September 8, 2023: Don't Step on Snek ππ
Vyper 0.3.10 release candidate published
Weβre over a month out from the tragic Vyper exploit. On the crypto time horizon, itβs starting to feel like a far-off memory.
What could have been a mortal wound to the project instead caused the compilerβs contributors to simply redouble their efforts. As a result, weβve seen a ton of developments from the snekpit.
Vyper 0.3.10βs release candidate has been published, and itβs a big update.
Among the notable features, the O(1) selector tables are worth reading into. The problem being solved is the efficiency of searching for selectors, which is currently done via a linear search.
As seen in columns C/D, the current process of a linear search can be very intensive, chewing up over 1800 gas in extreme cases (such as TriCrypto).
The pull request solves this problem in two ways. The first, focused on gas optimization, divvies selectors up into several buckets, then guesses which bucket itβs likely to fall into and runs a linear search on the smaller subset. The second labels each bucket with a magic number to assist in lookup, which keeps gas costs constant in favor of optimizing the bytecode length.
Both methods produce marked savings in gas efficiency for complex contracts. The latter method produces improvements across the board in bytecode length, but costs a bit more gas for less complex contracts. See the full repo for more details on how it works.
As a casual programmer, how should you choose? Easy! The new Vyper release will also include an βoptimize flag, which can be set to optimize for either gas or codesize
Worth reading through the entire pull request. If you fear that itβs mystic voodoo computer code, disabuse yourself of that notion. Its purpose is to make things easier.
Vyper is intended to be friendly and comprehensible to the typical reader, otherwise it might be authored in a more opaque language than Python.
This outstanding article walks through all the magic that happens under the hood when Vyper compiles human-readable code into node-readable bytecode.
Meanwhile, support for Vyper from the broader ecosystem is starting to pick up. Slither, which provides a suite of vulnerability detectors for Solidity contracts, is offering full Vyper support.
Next up, Echidna.
Plus greater support within Ape Framework
Whoβs making all of this possible? Recently, Lido approved a grant to beef up security funding.
Very few people appear to have picked up on the βalfaβ from our recent Llama Party, during which Vyper core contributor big_tech_sux discussed a possible revenue stream for Vyper. Weβve timestamped where the discussion starts here for those too lazy to listen through the whole thing.