A new January 8 blog post published by the Ethereum Foundation (EF) shows the bugs found recently in one of the ETH-based smart contracts compilers. The blog post in the ETH news revealed that developers are working on a new implementation of the Vyper compiler due to “multiple serious bugs” in the existing version.
The Vyperlang team also responded and noted that the existing Vyper smart contracts were not affected by these bugs. However, the bugs found in the compiler raised a lot of questions mostly because Vyper is known as an alternative programming language for Ethereum which was originally conceived by Vitalik Buterin. It is meant to focus on being as human-readable as possible, even at the cost of mission some of the more advanced features found in the primary language – Solidity.
Even though it is part of the main Ethereum (ETH) code stack, the compiler has since spun-off into an independent repository following an October 2019 preliminary audit by Consensys Diligence. The report also found that there are 31 bugs found with the Vyper compiler, the software which is translating the language into computer code for the Ethereum Virtual Machine (EVM).
The Ethereum Foundation developers explained in a blog post how they gradually became disillusioned with the Vyper maintainers, noting:
“After a few months of work we were skeptical that the python codebase was likely to deliver on the idea that Vyper promised. The codebase contained a significant amount of technical and architectural debt, and from our perspective it didn’t seem like the existing maintainers were focused on fixing this.”
Even before this report, the Ethereum Foundation team began work on a new Vyper compiler based on the Rust language as the crypto news showed. The decision was motivated by the increased portability to EWASM, a new virtual machine implementation that replaced the EVM which is set to be introduced with Ethereum 2.0.
The bugs found in the Vyper compiler were especially important due to its use in the Ethereum 2.0 deposit contract, which is a critical component of the Proof-of-Stake (PoS) system. However, the developers clarified in a Twitter thread that a separate audit was conducted for the contract which found no unfixed bugs.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post