SolSmith tool uncovers 25 miscompilation bugs in Solidity compiler
25 bugs found over 3 years, some hiding for years.
A new paper by researcher Bhargava Shastry introduces SolSmith, a semantics-aware differential fuzz testing tool designed to catch miscompilation bugs in the Solidity compiler—the most popular compiler for Ethereum smart contracts. Over three years of testing, SolSmith discovered 25 previously unnoticed bugs that cause the compiler to produce incorrect code, with some defects hiding for multiple years. These miscompilation bugs can lead to vulnerabilities in smart contracts, potentially costing users millions in lost funds.
SolSmith works by generating valid Solidity test programs that specifically stress-test the compiler's code generation and optimization components. This approach catches bugs missed by routine testing. The paper also provides a qualitative and quantitative analysis of the bugs, classifying them by nature, root cause, and impact on end-users. The findings highlight common pitfalls in optimizing compilers and offer actionable insights for improving compiler testing rigor in blockchain development.
- SolSmith found 25 miscompilation bugs in the Solidity compiler over three years.
- Some bugs went unnoticed for multiple years, posing hidden risks to smart contracts.
- The tool generates valid test programs to stress code generation and optimization components.
Why It Matters
Improving Solidity compiler correctness directly reduces vulnerabilities in Ethereum smart contracts, protecting billions in digital assets.