Bugs Found in Compiler for Readable Ethereum Smart Contracts, Team Downplays Concerns

Published at: Jan. 9, 2020

A Jan. 8 post published by the Ethereum Foundation (EF) revealed that developers are working on a new implementation of the Vyper compiler, due to “multiple serious bugs” in the existing version. The Vyperlang team responded by noting that existing Vyper smart contracts were not affected by these bugs.

Vyper is an alternative programming language for Ethereum originally conceived by Vitalik Buterin. It focuses on being as human-readable as possible, even at the cost of missing some of the more advanced features found in Solidity, the primary language. 

While initially part of the main Ethereum (ETH) code stack, it has since spun-off into an independent repository following an Oct. 2019 preliminary audit by Consensys Diligence. The report found 31 issues with the Vyper compiler, the software that translates the language into computer code for the Ethereum Virtual Machine (EVM). 

Ethereum Foundation developers explained in their blog post how they gradually became disillusioned with Vyper maintainers:

“After a few months of work we were skeptical that the python codebase was likely to deliver on the idea that Vyper promised. The codebase contained a significant amount of technical and architectural debt, and from our perspective it didn’t seem like the existing maintainers were focused on fixing this.”

Even before the report, the EF team began work on a new Vyper compiler based on the Rust language. The decision was motivated by increased portability to EWASM, a new virtual machine implementation replacing the EVM that is set to be introduced with Ethereum 2.0.

Compiler bugs not critical, argue Vyper maintainers

Bugs found in the Vyper compiler were especially significant due to its use in the Ethereum 2.0 deposit contract, a critical component of the Proof-of-Stake (PoS) system.

However, Vyper developers clarified in a Twitter thread that a separate audit was conducted for the contract itself by Runtime Verification, which found no unfixed bugs. It used the compiled machine code of the contract to perform the analysis, meaning that any anomaly introduced by the compiler would’ve been detected.

Furthermore, the Vyperlang team released an update on Jan. 7, claiming to have fixed over 75 percent of the bugs outlined by the Consensys audit. 

Development of both the Rust and Python versions of Vyper will continue, though EF developers remain hopeful that both implementations will work toward a single Vyper language — a goal that is likely to require close cooperation between the two teams.

Tags
Related Posts
3 reasons why Ethereum price might not hit $5,000 anytime soon
The price of Ether (ETH) has been in a downward spiral ever since Ethereum co-founder Vitalik Buterin presented at StartmeupHK Festival 2021. In a fireside chat session on May 27, Vitalik stated that several internal team conflicts caused the proof-of-stake migration to delay its launch. As reported by Cointelegraph, "Phase One," which introduces scalability through sharding, has been postponed to 2022. Furthermore, DeFi’s inherently decentralized nature might not be entirely beneficial because the sharding-style processing would need to run transactions through a relay chain. It’s impossible to pinpoint the reason behind Ether’s sharp fall from its all-time high, but the …
Markets / July 31, 2021
Ethereum 2.0 Will Come in 2020, According to ConsenSys Co-Founder
Ethereum’s Serenity will launch by the end of this year, according to ConsenSys Co-founder Andrew Keys. Given the current state of development though, few share his excitement. In a Jan. 7 post published on the ConsenSys site, Andrew Keys shared his predictions for 2020. Keys was one of the co-founders of ConsenSys, having since become a managing partner at DARMA Capital. While Keys’ predictions touched diverse themes ranging from the world economy to human rights, two are especially notable for their optimism. According to the executive, “2020 will see Ethereum move stridently beyond Phase 0 of Ethereum 2.0, onto Phase …
Blockchain / Jan. 10, 2020
An Ethereum 2.0 Proof-of-Stake Testnet Blockchain Is Now Live
An Ethereum (ETH) 2.0 Proof-of-Stake (PoS) testnet beacon blockchain is now live. Preston Van Loon, co-founder of sharding development firm Prysmatic Labs, announced the development in a Medium post on May 7. Ethereum 2.0 is an upcoming new Ethereum chain featuring improvements in security, scalability, and decentralization. Ethereum 2.0 would not be introduced to the current Ethereum network by means of a hard fork. Instead, users will be able to transfer value from the current Proof-of-Work (PoW) chain via a one-way smart contract. The announcement also notes that shards are a core concept behind Ethereum 2.0. Shards are individual chains …
Decentralization / May 8, 2019
Ethereum futures premium hits a 7-month low as ETH tests the $2,400 support
Ether (ETH) reached a $3,280 local high on Feb. 10, marking a 51.5% recovery from the $2,160 cycle low on Jan. 24. That price was the lowest in six months, and it partially explains why derivatives traders’ main sentiment gauge plummeted to bearish levels. Ether’s futures contract annualized premium, or basis, reached 2.5% on Feb. 25, reflecting bearishness despite the 11% rally to $2,700. The worsening conditions depict investors’ doubts regarding the Ethereum network’s shift to a proof-of-stake (PoS) mechanism. As reported by Cointelegraph, the much-anticipated sharding upgrade that will significantly boost processing capacity should come into effect in late …
Markets / Feb. 26, 2022
How to stake Fantom (FTM)?
Fantom (FTM) is known for its speed and inexpensive layer-1 blockchain. Like other blockchains (for example, Solana (SOL) and Avalanche (AVAX)) that scale better than their counterpart, it has been dubbed an “Ethereum killer.” After raising $40 million in funds, Fantom launched its mainnet in December 2019. Since then, it has grown to become one of the most popular blockchains, sitting in the top 10 blockchains by total value locked (TVL) with $1.3 billion in TVL. Fantom’s high-throughput blockchain is an open-source smart contract platform. It is scalable and EVM-compatible, meaning you can deploy and run your Ethereum decentralized applications …
Ethereum / Sept. 22, 2022