Secureum Book
  • 🛡️Secureum Bootcamp
    • 🛡️Secureum Bootcamp
    • 🙌Participate
    • 📜History
  • 📚LEARN
    • Introduction
      • 🔷1. Ethereum Basics
        • 1.1 Ethereum: Concept, Infrastructure & Purpose
        • 1.2 Properties of the Ethereum Infrastructure
        • 1.3 Ethereum vs. Bitcoin
        • 1.4 Ethereum Core Components
        • 1.5 Gas Metering: Solving the Halting Problem
        • 1.6 web2 vs. web3: The Paradigm Shift
        • 1.7 Decentralization
        • 1.8 Cryptography, Digital Signature & Keys
        • 1.9 Ethereum State & Account Types
        • 1.10 Transactions: Properties & Components
        • 1.11 Contract Creation
        • 1.12 Transactions, Messages & Blockchain
        • 1.13 EVM (Ethereum Virtual Machine) in Depth
        • 1.14 Transaction Reverts & Data
        • 1.15 Block Explorer
        • 1.16 Mainnet & Testnets
        • 1.17 ERCs & EIPs
        • 1.18 Legal Aspects in web3: Pseudonymity & DAOs
        • 1.19 Security in web3
        • 1.20 web2 Timescales vs. web3 Timescales
        • 1.21 Test-in-Prod. SSLDC vs. Audits
        • Summary: 101 Keypoints
      • 🌀2. Solidity
        • 2.1 Solidity: Influence, Features & Layout
        • 2.2 SPDX & Pragmas
        • 2.3 Imports
        • 2.4 Comments & NatSpec
        • 2.5 Smart Contracts
        • 2.6 State Variables: Definition, Visibility & Mutability
        • 2.7 Data Location
        • 2.8 Functions
        • 2.9 Events
        • 2.10 Solidity Typing
        • 2.11 Solidity Variables
        • 2.12 Address Type
        • 2.13 Conversions
        • 2.14 Keywords & Shorthand Operators
        • 2.15 Solidity Units
        • 2.16 Block & Transaction Properties
        • 2.17 ABI Encoding & Decoding
        • 2.18 Error Handling
        • 2.19 Mathematical & Cryptographic Functions
        • 2.20 Control Structures
        • 2.21 Style & Conventions
        • 2.22 Inheritance
        • 2.23 EVM Storage
        • 2.24 EVM Memory
        • 2.25 Inline Assembly
        • 2.26 Solidity Version Changes
        • 2.27 Security Checks
        • 2.28 OpenZeppelin Libraries
        • 2.29 DAppSys Libraries
        • 2.30 Important Protocols
        • Summary: 201 Keypoints
      • 🔏3. Security Pitfalls & Best Practices
        • 3.1 Solidity Versions
        • 3.2 Access Control
        • 3.3 Modifiers
        • 3.4 Constructor
        • 3.5 Delegatecall
        • 3.6 Reentrancy
        • 3.7 Private Data
        • 3.8 PRNG & Time
        • 3.9 Math & Logic
        • 3.10 Transaction Order Dependence
        • 3.11 ecrecover
        • 3.12 Unexpected Returns
        • 3.13 Ether Accounting
        • 3.14 Transaction Checks
        • 3.15 Delete Mappings
        • 3.16 State Modification
        • 3.17 Shadowing & Pre-declaration
        • 3.18 Gas & Costs
        • 3.19 Events
        • 3.20 Unary Expressions
        • 3.21 Addresses
        • 3.22 Assertions
        • 3.23 Keywords
        • 3.24 Visibility
        • 3.25 Inheritance
        • 3.26 Reference Parameters
        • 3.27 Arbitrary Jumps
        • 3.28 Hash Collisions & Byte Level Issues
        • 3.29 Unicode RTLO
        • 3.30 Variables
        • 3.31 Pointers
        • 3.32 Out-of-range Enum
        • 3.33 Dead Code & Redundant Statements
        • 3.34 Compiler Bugs
        • 3.35 Proxy Pitfalls
        • 3.36 Token Pitfalls
        • 3.37 Special Token Pitfalls
        • 3.38 Guarded Launch Pitfalls
        • 3.39 System Pitfalls
        • 3.40 Access Control Pitfalls
        • 3.41 Testing, Unused & Redundand Code
        • 3.42 Handling Ether
        • 3.43 Application Logic Pitfalls
        • 3.44 Saltzer & Schroeder's Design Principles
        • Summary: 201 Keypoints
      • 🗜️4. Audit Techniques & Tools
        • 4.1 Audit
        • 4.2 Analysis Techniques
        • 4.3 Specification, Documentation & Testing
        • 4.4 False Positives & Negatives
        • 4.5 Security Tools
        • 4.6 Audit Process
        • Summary: 101 Keypoints
      • ☝️5. Audit Findings
        • 5.1 Criticals
        • 5.2 Highs
        • 5.3 Mediums
        • 5.4 Lows
        • 5.5 Informationals
        • Summary: 201 Keypoints
  • 🌱CARE
    • CARE
      • CARE Reports
  • 🚩CTFs
    • A-MAZE-X CTFs
      • Secureum A-MAZE-X
      • Secureum A-MAZE-X Stanford
      • Secureum A-MAZE-X Maison de la Chimie Paris
Powered by GitBook
On this page
  • Assembly Access
  • Yul Syntax
  1. LEARN
  2. Introduction
  3. 2. Solidity

2.25 Inline Assembly

Inline assembly is a way to access the EVM features directly at a low level, and from a security perspective this is important because it bypasses some of the safety features provided by Solidity at a high level language.

Type safety is one such aspect, so if a developer is manipulating in inline assembly, then the corresponding code does not enjoy the type safety benefits provided by the Solidity compiler. The language used by solution for inline assembly is called Yul. This is somewhat of a recent feature.

There have been a lot of developments in the inline assembly support by Solidity in the most recent versions. This sees constant updates. As you look at the most recent versions of Solidity, an inline assembly block is marked using the keyword assembly{...}. The inline assembly code is placed within the curly braces, and is specified in Yul.

Assembly Access

Yul supports assembly access to various features such as the external variables, functions and libraries. Local variables of value type are directly usable in inline assembly, and local variables that refer to memory or calldata evaluate to the variable address and not the value itself, effectively serving as a reference.

For local storage variables or state variables that are also allocated in the storage, a single Yul identifier is not sufficient, because remember that storage has a concept of packing, where multiple variables can share the same storage slot and therefore their address is in two parts: it refers to the slot and the offset within the slot.

Assignments are possible to assembly language variables which allow rich manipulation of these variables within inline assembly. One should take care when manipulating in this aassembly language: one should remember that variables that point to memory or storage changed the pointer itself and not the data and, there are many other rules and restrictions as you can imagine when it comes to manipulating all these aspects within assembly as supported by Yul.

Yul Syntax

Yul supports literals and calls. there are variable declarations that are possible in the form of let x : 7 which declares a new variable x and assigns an initial value of 7 to it.

There are scoping blocks that are supported by Yul, so that multiple blocks can be considered within the assembly blocks. There is rich control flow that is supported using, if, switch and for.

There are also function definitions that are supported by Yul, so that within inline assembly you can have multiple functions that help you modularize code.

Take a look at the developments in the Yul language as supported by Solidity, this is happening at a great speed: there are a lot of features being added to provide a lot of richness and expressiveness by the Yul language for developers who want to code directly in assembly, but like mentioned before from a security perspective this becomes even more critical than programming in Solidity itself because inline assembly is typically considered as very close to the underlying virtual machine.

So in this case, very close to the EVM and, if the internals of the EVM layout and all the nuances with respect to that are not paid attention to, then coding directly in Yul in Solidity's assembly language might result in some serious bugs where the manipulations are not done correctly and corruption happens or maybe even vulnerabilities.

Previous2.24 EVM MemoryNext2.26 Solidity Version Changes

Last updated 1 year ago

📚
🌀