler error when overriding receive ether function with one having different parameters during inheritance.

Type Checker: Make errors about (nested) mapping type in event or error parameter into fatal type errors.

Type Checker: Fix internal compiler error when overriding an implemented modifier with an unimplemented one.

AST Changes:

Add member hexValue for Yul string and hex literals.

We especially thank all the contributors that made this release possible: a3d4, Alex Beregszaszi, Alexander Arlt, Anurag Dashputre, Bhargava Shastry, Christian Parpart, cxxboy, Daniel Kirchner, Đorđe Mijović, Franziska Heintel, Harikrishnan Mulackal, Kamil Śliwak, Keqi Huang, Leonardo Alt, Martin Blicha, Mathias Baumann, Maurelian, newbateni, Raphael Roullet, TerranCivilian, Wade Dorrell, William Entriken.

If you want to perform a source build, please only use solidity_0.8.5.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.93 MB)
solc-static-linux(11.46 MB)
solc-windows.exe(7.28 MB)
solidity_0.8.5.tar.gz(2.69 MB)
soljson.js(24.62 MB)
v0.8.4(Apr 21, 2021)
Solidity 0.8.4 fixes a bug in the ABI decoder, adds custom structured errors, bytes.concat(...) and allows more flexible configuration of the SMT checker. For more details, please see the release announcement.

The release contains an important bugfix. See decoding from memory bug blog post for more details.

The release also implements custom errors. See custom errors blog post for an introduction.

Important Bugfixes:

ABI Decoder V2: For two-dimensional arrays and specially crafted data in memory, the result of abi.decode can depend on data elsewhere in memory. Calldata decoding is not affected.

Language Features:

Assembly / Yul: Allow hex string literals.

Possibility to use bytes.concat with variable number of bytes and bytesNN arguments which behaves as a restricted version of abi.encodePacked with a more descriptive name.

Support custom errors via the error keyword and introduce the revert statement.

Compiler Features:

Analysis: Properly detect circular references to the bytecode of other contracts across all function calls.

Commandline Interface: Model checker option --model-checker-targets also accepts outOfBounds.

Commandline Interface: New model checker option --model-checker-contracts allows users to select which contracts should be analyzed as the most derived.

Low-Level Inliner: Inline ordinary jumps to small blocks and jumps to small blocks that terminate.

NatSpec: Allow @notice tag on non-public state variables and local variable declarations. The documentation will only be part of the AST, under the field documentation.

SMTChecker: Deprecate pragma experimental SMTChecker; and set default model checker engine to none.

SMTChecker: Report local variables in CHC counterexamples.

SMTChecker: Report out of bounds index access for arrays and fixed bytes.

SMTChecker: Support file level functions and constants.

Standard JSON: Model checker option settings.modelChecker.targets also accepts outOfBounds.

Standard JSON: Model checker option settings.modelChecker.targets takes an array of string targets instead of string of comma separated targets.

Standard JSON: New model checker option settings.modelChecker.contracts allows users to select which contracts should be analyzed as the most derived.

Yul EVM Code Transform: Stack Optimization: Reuse slots of unused function arguments and defer allocating stack slots for return variables until after expression statements and assignments that do not reference them.

Yul Optimizer: Added a new step FunctionSpecializer, that specializes a function with its literal arguments.

Bugfixes:

Antlr Grammar: Fix parsing of import paths involving properly distinguishing between empty and non-empty string literals in general.

AST Output: Fix kind field of ModifierInvocation for base constructor calls.

Commandline interface: Fix internal error when printing AST and using --base-path or file:// prefix in imports.

Commandline interface: Fix standard input bypassing allowed path checks.

Natspec: Fix internal error related to the @returns documentation for a public state variable overriding a function.

SMTChecker: Fix false positive and false negative on push as LHS of a compound assignment.

SMTChecker: Fix false positive in contracts that cannot be deployed.

SMTChecker: Fix internal error on public getter returning dynamic data on older EVM versions where these are not available.

SMTChecker: Fix internal error on try-catch with function call in catch block.

Type Checker: Fix missing error when events are used without an emit statement.

AST Changes:

New property for ContractDefinition nodes: usedErrors lists AST IDs of all errors used by the contract (even if defined outside).

We especially thank all the contributors that made this release possible: Alex Beregszaszi, Anurag Dashputre, Behrouz, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Đorđe Mijović, Feiyang Tan, franzihei, Harikrishnan Mulackal, Hongbo Miao, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann, Paul Razvan Berg, Thibaut Schaeffer, zayneio,

If you want to perform a source build, please only use solidity_0.8.4.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.75 MB)
solc-static-linux(11.28 MB)
solc-windows.exe(7.18 MB)
solidity_0.8.4.tar.gz(2.61 MB)
soljson.js(24.45 MB)
v0.8.3(Mar 23, 2021)
Solidity 0.8.3 is a bugfix release that fixes an important bug about how the optimizer handles the Keccak256 opcode. For details on the bug, please see the bug blog post.

For a detailed explanation of the new features and changes, please see the release blog post.

Important Bugfixes:

Optimizer: Fix bug on incorrect caching of Keccak-256 hashes.

Compiler Features:

Command Line Interface: Drop experimental support for --machine evm15.

Optimizer: Try to move and with constant inside or to improve storage writes of small types.

Optimizer: Replace multiplications and divisions with powers of two by shifts.

Bugfixes:

AST Import: For constructors, a public visibility is ignored during importing.

Error Reporter: Fix handling of carriage return.

SMTChecker: Fix internal error in BMC on resolving virtual functions inside branches.

SMTChecker: Fix internal error on array.pop nested inside 1-tuple.

SMTChecker: Fix internal error on FixedBytes constant initialized with string literal.

SMTChecker: Fix internal error on array slices.

SMTChecker: Fix internal error on calling public getter on a state variable of type array (possibly nested) of structs.

SMTChecker: Fix internal error on pushing to string casted to bytes.

SMTChecker: Fix bug in virtual functions called by constructors.

AST Changes:

ModifierInvocation: Add kind field which can be modifierInvocation or baseConstructorSpecifier.

We especially thank all the contributors that made this release possible: Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Daniel Kirchner, Djordje Mijovic, ghidello, Harikrishnan Mulackal, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann.

If you want to perform a source build, please only use solidity_0.8.3.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.54 MB)
solc-static-linux(11.11 MB)
solc-windows.exe(7.08 MB)
solidity_0.8.3.tar.gz(2.56 MB)
soljson.js(24.28 MB)
v0.8.2(Mar 2, 2021)
Solidity 0.8.2 adds an optimizer stage that can inline small amounts of code to save gas and provides more means to work with code documentation by exporting inline comments and allowing custom natspec tags.

For a detailed explanation of the new features and changes, please see the blog post.

Compiler Features:

AST: Export NatSpec comments above each statement as their documentation.

Inline Assembly: Do not warn anymore about variables or functions being shadowed by EVM opcodes.

NatSpec: Allow and export all tags that start with @custom:.

NatSpec: Provide source locations for parsing errors.

Optimizer: Simple inlining when jumping to small blocks that jump again after a few side-effect free opcodes.

Bugfixes:

AST: Added referencedDeclaration for enum members.

Code Generator: Fix internal error when functions are passed as parameters of other callables, when the function types can be implicitly converted, but not identical.

Parser: Properly parse .address in some situations.

SMTChecker: Fix missing type constraints on block and transaction variables in the deployment phase.

Type Checker: Fix internal error when override specifier is not a contract.

Type Checker: Make function-hash collision errors into fatal type errors.

AST Changes:

Adds nameLocation to declarations to represent the exact location of the symbolic name.

Removed the redundant function type "bytearraypush" - replaced by "arraypush".

Support field documentation to hold NatSpec comments above each statement.

We especially thank all the contributors that made this release possible: Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Christian Parpart, Daniel Kirchner, dms-yondy, Đorđe Mijović, DragonDev1906, Franziska Heintel, Harikrishnan Mulackal, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann, Mikko Ohtamaa, nora, Rostyslav, Sanad, ssi91
Source code(tar.gz)
Source code(zip)
solc-macos(34.40 MB)
solc-static-linux(11.66 MB)
solc-windows.exe(7.09 MB)
solidity_0.8.2.tar.gz(2.54 MB)
soljson.js(24.24 MB)
v0.8.1(Jan 27, 2021)
Solidity 0.8.1 introduces many new features for the SMTChecker, updates the emscripten version for building soljson.js to 2.0.12, allows to catch panic errors and adds other small improvements.

For a detailed explanation of the new features and changes, please see the blog post.

Language Features:

Possibility to use catch Panic(uint code) to catch a panic failure from an external call.

Compiler Features:

Code Generator: Reduce the cost of <address>.code.length by using extcodesize directly.

Command Line Interface: Allow = as separator between library name and address in --libraries commandline option.

Command Line Interface: New option --model-checker-targets allows specifying which targets should be checked. The valid options are all, constantCondition, underflow, overflow, divByZero, balance, assert, popEmptyArray, where the default is all. Multiple targets can be chosen at the same time, separated by a comma without spaces: underflow,overflow,assert.

Command Line Interface: Only accept library addresses with a prefix of 0x in --libraries commandline option.

Optimizer: Add rule to replace iszero(sub(x,y)) by eq(x,y).

Parser: Report meaningful error if parsing a version pragma failed.

SMTChecker: Output internal and trusted external function calls in a counterexample's transaction trace.

SMTChecker: Show msg.value in counterexample transaction traces when greater than 0.

SMTChecker: Show contract name in counterexample function call.

SMTChecker: Support ABI functions as uninterpreted functions.

SMTChecker: Support try/catch statements.

SMTChecker: Synthesize untrusted functions called externally.

SMTChecker: Use checked arithmetic by default and support unchecked blocks.

Standard JSON: New option modelCheckerSettings.targets allows specifying which targets should be checked. The valid options are all, constantCondition, underflow, overflow, divByZero, balance, assert, popEmptyArray, where the default is all. Multiple targets can be chosen at the same time, separated by a comma without spaces: underflow,overflow,assert.

Bugfixes:

Code Generator: Fix length check when decoding malformed error data in catch clause.

Control Flow Graph: Fix missing error caused by read from/write to uninitialized variables.

SMTChecker: Fix false negatives in overriding modifiers and functions.

SMTChecker: Fix false negatives in the presence of inline assembly.

SMTChecker: Fix false negatives when analyzing external function calls.

SMTChecker: Fix internal error on block.chainid.

SMTChecker: Fix internal error on pushing string literal to bytes array.

SMTChecker: Fix missing type constraints for block variables.

Type Checker: Fix infinite loop when accessing circular constants from inline assembly.

Type Checker: Fix internal error caused by constant structs containing mappings.

Type System: Disallow implicit conversion from uintN to intM when M > N, and by extension, explicit conversion between the same types is also disallowed.

Build System:

Update the soljson.js build to emscripten 2.0.12 and boost 1.75.0.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, az1az1, Bhargava Shastry, BinacsLee, Daniel Kirchner, Dmytro, Đorđe Mijović, Greg Stretton, Harikrishnan Mulackal, Harry Altman, Hui Yu, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann, smareasy, Suriyaa Sundararuban,

If you want to perform a source build, please only use solidity_0.8.0.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.28 MB)
solc-static-linux(10.98 MB)
solc-windows.exe(7.02 MB)
solidity_0.8.1.tar.gz(2.49 MB)
soljson.js(24.14 MB)
v0.8.0(Dec 16, 2020)
Solidity 0.8.0 is a breaking release of the Solidity compiler and language.

For a detailed explanation of the new features and changes, please see the blog post.

Breaking Changes:

Code Generator: All arithmetic is checked by default. These checks can be disabled using unchecked { ... }.

Code Generator: Cause a panic if a byte array in storage is accessed whose length is encoded incorrectly.

Code Generator: Use revert with error signature Panic(uint256) and error codes instead of invalid opcode on failing assertions.

Command Line Interface: JSON fields abi, devdoc, userdoc and storage-layout are now sub-objects rather than strings.

Command Line Interface: Remove the --old-reporter option.

Command Line Interface: Remove the legacy --ast-json option. Only the --ast-compact-json option is supported now.

General: Enable ABI coder v2 by default.

General: Remove global functions log0, log1, log2, log3 and log4.

Parser: Exponentiation is right associative. a**b**c is parsed as a**(b**c).

Scanner: Remove support for the \b, \f, and \v escape sequences.

Standard JSON: Remove the legacyAST option.

Type Checker: Function call options can only be given once.

Type System: Declarations with the name this, super and _ are disallowed, with the exception of public functions and events.

Type System: Disallow msg.data in receive() function.

Type System: Disallow type(super).

Type System: Disallow enums with more than 256 members.

Type System: Disallow explicit conversions from negative literals and literals larger than type(uint160).max to address type.

Type System: Disallow the byte type. It was an alias to bytes1.

Type System: Explicit conversion to address type always returns a non-payable address type. In particular, address(u), address(b), address(c) and address(this) have the type address instead of address payable (Here u, b, and c are arbitrary variables of type uint160, bytes20 and contract type respectively.)

Type System: Explicit conversions between two types are disallowed if it changes more than one of sign, width or kind at the same time.

Type System: Explicit conversions from literals to enums are only allowed if the value fits in the enum.

Type System: Explicit conversions from literals to integer type is as strict as implicit conversions.

Type System: Introduce address(...).code to retrieve the code as bytes memory. The size can be obtained via address(...).code.length, but it will currently always include copying the code.

Type System: Introduce block.chainid for retrieving the current chain id.

Type System: Support address(...).codehash to retrieve the codehash of an account.

Type System: The global variables tx.origin and msg.sender have type address instead of address payable.

Type System: Unary negation can only be used on signed integers, not on unsigned integers.

View Pure Checker: Mark chainid as view.

Yul: Disallow the use of reserved identifiers, such as EVM instructions, even if they are not available in the given dialect / EVM version.

Yul: The assignimmutable builtin in the "EVM with objects" dialect takes the base offset of the code to modify as an additional argument.

Language Features:

Super constructors can now be called using the member notation e.g. M.C(123).

Bugfixes:

Type Checker: Perform proper truncating integer arithmetic when using constants in array length expressions.

AST Changes:

New AST Node IdentifierPath replacing in many places the UserDefinedTypeName.

New AST Node UncheckedBlock used for unchecked { ... }.

We especially thank all the contributors that made this release possible:

Alex Beregszaszi, Christian Parpart, Daniel Kirchner, Djordje Mijovic, Harikrishnan Mulackal, Kamil Śliwak, Leonardo Alt, Mathias Baumann, ssi91

If you want to perform a source build, please only use solidity_0.8.0.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(34.03 MB)
solc-static-linux(10.82 MB)
solc-windows.exe(6.87 MB)
solidity_0.8.0.tar.gz(2.42 MB)
soljson.js(22.87 MB)
v0.7.6(Dec 16, 2020)
This version of Solidity adds better support for calldata types. Furthermore, the fallback function can now have a parameter and explicitly return data. For details, please see the blog post.

Language Features:

Code generator: Support conversion from calldata slices to memory and storage arrays.

Code generator: Support copying dynamically encoded structs from calldata to memory.

Code generator: Support copying of nested arrays from calldata to memory.

Scanner: Generate a parser error when comments or unicode strings contain an unbalanced or underflowing set of unicode direction override markers (LRO, RLO, LRE, RLE, PDF).

The fallback function can now also have a single calldata argument (equaling msg.data) and return bytes memory (which will not be ABI-encoded but returned as-is).

Wasm backend: Add i32.select and i64.select instructions.

Compiler Features:

Build System: Optionally support dynamic loading of Z3 and use that mechanism for Linux release builds.

Code Generator: Avoid memory allocation for default value if it is not used.

SMTChecker: Apply constant evaluation on binary arithmetic expressions.

SMTChecker: Create underflow and overflow verification targets for increment/decrement in the CHC engine.

SMTChecker: Report struct values in counterexamples from CHC engine.

SMTChecker: Support early returns in the CHC engine.

SMTChecker: Support getters.

SMTChecker: Support named arguments in function calls.

SMTChecker: Support struct constructor.

Standard-Json: Move the recently introduced modelCheckerSettings key to settings.modelChecker.

Standard-Json: Properly filter the requested output artifacts.

Bugfixes:

Code generator: Do not pad empty string literals with a single 32-byte zero field in the ABI coder v1.

NatSpec: Fix segfault when inheriting return parameter documentation for modifiers with no parameters.

SMTChecker: Fix cast string literals to byte arrays.

SMTChecker: Fix internal compiler error when doing bitwise compound assignment with string literals.

SMTChecker: Fix internal error when trying to generate counterexamples with old z3.

SMTChecker: Fix segmentation fault that could occur on certain SMT-enabled sources when no SMT solver was available.

SMTChecker: Fix internal error when bytes.push() is used as the LHS of an assignment.

Type Checker: super is not available in libraries.

Type Checker: Disallow leading zeroes in sized-types (e.g. bytes000032), but allow them to be treated as identifiers.

Yul Optimizer: Fix a bug in NameSimplifier where a new name created by NameSimplifier could also be created by NameDispenser.

Yul Optimizer: Removed NameSimplifier from optimization steps available to users.

We especially thank all the contributors that made this release possible:

Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Đorđe Mijović, franzihei, Harikrishnan Mulackal, Jaime, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann, Matt Williams, midinas, ritzdorf.

If you want to perform a source build, please only use solidity_0.7.6.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(33.96 MB)
solc-static-linux(10.73 MB)
solc-windows.exe(6.84 MB)
solidity_0.7.6.tar.gz(2.40 MB)
soljson.js(22.82 MB)
v0.7.5(Nov 18, 2020)
This version of Solidity adds a new way to select which ABI coder to use in preparation for making ABI coder v2 the default for 0.8.0. Another notable feature is the option to compile via the new experimental Yul-based compiler pipeline.

Language Features

Ability to select the abi coder using pragma abicoder v1 and pragma abicoder v2.

Inline Assembly: Use .offset and .length for calldata variables of dynamic array type to access their calldata offset and length (number of elements). Both of them can also be assigned to.

Immutable variables with literal number values are considered pure.

Compiler Features

Assembler: Perform linking in assembly mode when library addresses are provided.

Command Line Interface: New option --experimental-via-ir allows switching compilation process to go through the Yul intermediate representation. This is highly experimental and is used for development purposes.

Command Line Interface: New option --model-checker-timeout sets a timeout in milliseconds for each individual query performed by the SMTChecker.

Command Line Interface: Report error if file could not be read in --standard-json mode.

Command Line interface: Report proper error for each output file which could not be written. Previously an exception was thrown, and execution aborted, on the first error.

SMTChecker: Add division by zero checks in the CHC engine.

SMTChecker: More precise analysis of external calls using this.

SMTChecker: Support selector for expressions with value known at compile-time.

Standard JSON: New option modelCheckerSettings.timeout sets a timeout in milliseconds for each individual query performed by the SMTChecker.

Standard JSON: New option settings.viaIR allows the same switch as --experimental-via-ir on the commandline.

Bugfixes

Code generator: Fix missing creation dependency tracking for abstract contracts.

Command Line Interface: Fix write error when the directory passed to --output-dir ends with a slash.

Command Line Interface: Reject duplicate libraries in --libraries option instead of arbitrarily choosing one.

NatSpec: Fix internal error when inheriting return parameter documentation but the parameter names differ between base and inherited.

SMTChecker: Fix CHC false positives when branches are used inside modifiers.

SMTChecker: Fix false negative in modifier applied multiple times.

SMTChecker: Fix incorrect counterexamples reported by the CHC engine.

SMTChecker: Fix internal error in the BMC engine when inherited contract from a different source unit has private state variables.

SMTChecker: Fix internal error on conversion from string literal to byte.

SMTChecker: Fix internal error when array.push() is used as the LHS of an assignment.

SMTChecker: Fix internal error when assigning state variable via contract's name.

SMTChecker: Fix internal error when using tuples of rational literals inside the conditional operator.

SMTChecker: Fix lack of reporting potential violations when using only the CHC engine.

Standard JSON: Fix library addresses specified in libraries being used for linking even if the file names do not match.

AST Changes

New member suffix for inline assembly identifiers. Currently supported values are "slot", "offset" and "length" to access the components of a Solidity variable.

We especially thank all the contributors that made this release possible:

Alex Beregszaszi, Kamil Śliwak, Leonardo Alt, Christian Parpart, Martin Blicha, Đorđe Mijović, Harikrishnan Mulackal, Alexander Arlt, Mathias Baumann, DELL, Eric Bouchut, RishiGondkar, a3d4, cakesoft-khushi

If you want to perform a source build, please only use solidity_0.7.5.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(33.90 MB)
solc-static-linux(10.76 MB)
solc-windows.exe(6.80 MB)
solidity_0.7.5.tar.gz(2.35 MB)
soljson.js(22.76 MB)
preview-0.8.x(Oct 28, 2020)

This is a preview release of the Solidity 0.8.x series.

Read more about it in the blog post.
Source code(tar.gz)
Source code(zip)
solc-macos(33.88 MB)
solc-static-linux(9.35 MB)
solc.exe(6.76 MB)
soljson.js(22.64 MB)
v0.7.4(Oct 19, 2020)
Solidity v0.7.4 fixes a storage corruption bug of medium severity that occurs when copying empty byte arrays to storage.

To learn more about the bug and to check if your contract is vulnerable please read this post with further details about the bug.

We thank John Toman of the Certora development team for finding and reporting the bug.

In addition to the bug fix, this release contains many small fixes and allows you to define constants at file-level. More details can be found in the release announcement.

Important Bugfixes

Code Generator: Fix data corruption bug when copying empty byte arrays from memory or calldata to storage.

Language Features

Constants can be defined at file level.

Compiler Features

Command Line Interface: New option --model-checker-engine allows to choose a specific SMTChecker engine. Options are all (default), bmc, chc and none.

Control Flow Graph: Print warning for non-empty functions with unnamed return parameters that are not assigned a value in all code paths.

SMTChecker: Support keccak256, sha256, ripemd160 and ecrecover in the CHC engine.

SMTChecker: Support inline arrays.

SMTChecker: Support variables block, msg and tx in the CHC engine.

Standard JSON: New option modelCheckerSettings.engine allows to choose a specific SMTChecker engine. Options are all (default), bmc, chc and none.

Bugfixes

Code generator: Fix ABIEncoderV2 pragma from the current module affecting inherited functions and applied modifiers.

Code generator: Fix internal compiler error when referencing members via module name but not using the reference.

Code generator: Fix internal error on returning structs containing mappings from library function.

Code generator: Use revert instead of invalid opcode for out-of-bounds array index access in getter.

Contract Level Checker: Add missing check against inheriting functions with ABIEncoderV2 return types in ABIEncoderV1 contracts.

Name Resolver: Fix shadowing/same-name warnings for later declarations.

Type Checker: Allow arrays of contract types as type expressions and as arguments for abi.decode.

Type Checker: Disallow invalid use of library names as type name.

Type Checker: Fix internal compiler error caused by storage parameters with nested mappings in libraries.

We especially thank all the contributors that made this release possible:

a3d4, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Đorđe Mijović, franzihei, Harikrishnan Mulackal, Kamil Śliwak, Leonardo Alt, Martin Blicha, Mathias Baumann, Ronald Eddy Jr

If you want to perform a source build, please only use solidity_0.7.4.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(33.82 MB)
solc-static-linux(10.67 MB)
solc-windows.exe(6.74 MB)
solidity_0.7.4.tar.gz(2.31 MB)
soljson.js(22.61 MB)
v0.7.3(Oct 7, 2020)
This release fixes a bug in the routine that copies dynamically-sized arrays to storage. More details about the bug can be found in the blog post.

Important Bugfixes

Code Generator: Properly cleanup after copying dynamic-array to storage for packed types.

Compiler Features

Code generator: Implemented events with function type as one of its indexed parameters.

General: Option to stop compilation after parsing stage. Can be used with solc --stop-after parsing

Optimizer: Optimize exp when base is -1.

SMTChecker: Support addmod and mulmod.

SMTChecker: Support array slices.

SMTChecker: Support type conversions.

Bugfixes

Fixed internal compiler errors for certain contracts involving the new expression.

JSON AST: Fix internal error when using --ast-json on a function with memory arguments in ABIEncoderV2 contracts.

Type Checker: Add missing checks for calls using types incompatible with ABIEncoderV1 in modules where ABIEncoderV2 is not enabled.

Type Checker: Fix internal compiler error when calling .push(<arg>) for a storage array with a nested mapping.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Djordje Mijovic, Harikrishnan Mulackal, Leonardo Alt, Mathias Baumann

If you want to perform a source build, please only use solidity_0.7.3.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(33.64 MB)
solc-static-linux(9.47 MB)
solc-windows.exe(6.64 MB)
solidity_0.7.3.tar.gz(2.28 MB)
soljson.js(22.41 MB)
v0.7.2(Sep 28, 2020)
This release of Solidity includes a fix for the "free functions" feature introduced in the previous release: Two free functions with the same name and parameter types were not considered an error. For more details, please see the blog post.

The language support by the SMT checker has also been expanded considerably and the compiler can now export generated internal routines like the ABI encoder and decoder as readable Yul code.

Important Bugfixes

Type Checker: Disallow two or more free functions with identical name (potentially imported and aliased) and parameter types.

Compiler Features

Export compiler-generated utility sources via standard-json or combined-json.

Optimizer: Optimize exp when base is 0, 1 or 2.

SMTChecker: Keep knowledge about string literals, even through assignment, and thus support the .length property properly.

SMTChecker: Support address type conversion with literals, e.g. address(0).

SMTChecker: Support revert().

SMTChecker: Support type(T).min, type(T).max, and type(I).interfaceId.

SMTChecker: Support compound and, or, and xor operators.

SMTChecker: Support events and low-level logs.

SMTChecker: Support fixed bytes index access.

SMTChecker: Support memory allocation, e.g. new bytes(123).

SMTChecker: Support shifts.

SMTChecker: Support structs.

Type Checker: Explain why oversized hex string literals can not be explicitly converted to a shorter bytesNN type.

Type Checker: More detailed error messages why implicit conversions fail.

Type Checker: Report position of first invalid UTF-8 sequence in unicode"" literals.

Yul IR Generator: Report source locations related to unimplemented features.

Yul Optimizer: Inline into functions further down in the call graph first.

Yul Optimizer: Prune unused parameters in functions.

Yul Optimizer: Try to simplify function names.

Bugfixes

Code generator: Fix internal error on stripping dynamic types from return parameters on EVM versions without RETURNDATACOPY.

Type Checker: Add missing check against nested dynamic arrays in ABI encoding functions when ABIEncoderV2 is disabled.

Type Checker: Correct the error message for invalid named parameter in a call to refer to the right argument.

Type Checker: Correct the warning for homonymous, but not shadowing declarations.

Type Checker: Disallow virtual for modifiers in libraries.

Type system: Fix internal error on implicit conversion of contract instance to the type of its super.

Type system: Fix internal error on implicit conversion of string literal to a calldata string.

Type system: Fix named parameters in overloaded function and event calls being matched incorrectly if the order differs from the declaration.

ViewPureChecker: Prevent visibility check on constructors.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Djordje Mijovic, Đorđe Mijović, franzihei, Harikrishnan Mulackal, John B Nelson, Kamil Śliwak, Leonardo Alt, Mathias Baumann, Nikesh Nazareth, Omkar Nikhal, Wayne Nilsen

If you want to perform a source build, please only use solidity_0.7.2.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(33.58 MB)
solc-static-linux(9.42 MB)
solc-windows.exe(6.63 MB)
solidity_0.7.2.tar.gz(2.26 MB)
soljson.js(22.31 MB)
v0.7.1(Sep 2, 2020)
This release introduces the possibility to define functions at file level. This is a way to define helper-functions that are independent of specific contracts which is much more natural than using internal library functions. Apart from this, the release contains many bugfixes.

Language Features:

Allow function definitions outside of contracts, behaving much like internal library functions.

Code generator: Implementing copying structs from calldata to storage.

Compiler Features:

SMTChecker: Add underflow and overflow as verification conditions in the CHC engine.

SMTChecker: Support bitwise or, xor and not operators.

SMTChecker: Support conditional operator.

Standard JSON Interface: Do not run EVM bytecode code generation, if only Yul IR or EWasm output is requested.

Yul Optimizer: LoopInvariantCodeMotion can move reading operations outside for-loops as long as the affected area is not modified inside the loop.

Yul: Report error when using non-string literals for datasize(), dataoffset(), linkersymbol(), loadimmutable(), setimmutable().

Bugfixes:

AST: Remove null member values also when the compiler is used in standard-json-mode.

General: Allow type(Contract).name for abstract contracts and interfaces.

Immutables: Disallow assigning immutables more than once during their declaration.

Immutables: Properly treat complex assignment and increment/decrement as both reading and writing and thus disallow it everywhere for immutable variables.

Optimizer: Keep side-effects of x in byte(a, shr(b, x)) even if the constants a and b would make the expression zero unconditionally. This optimizer rule is very hard if not impossible to trigger in a way that it can result in invalid code, though.

References Resolver: Fix internal bug when using constructor for library.

Scanner: Fix bug where whitespace would be allowed within the -> token (e.g. function f() - > x {} becomes invalid in inline assembly and Yul).

SMTChecker: Fix internal error in BMC function inlining.

SMTChecker: Fix internal error on array implicit conversion.

SMTChecker: Fix internal error on fixed bytes index access.

SMTChecker: Fix internal error on lvalue unary operators with tuples.

SMTChecker: Fix internal error on tuple assignment.

SMTChecker: Fix internal error on tuples of one element that have tuple type.

SMTChecker: Fix soundness of array pop.

Type Checker: Disallow using for directive inside interfaces.

Type Checker: Disallow signed literals as exponent in exponentiation operator.

Type Checker: Disallow structs containing nested mapping in memory as parameters for library functions.

Yul Optimizer: Ensure that Yul keywords are not mistakenly used by the NameDispenser and VarNameCleaners. The bug would manifest as uncompilable code.

Yul Optimizer: Make function inlining order more resilient to whether or not unrelated source files are present.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, cakesoft-omkar, Christian Parpart, Daniel Kirchner, Đorđe Mijović, Goh Chun Lin, hactrox, Harikrishnan Mulackal, Harry Altman, Jason Cobb, Kamil Śliwak, Leonardo Alt, Mathias Baumann.

If you want to perform a source build, please only use solidity_0.7.1.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(32.27 MB)
solc-static-linux(9.16 MB)
solidity-windows.zip(7.41 MB)
solidity_0.7.1.tar.gz(2.20 MB)
soljson.js(21.87 MB)
v0.7.0(Jul 28, 2020)
Solidity 0.7.0 is a breaking release of the Solidity compiler and language.

This release does not include many features but rather changes that require a backwards-incompatible adjustment in syntax or semantics. For a detailed explanation, please see the documentation.

Most notably, further cleanup of visibility and state mutability has been performed and several unpopular keywords have been removed. Types with mappings in memory are disallowed and shift and exponentiation operations use more reasonable types.

Since we usually do not backport bugfixes, it is recommended to upgrade all code to be compatible with Solidity v.0.7.0.

The solidity-upgrade tool can help you to semi-automatically upgrade your contracts to breaking language changes. While solidity-upgrade carries out a large part of the work, your contracts will most likely need further manual adjustments.

You can find a guide on how to update your code here.

Note that changes listed below are the changes between 0.6.12 and 0.7.0. For changes introduced during the 0.6.x series, please see the individual changelogs or release announcements on this blog.

Breaking Changes:

Inline Assembly: Disallow . in user-defined function and variable names.

Inline Assembly: Slot and offset of storage pointer variable x are accessed via x.slot and x.offset instead of x_slot and x_offset.

JSON AST: Mark hex string literals with kind: "hexString".

JSON AST: Remove members with null value from JSON output.

Parser: Disallow gwei as identifier.

Parser: Disallow dot syntax for value and gas.

Parser: Disallow non-printable characters in string literals.

Parser: Introduce Unicode string literals: unicode"😃".

Parser: NatSpec comments on variables are only allowed for public state variables.

Parser: Remove the finney and szabo denominations.

Parser: Remove the identifier now (replaced by block.timestamp).

Reference Resolver: using A for B only affects the contract it is mentioned in and not all derived contracts

Type Checker: Disallow virtual for library functions.

Type Checker: Disallow assignments to state variables that contain nested mappings.

Type checker: Disallow events with same name and parameter types in inheritance hierarchy.

Type Checker: Disallow shifts by signed types.

Type Checker: Disallow structs and arrays in memory or calldata if they contain nested mappings.

Type Checker: Exponentiation and shifts of literals by non-literals will always use uint256 or int256 as a type.

Yul: Disallow consecutive and trailing dots in identifiers. Leading dots were already disallowed.

Yul: Disallow EVM instruction pc().

Language Features:

Inheritance: Allow overrides to have stricter state mutability: view can override nonpayable and pure can override view.

Parser: Deprecate visibility for constructors.

State mutability: Do not issue recommendation for stricter mutability for virtual functions but do issue it for functions that override.

Compiler Features:

SMTChecker: Report multi-transaction counterexamples including the function calls that initiate the transactions. This does not include concrete values for reference types and reentrant calls.

Variable declarations using the var keyword are not recognized anymore.

Bugfixes:

Inheritance: Disallow public state variables overwriting pure functions.

NatSpec: Constructors and functions have consistent userdoc output.

SMTChecker: Fix internal error when assigning to a 1-tuple.

SMTChecker: Fix internal error when tuples have extra effectless parenthesis.

State Mutability: Constant public state variables are considered pure functions.

Type Checker: Fixing deduction issues on function types when function call has named arguments.

Immutables: Fix internal compiler error when immutables are not assigned.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Djordje Mijovic, Erik Kundt, franzihei, Harikrishnan Mulackal, Leonardo Alt, Mathias Baumann.

If you want to perform a source build, please only use solidity_0.7.0.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(32.26 MB)
solc-static-linux(9.06 MB)
solidity-windows.zip(7.33 MB)
solidity_0.7.0.tar.gz(2.16 MB)
soljson.js(21.73 MB)
v0.6.12(Jul 22, 2020)
This release of Solidity adds more flexibility to inheriting NatSpec and improves the handling of the stack.

Language Features:

NatSpec: Implement tag @inheritdoc to copy documentation from a specific base contract.

Wasm backend: Add i32.ctz, i64.ctz, i32.popcnt, and i64.popcnt.

Compiler Features:

Code Generator: Avoid double cleanup when copying to memory.

Code Generator: Evaluate keccak256 of string literals at compile-time.

Optimizer: Add rule to remove shifts inside the byte opcode.

Peephole Optimizer: Add rule to remove swap after dup.

Peephole Optimizer: Remove unnecessary masking of tags.

Yul EVM Code Transform: Free stack slots directly after visiting the right-hand-side of variable declarations instead of at the end of the statement only.

Bugfixes:

SMTChecker: Fix error in events with indices of type static array.

SMTChecker: Fix internal error in sequential storage array pushes (push().push()).

SMTChecker: Fix internal error when using bitwise operators on fixed bytes type.

SMTChecker: Fix internal error when using compound bitwise operator assignments on array indices inside branches.

Type Checker: Fix internal compiler error related to oversized types.

Type Checker: Fix overload resolution in combination with {value: ...}.

Build System

Update internal dependency of jsoncpp to 1.9.3.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Daniel Kirchner, Djordje Mijovic, Kamil Śliwak, Leonardo Alt, Mathias Baumann, Sachin Grover, Tiny熊,

If you want to perform a source build, please only use solidity_0.6.12.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(32.21 MB)
solc-static-linux(9.03 MB)
solidity-windows.zip(7.30 MB)
solidity_0.6.12.tar.gz(2.14 MB)
soljson.js(21.66 MB)
v0.6.11(Jul 7, 2020)
This release adds inheritance to NatSpec comments, improves debugging data output and fixes some minor issues with opening up calldata for non-external functions.

Language Features:

General: Add unit denomination gwei

Yul: Support linkersymbol builtin in standalone assembly mode to refer to library addresses.

Yul: Support using string literals exceeding 32 bytes as literal arguments for builtins.

Compiler Features:

NatSpec: Add fields kind and version to the JSON output.

NatSpec: Inherit tags from unique base functions if derived function does not provide any.

Commandline Interface: Prevent some incompatible commandline options from being used together.

NatSpec: Support NatSpec comments on events.

Yul Optimizer: Store knowledge about storage / memory after a := sload(x) / a := mload(x).

SMTChecker: Support external calls to unknown code.

Source Maps: Also tag jumps into and out of Yul functions as jumps into and out of functions.

Bugfixes:

NatSpec: Do not consider //// and /*** as NatSpec comments.

Type Checker: Disallow constructor parameters with calldata data location.

Type Checker: Do not disallow assigning to calldata variables.

Type Checker: Fix internal error related to using for applied to non-libraries.

Wasm backend: Fix code generation for for-loops with pre statements.

Wasm backend: Properly support both i32.drop and i64.drop, and remove drop.

Yul: Disallow the same variable to occur multiple times on the left-hand side of an assignment.

Yul: Fix source location of variable multi-assignment.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Daniel Kirchner, Djordje Mijovic, Harikrishnan Mulackal, Kamil Śliwak, Leonardo Alt, Mathias Baumann, step21

If you want to perform a source build, please only use solidity_0.6.11.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(32.08 MB)
solc-static-linux(8.96 MB)
solidity-windows.zip(7.24 MB)
solidity_0.6.11.tar.gz(2.12 MB)
soljson.js(21.58 MB)
v0.6.10(Jun 11, 2020)
Solidity 0.6.10 is a bugfix release that fixes a bug introduced in 0.6.9 related to library functions with calldata parameters that are called via using for. For more details on the bug, pleas see the blog post.

In addition to that, the compiler now generates error codes that could be useful for IDEs or automated analysis tools.

Important Bugfixes:

Fixed a bug related to internal library functions with calldata parameters called via using for.

Compiler Features:

Commandline Interface: Re-group help screen.

Output compilation error codes in standard-json and when using --error-codes.

Yul: Raise warning for switch statements that only have a default and no other cases.

Bugfixes:

SMTChecker: Fix internal error when encoding tuples of tuples.

SMTChecker: Fix aliasing soundness after pushing to an array pointer.

Type system: Fix internal compiler error on calling externally a function that returns variables with calldata location.

Type system: Fix bug where a bound function was not found if using for is applied to explicit reference types.

We especially thank all the contributors that made this release possible:

a3d4, Daniel Kirchner, Djordje Mijovic, ethers, Harikrishnan Mulackal, Igor Line, Kamil Śliwak, Leonardo Alt, Leonardo, Paul Razvan Berg, TrentZ

If you want to perform a source build, please only use solidity_0.6.10.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(32.00 MB)
solc-static-linux(8.91 MB)
solidity-windows.zip(7.19 MB)
solidity_0.6.10.tar.gz(2.10 MB)
soljson.js(20.19 MB)
v0.6.9(Jun 4, 2020)
This is the first release of Solidity where the solc-js / soljson binary includes the Z3 SMT solver built-in. This means you can use pragma experimental SMTChecker; even without a local install of z3. Note that this causes an increase in the binary size.

On the language side, the calldata data location for variables and parameters is now allowed everywhere, even in internal functions.

To enhance developer experience, the option --base-path allows you to specify a root path of your contract directory structure to help with imports.

Language Features:

Permit calldata location for all variables.

NatSpec: Support NatSpec comments on state variables.

Yul: EVM instruction pc() is marked deprecated and will be removed in the next breaking release.

Compiler Features:

Build system: Update the soljson.js build to emscripten 1.39.15 and boost 1.73.0 and include Z3 for integrated SMTChecker support without the callback mechanism.

Build system: Switch the emscripten build from the fastcomp backend to the upstream backend.

Code Generator: Do not introduce new internal source references for small compiler routines.

Commandline Interface: Adds new option --base-path PATH to use the given path as the root of the source tree (defaults to the root of the filesystem).

SMTChecker: Support array length.

SMTChecker: Support array push and pop.

SMTChecker: General support to BitVectors and the bitwise and operator.

Bugfixes:

Code Generator: Trigger proper unimplemented errors on certain array copy operations.

Commandline Interface: Fix internal error when using --assemble or --yul options with --machine ewasm but without specifying --yul-dialect.

NatSpec: DocString block is terminated when encountering an empty line.

Optimizer: Fixed a bug in BlockDeDuplicator.

Scanner: Fix bug when two empty NatSpec comments lead to scanning past EOL.

SMTChecker: Fix internal error on try/catch clauses with parameters.

SMTChecker: Fix internal error when applying arithmetic operators to fixed point variables.

SMTChecker: Fix internal error when assigning to index access inside branches.

SMTChecker: Fix internal error when short circuiting Boolean expressions with function calls in state variable initialization.

Type Checker: Disallow assignments to storage variables of type mapping.

Type Checker: Disallow inline arrays of non-nameable types.

Type Checker: Disallow usage of override with non-public state variables.

Type Checker: Fix internal compiler error when accessing members of array slices.

Type Checker: Fix internal compiler error when forward referencing non-literal constants from inline assembly.

Type Checker: Fix internal compiler error when trying to decode too large static arrays.

Type Checker: Fix wrong compiler error when referencing an overridden function without calling it.

We especially thank all the contributors that made this release possible:

a3d4, Alex Beregszaszi, Alexander Arlt, Bhargava Shastry, Christian Parpart, Daniel Kirchner, Djordje Mijovic, Erik Kundt, Flash Sheridan, Harikrishnan Mulackal, Jason Cobb, Juan Franco, Kamil Śliwak, Leonardo Alt, Mathias Baumann, ssi91, William Entriken

If you want to perform a source build, please only use solidity_0.6.9.tar.gz and not the zip provided by github directly.
Source code(tar.gz)
Source code(zip)
solc-macos(31.97 MB)
solc-static-linux(8.89 MB)
solidity-windows.zip(7.18 MB)
solidity_0.6.9.tar.gz(2.09 MB)
soljson.js(20.17 MB)

Solidity, the Smart Contract Programming Language

Related tags

Overview

The Solidity Contract-Oriented Programming Language

Table of Contents

Background

Build and Install

Example

Documentation

Development

Maintainers

License

Security

Comments

Current state:

Abstract

Motivation

Specification

Backwards Compatibility

Other

Description

Environment

Steps to Reproduce

Abstract

Motivation

Specification

Backwards Compatibility

Abstract

Motivation

Rationale

Proposal

Keyword vs. Existing Syntax

Example Showcase

No reentrant Function Case

reentrant Function Case

Advanced Usage

Specification

Contracts Section

Cheatsheet

Language Grammar

Layout of State Variables In Storage

Solidity v0.9.0 Breaking Changes

Backwards Compatibility

General Concerns

Security Bypass

Bytecode & Gas Increase

Resources

Releases(v0.8.17)

v0.8.17(Sep 8, 2022)

v0.8.16(Aug 8, 2022)

v0.8.15(Jun 15, 2022)

v0.8.14(May 17, 2022)

v0.8.13(Mar 16, 2022)

v0.8.12(Feb 16, 2022)

v0.8.11(Dec 20, 2021)

v0.8.10(Nov 9, 2021)

v0.8.9(Sep 29, 2021)

v0.8.8(Sep 27, 2021)

v0.8.7(Aug 11, 2021)

v0.8.6(Jun 22, 2021)

v0.8.5(Jun 10, 2021)

v0.8.4(Apr 21, 2021)

v0.8.3(Mar 23, 2021)

v0.8.2(Mar 2, 2021)

v0.8.1(Jan 27, 2021)

v0.8.0(Dec 16, 2020)

Breaking Changes:

Language Features:

Bugfixes:

AST Changes:

v0.7.6(Dec 16, 2020)

Language Features:

Compiler Features:

Bugfixes:

v0.7.5(Nov 18, 2020)

Language Features

Compiler Features

Bugfixes

AST Changes

preview-0.8.x(Oct 28, 2020)

No `reentrant` Function Case

`reentrant` Function Case