We are getting closer to that Solidity 1.0 release (unless of course after 0.9 comes 0.10). Now Solidity 0.8 has been released only 5 months after the 0.7 release!
Let's explore how you can migrate your contracts today...
Let's look at the two big new features which are the integrated SafeMath and the new error handling.
That's right, you don't need to import the Openzeppelin SafeMath anymore. Best of all, you don't need to do anything to activate the Solidity integrated SafeMath. Just write a + b
and it will automatically revert on overflows.
You might see errors in tools like Remix as 0.8 is not fully supported yet. For example overflows don't give you the exact reason yet:
transact to Solidity08.test errored: VM error: revert. revert
But this should change in the future.
What if you actually want the code to be able to overflow? Or you are just way too concerned about gas costs?
You can deactivate it by wrapping it with an unchecked
form like this:
contract Solidity08 {
function test() external pure returns(uint256) {
// with SafeMath
// will revert
uint256 x = 0;
x--;
return x;
}
}
contract Solidity08 {
function test() external pure returns(uint256) {
// not using SafeMath
// will return type(uint256).max
uint256 x = 0;
unchecked { x--; }
return x;
}
}
Up until now certain operations caused the execution of the INVALID
opcode. The issue with this opcode is that it's consuming all remaining gas. This is obviously bad and just not necessary. Why would you waste the gas and donate it to the miners?
For more details, check out the difference between revert
and assert
here.
Now Solidity is using the revert
opcode. To distinguish between regular reverts and these system reverts, Solidity prefixes the return data with an identifier:
keccak256(Error(string))
which equals 0x08c379a0
keccak256(Panic(uint256))
which equals 0x4e487b71
Panics come with an additional error identifier. Currently available panics are
assert
.pop()
on an empty array.For further details see the new Error handling section in the documentation here.
Before we see how to migrate, let's first discuss should you migrate?
Depending on the time you read this, the answer may differ. Right now it was only just released and proper support from tools doesn't really exist yet. On top it's not heavily tested and used yet. Expect potential bugs!
What does this mean for you?
Let's go through our checklist.
Alright you said yes to the migration after going through the checklist? Let's see how this can be done...
The migration should in most case be pretty straight-forward. Only some cases where you do strange type conversions could become more difficult.
The changes you have to make for the migration include:
ABIEncoderV2
is now the default and automatically activated. The encoder wasn't experimental anymore since 0.6 but the 'pragma experimental' name was just kept for legacy reasons. Now you won't need to add the line anymore.msg.sender
and tx.origin
are not of type payable by default: Change msg.sender.transfer
to payable(msg.sender).transfer
uint256(-1)
won't work anymore. Use type(uint256).max
instead.myContract.functionCall{gas: 10000}{value: 1 ether }()
intomyContract.functionCall{gas: 10000, value: 1 ether }()
x**y**z
to (x**y)**z
as the default order of execution changed.byte
to bytes1I've left a few details out, for the full changelog and break down of all changes in detail, check out the documentation here.
Solidity Developer
The Openzeppelin v4 contracts are now available in Beta and most notably come with Solidity 0.8 support. For older compiler versions, you'll need to stick with the older contract versions. The beta tag means there still might be small breaking changes coming for the final v4 version, but you can...
As we've discussed last week, flash loans are a commonly used pattern for hacks. But what exactly are they and how are they implemented in the contracts? As of right now each protocol has its own way of implementing flash loans. With EIP-3156 we will get a standardized interface. The standard was...
With the recent Yearn vault v1 hack from just a few days ago, we can see a new pattern of hacks emerging: Get anonymous ETH via tornado.cash . Use the ETH to pay for the hack transaction(s). Use a flash loan to decrease capital requirements. Create some imbalances given the large capital and...