Solidity
Paradigm | Imperative |
---|---|
Designed by | Gavin Wood |
Developer | Christian Reitwiessner,[1] Alex Beregszaszi,[2] and several former Ethereum core contributors. |
First appeared | August 2014 |
Stable release | 0.8.28[3]
/ 9 October 2024 |
Implementation language | C++[4] |
License | GNU General Public License v3.0[5] |
Filename extensions | .sol |
Website | soliditylang |
Influenced by | |
JavaScript, C++, Python |
Solidity is a programming language for implementing smart contracts[6][7] on various blockchain platforms, most notably, Ethereum.[8] Solidity is licensed under GNU General Public License v3.0.[9] Solidity was designed by Gavin Wood[10][non-primary source needed] and developed by Christian Reitwiessner, Alex Beregszaszi, and several former Ethereum core contributors.[11] Programs in Solidity run on Ethereum Virtual Machine or on compatible virtual machines.[12]
History
[edit]Solidity was proposed in August 2014 by Gavin Wood[13][non-primary source needed] The language was later developed by the Ethereum project's Solidity team, led by Christian Reitwiessner.
Solidity is the primary language used to develop smart contracts for Ethereum as well as other private blockchains, such as the enterprise-oriented Hyperledger Fabric blockchain. SWIFT deployed a proof of concept using Solidity running on Hyperledger Fabric.[14][15]
Description
[edit]Solidity is a statically typed programming language designed for developing smart contracts that run on the Ethereum Virtual Machine (EVM) or compatible virtual machines.[16]
Solidity uses ECMAScript-like syntax which makes it familiar for existing web developers;[17] however unlike ECMAScript it has static typing and variadic return types. Solidity is different from other EVM-targeting languages such as Serpent and Mutan in some important ways. It supports complex member variables for smart contracts, including arbitrarily hierarchical mappings and structs. Solidity smart contract support inheritance, including multiple inheritance with C3 linearization. Solidity introduces an application binary interface (ABI) that facilitates multiple type-safe functions within a single smart contract (this was also later supported by Serpent). The Solidity proposal also includes "Natural Language Specification", a documentation system for specifying user-centric descriptions of the ramifications of method-calls.[18][19][non-primary source needed]
Example of a Solidity program:[20][21]
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.4;
contract Coin {
// The keyword "public" makes variables
// accessible from other contracts
address public minter;
mapping(address => uint) public balances;
// Events allow clients to react to specific
// contract changes you declare
event Sent(address from, address to, uint amount);
// Constructor code is only run when the contract
// is created
constructor() {
minter = msg.sender;
}
// Sends an amount of newly created coins to an address
// Can only be called by the contract creator
function mint(address receiver, uint amount) public {
require(msg.sender == minter);
balances[receiver] += amount;
}
// Errors allow you to provide information about
// why an operation failed. They are returned
// to the caller of the function.
error InsufficientBalance(uint requested, uint available);
// Sends an amount of existing coins
// from any caller to an address
function send(address receiver, uint amount) public {
if (amount > balances[msg.sender])
revert InsufficientBalance({
requested: amount,
available: balances[msg.sender]
});
balances[msg.sender] -= amount;
balances[receiver] += amount;
emit Sent(msg.sender, receiver, amount);
}
}
Development IDEs
[edit]Editor extensions
[edit]Blockchain platforms
[edit]Solidity is available on:
- Avalanche C-Chain
- Binance Smart Chain[26]
- Counterparty (which runs on Bitcoin)[27][28]
- Ethereum
- Ethereum Classic
- Tron
- Hedera Hashgraph
- Polygon
- Metis
- Arbitrum
- Optimism
Criticism
[edit]Many security properties of smart contracts are inherently difficult to reason about directly, and the Turing-completeness of Solidity means that verification of arbitrary properties cannot be decidably automated. Current automated solutions for smart contract security analysis can miss critical violations, produce false positives, and fail to achieve sufficient code coverage on realistic contracts.[29] Solidity has been blamed for the error-prone implementation of Ethereum smart contracts due to its counterintuitive nature, its lack of constructs to deal with blockchain domain-specific aspects, and its lack of centralized documentation of known vulnerabilities.[30]
In 2016, a Cornell University researcher stated that Solidity was partially to blame for The DAO hack that took place that year. He stated: "this was actually not a flaw or exploit in the DAO contract itself: technically the Ethereum Virtual Machine (EVM) was operating as intended, but Solidity was introducing security flaws into contracts that were not only missed by the community, but missed by the designers of the language themselves."[31]
The developers community often cites Solidity requiring much of third party interfaces and APIs, and its inability to create critical information intensive smart contracts.
Comparison with other smart contract languages
[edit]Solidity vs. Rust
[edit]Solidity is the primary programming language for developing smart contracts on the Ethereum Virtual Machine (EVM).[32] However, Rust has emerged as a strong alternative in the blockchain ecosystem, especially for blockchains that support WebAssembly (Wasm), such as Polkadot, Klever and Solana.
Memory safety
[edit]Rust offers built-in memory safety features that prevent common programming errors, such as null pointer dereferencing and buffer overflows, which are not as rigorously enforced in Solidity. This makes Rust contracts potentially less prone to security vulnerabilities that could be exploited in smart contract environments.
Concurrency
[edit]Rust supports concurrent programming, which allows developers to write highly performant code that can handle multiple tasks simultaneously. This is particularly beneficial for high-performance blockchains like Solana,[33] which need to process thousands of transactions per second. Solidity, on the other hand, does not natively support concurrency, which can limit its performance in certain applications.[34]
Ecosystem Integration
[edit]While Solidity is deeply integrated with the Ethereum ecosystem and its numerous development tools,[35] Rust is versatile and can be used across various blockchain platforms that leverage Wasm. Rust’s growing popularity is reflected in its adoption by new blockchain projects that prioritize performance and security.
References
[edit]- ^ "Contributors to ethereum/solidity". GitHub. Retrieved 30 March 2023.
- ^ "Contributors to ethereum/solidity". GitHub. Retrieved 30 March 2023.
- ^ "Release 0.8.28". 9 October 2024. Retrieved 27 October 2024.
- ^ "Build software better, together". GitHub. Retrieved 30 March 2023.
- ^ The Solidity Contract-Oriented Programming Language, ethereum, 30 March 2023, retrieved 30 March 2023
- ^ Afshar, Vala (17 July 2017). "Ethereum Is The Second Most Valuable Digital Currency, Behind Bitcoin". HuffPost. Retrieved 10 April 2019.
- ^ "SOFE Berlin: Swift unveils blockchain proof-of-concept". Finextra (News). 24 November 2016. Retrieved 24 November 2016.
- ^ Finley, Klint. "Someone Just Stole $50 Million from the Biggest Crowdfunded Project Ever. (Humans Can't Be Trusted)". Wired.
- ^ The Solidity Contract-Oriented Programming Language, ethereum, 30 March 2023, retrieved 30 March 2023
- ^ Wood, Gavin (13 January 2015). "Created Solidity". Ethereum Wiki (Archived). Retrieved 23 March 2024.
- ^ "List of contributors". GitHub.
- ^ College, A. M. C. (1 November 2022). Blockchain & Cryptocurrency Technology with Solidity Level 1. Advanced Micro Systems Sdn Bhd.
- ^ "Gavin Wood". gavwood.com. Archived from the original on 30 March 2023. Retrieved 30 March 2023.
- ^ Nikolic, Ivica; Kolluri, Aashish; Sergey, Ilya; Saxena, Prateek; Hobor, Aquinas (14 March 2018). "Finding The Greedy, Prodigal, and Suicidal Contracts at Scale". arXiv:1802.06038 [cs.CR].
Different source languages compile to the EVM semantics, the predominant of them being Solidity
- ^ "Westpac joins SWIFT's blockchain proof of concept". ZDNet. Retrieved 13 July 2022.
- ^ "Hyperledger Fabric Tutorial - Create a blockchain app for loyalty points". IBM Developer. Retrieved 10 April 2019.
- ^ "Language Influences — Solidity 0.8.17 documentation". docs.soliditylang.org. Retrieved 30 March 2023.
- ^ Kapetanios-2008-06-27, p. 309.
- ^ ethereum. "Ethereum Natural Specification Format". GitHub.
- ^ "Introduction to Smart Contracts — Solidity 0.8.19 documentation". docs.soliditylang.org. Retrieved 30 March 2023.
- ^
Schneier, Karthikeyan; Schneier, Antoine; Bhargavan, Cedric; Delignat-Lavaud, Anitha; Fournet, Gollamudi; Schneier, Bruce; Rastogi, Nadim; Sibut-Pinote, Aseem; Rastogi1, Thomas; Swamy, Nikhil; Zanella-Beguelin, Santiago (27 August 2016). "Short Paper: Formal Verification of Smart Contracts" (PDF). Microsoft Research, French Institute for Research in Computer Science and Automation, Harvard University. Archived (PDF) from the original on 27 August 2016.
{{cite journal}}
: CS1 maint: numeric names: authors list (link) - ^ "Remix - Ethereum IDE". remix.ethereum.org. Retrieved 30 March 2023.
- ^ "EthFiddle - Solidity in the Browser. Powered By Loom Network". ethfiddle.com. Retrieved 30 March 2023.
- ^ "solidity - Visual Studio Marketplace". marketplace.visualstudio.com. Retrieved 30 March 2023.
- ^ "Solidity - IntelliJ IDEs Plugin | Marketplace". JetBrains Marketplace. Retrieved 30 March 2023.
- ^ "Binance Smart Chain". GitHub. 26 October 2021.
- ^ Vigna, Michael J. Casey and Paul (12 November 2014). "BitBeat: Bitcoin 2.0 Firm Counterparty Adopts Ethereum's Software". Wall Street Journal. ISSN 0099-9660. Retrieved 16 April 2021.
- ^ Swan, Melanie (2015). Blockchain : blueprint for a new economy (1st. ed.). [Sebastopol, Calif.] ISBN 978-1-4919-2047-3. OCLC 900781291.
{{cite book}}
: CS1 maint: location missing publisher (link) - ^ Tsankov, Petar; Dan, Andrei; Drachsler-Cohen, Dana; Gervais, Arthur; Bünzli, Florian; Vechev, Martin (15 October 2018). "Securify: Practical Security Analysis of Smart Contracts". Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. pp. 67–82. arXiv:1806.01143. doi:10.1145/3243734.3243780. hdl:10044/1/87935. ISBN 978-1-4503-5693-0. S2CID 46936025.
- ^ Atzei, Nicola; Bartoletti, M.; Cimoli, Tiziana (2017). "A Survey of Attacks on Ethereum Smart Contracts (SoK)". Principles of Security and Trust, 6th International Conference, 2017, Proceedings. Lecture Notes in Computer Science. pp. 164–186. doi:10.1007/978-3-662-54455-6_8. ISBN 978-3-662-54454-9. S2CID 15494854.
- ^ Finley, Klint (18 June 2016). "A $50 Million Hack Just Showed That the DAO Was All Too Human". Wired (News). Retrieved 18 February 2017.
- ^ Zheng, Gavin; Gao, Longxiang; Huang, Liqun; Guan, Jian (31 August 2020). Ethereum Smart Contract Development in Solidity. Springer Nature. ISBN 978-981-15-6218-1.
- ^ "Developing with Rust | Solana". solana.com. Retrieved 16 August 2024.
- ^ "Rust Official Documentation".
- ^ "Solidity Lang".