{"id":8494,"date":"2025-02-13T17:21:30","date_gmt":"2025-02-13T16:21:30","guid":{"rendered":"https:\/\/wsj-crypto.com\/?p=8494"},"modified":"2025-02-13T17:21:30","modified_gmt":"2025-02-13T16:21:30","slug":"unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog","status":"publish","type":"post","link":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/","title":{"rendered":"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog"},"content":{"rendered":"<p><\/p>\n<div id=\"\">\n<p class=\"chakra-text css-gi02ar\">A flaw in the Solidity optimizer was disclosed through the <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/bounty.ethereum.org\/\">Ethereum Foundation Bounty initiative<!-- --><\/a>, by Christoph Jentzsch. This flaw was corrected as of 2017-05-03, with the release of Solidity 0.4.11.<!-- --><\/p>\n<p><!-- --><\/p>\n<h3 class=\"chakra-heading css-145upk7\" id=\"background\">Background<!-- --><\/h3>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">The flaw in question was related to the manner in which the optimizer enhances constants within the bytecode. By &#8220;bytecode constants,&#8221; we refer to any items that are <!-- --><span class=\"chakra-text css-ons8vw\">PUSH<\/span>ed onto the stack (not to be confused with Solidity constants). For instance, if the value <!-- --><span class=\"chakra-text css-ons8vw\">0xfffffffffffffffffffffffffffffffffffffffffffffffe<\/span> is <!-- --><span class=\"chakra-text css-ons8vw\">PUSH<\/span>ed, the optimizer has the option to perform <!-- --><span class=\"chakra-text css-ons8vw\">PUSH32 0xfffffffffffffffffffffffffffffffffffffffffffffffe<\/span>, or it may opt to encode this as <!-- --><span class=\"chakra-text css-ons8vw\">PUSH1 1; NOT;<\/span>.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">A malfunction in the optimizer caused the optimizations of bytecode constants to fail under specific scenarios, resulting in a procedure that did not accurately reproduce the original constant.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">The behavior outlined in the reported flaw was identified in a contract where one method stopped functioning when an unrelated method was incorporated into the contract. After examination, it was found that several conditions needed to occur simultaneously for the flaw to be activated. Any combination of conditions that would cause the flaw would invariably possess the following two criteria:<!-- --><\/p>\n<p><!-- --><\/p>\n<ol role=\"list\" class=\"css-13a5a39\">\n<li class=\"css-cvpopp\">The constant must begin with <!-- --><span class=\"chakra-text css-ons8vw\">0xFF&#8230;<\/span> and conclude with a lengthy string of zeroes (or the opposite).<!-- --><\/li>\n<li class=\"css-cvpopp\">The identical constant must be used in multiple places, for the optimizer to decide to optimize this specific constant. Alternatively, it needs to be utilized in the constructor, which optimizes for size instead of gas.<!-- --><\/li>\n<\/ol>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Aside from the two conditions mentioned earlier, there are additional, more complex requirements that are necessary.<!-- --><\/p>\n<p><!-- --><\/p>\n<h2 class=\"chakra-heading css-1w54o5f\" id=\"analysis\">Analysis<!-- --><\/h2>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">This flaw exists in all released versions of Solidity from at least the summer of 2015 up to the present time. Although the flaw has been around since 2015, it appears quite challenging to trigger via \u201crandom\u201d code:<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">We conducted a static analysis of all contract code implemented on the blockchain and found no occurrences of such an incorrectly generated routine. Please note that the absence of a bug in all the contract code we reviewed does not ensure the lack of such occurrences.<!-- --><\/p>\n<p><!-- --><\/p>\n<h2 class=\"chakra-heading css-1w54o5f\" id=\"improvements\">Improvements<!-- --><\/h2>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">To enhance transparency and raise awareness concerning bugs in Solidity, we have initiated the export of information regarding Solidity-related vulnerabilities as JSON files within the Solidity code repository(<!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/github.com\/ethereum\/solidity\/blob\/develop\/docs\/bugs.json\">1<!-- --><\/a>,<!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/github.com\/ethereum\/solidity\/blob\/develop\/docs\/bugs_by_version.json\">2<!-- --><\/a>). We anticipate that block explorers will incorporate this data alongside other contract-related details.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Etherscan has already put this into action, observable <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/etherscan.io\/address\/0x83b5c924b74e0dc12386fa110c28faa1efedb07b#code\">here<!-- --><\/a> and <!-- --><a target=\"_blank\" rel=\"noopener\" class=\"chakra-link css-ug8vf0\" href=\"https:\/\/etherscan.io\/contractsVerified\">here<!-- --><\/a>.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Regarding the flaw itself, we incorporated a mini-EVM within the optimizer that validates the accuracy of each generated routine at compile time.<!-- --><\/p>\n<p><!-- --><\/p>\n<p class=\"chakra-text css-gi02ar\">Moreover, work has already commenced on a fully-defined and more advanced intermediate language. Future optimizer routines based on this language will be significantly simpler to grasp and audit, ultimately replacing the existing optimizer.<!-- --><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/blog.ethereum.org\/en\/2017\/05\/03\/solidity-optimizer-bug\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A flaw in the Solidity optimizer was disclosed through the Ethereum Foundation Bounty initiative, by Christoph Jentzsch. This flaw was corrected as of 2017-05-03, with the release of Solidity 0.4.11. Background The flaw in question was related to the manner in which the optimizer enhances constants within the bytecode. By &#8220;bytecode constants,&#8221; we refer to<\/p>\n","protected":false},"author":3,"featured_media":8282,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23],"tags":[1273],"class_list":["post-8494","post","type-post","status-publish","format-standard","has-post-thumbnail","category-ethereum","tag-return-a-list-of-comma-separated-tags-from-this-title-solidity-optimizer-bug-ethereum-foundation-blog"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto\" \/>\n<meta property=\"og:description\" content=\"A flaw in the Solidity optimizer was disclosed through the Ethereum Foundation Bounty initiative, by Christoph Jentzsch. This flaw was corrected as of 2017-05-03, with the release of Solidity 0.4.11. Background The flaw in question was related to the manner in which the optimizer enhances constants within the bytecode. By &#8220;bytecode constants,&#8221; we refer to\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/\" \/>\n<meta property=\"og:site_name\" content=\"WSJ-Crypto\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-13T16:21:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2100\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"wsjcrypto\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"wsjcrypto\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/\",\"url\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/\",\"name\":\"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto\",\"isPartOf\":{\"@id\":\"https:\/\/wsj-crypto.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"datePublished\":\"2025-02-13T16:21:30+00:00\",\"author\":{\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\"},\"breadcrumb\":{\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage\",\"url\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"contentUrl\":\"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg\",\"width\":2100,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wsj-crypto.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wsj-crypto.com\/#website\",\"url\":\"https:\/\/wsj-crypto.com\/\",\"name\":\"WSJ-Crypto\",\"description\":\"Just Another Crypto News Website\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wsj-crypto.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7\",\"name\":\"wsjcrypto\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g\",\"caption\":\"wsjcrypto\"},\"url\":\"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/","og_locale":"it_IT","og_type":"article","og_title":"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto","og_description":"A flaw in the Solidity optimizer was disclosed through the Ethereum Foundation Bounty initiative, by Christoph Jentzsch. This flaw was corrected as of 2017-05-03, with the release of Solidity 0.4.11. Background The flaw in question was related to the manner in which the optimizer enhances constants within the bytecode. By &#8220;bytecode constants,&#8221; we refer to","og_url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/","og_site_name":"WSJ-Crypto","article_published_time":"2025-02-13T16:21:30+00:00","og_image":[{"width":2100,"height":900,"url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","type":"image\/jpeg"}],"author":"wsjcrypto","twitter_card":"summary_large_image","twitter_misc":{"Scritto da":"wsjcrypto","Tempo di lettura stimato":"2 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/","url":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/","name":"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog - WSJ-Crypto","isPartOf":{"@id":"https:\/\/wsj-crypto.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage"},"image":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage"},"thumbnailUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","datePublished":"2025-02-13T16:21:30+00:00","author":{"@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7"},"breadcrumb":{"@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#primaryimage","url":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","contentUrl":"https:\/\/wsj-crypto.com\/wp-content\/uploads\/2025\/02\/eth-org.jpeg","width":2100,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/wsj-crypto.com\/index.php\/2025\/02\/13\/unveiling-the-solidity-optimizer-glitch-insights-from-the-ethereum-foundation-blog\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wsj-crypto.com\/"},{"@type":"ListItem","position":2,"name":"Unveiling the Solidity Optimizer Glitch: Insights from the Ethereum Foundation Blog"}]},{"@type":"WebSite","@id":"https:\/\/wsj-crypto.com\/#website","url":"https:\/\/wsj-crypto.com\/","name":"WSJ-Crypto","description":"Just Another Crypto News Website","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wsj-crypto.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Person","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/88a93723b30416db1a352d5a0096c4a7","name":"wsjcrypto","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/wsj-crypto.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/86fe8af82ea089646d6639ca2f87e0243d8688d957bd8e3ec22ec3c457cc16d4?s=96&d=mm&r=g","caption":"wsjcrypto"},"url":"https:\/\/wsj-crypto.com\/index.php\/author\/wsjcrypto\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8494","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/comments?post=8494"}],"version-history":[{"count":2,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8494\/revisions"}],"predecessor-version":[{"id":8496,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/posts\/8494\/revisions\/8496"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media\/8282"}],"wp:attachment":[{"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/media?parent=8494"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/categories?post=8494"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wsj-crypto.com\/index.php\/wp-json\/wp\/v2\/tags?post=8494"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}