āļ āļēāļĐāļēāđ„āļ—āļĒ
English Indonesia TÞrkçe Deutsch EspaÃąol PortuguÊs PŅƒŅŅÐšÐļÐđ Français Italiano Nederlands Polski اŲ„ØđØąØĻŲŠØĐ āđ„āļ—āļĒ Tiášŋng Viáŧ‡t įđéŦ”äļ­æ–‡ įŪ€ä―“äļ­æ–‡ æ—ĨæœŽčŠž 한ęĩ­ė–ī
ProgrammerSmart's profile picture. https://t.co/1QN0tguH9c https://t.co/9Is13KVO2c https://t.co/k6t3JMxZen https://t.co/LLkIeiANtk
ðŸļSmartðŸļContractðŸļProgrammerðŸļ
@ProgrammerSmart
5 āļ.āļĒ.

Idea for making solidity contracts more secure. 1. Sprinkle your code with asserts 2. Stripe it away with the compiler for production build Example (not tested) Failing asserts crash the program in unit and fuzz tests. When PROD = true, compiler + optimizer removes Dev.check

ProgrammerSmart's tweet image. Idea for making solidity contracts more secure. 1. Sprinkle your code with asserts 2. Stripe it away with the compiler for production build Example (not tested) Failing asserts crash the program in unit and fuzz tests. When PROD = true, compiler + optimizer removes Dev.check
7
6
97
33
5āļžāļąāļ™
no_side666's profile picture. Dictator of @dreamstack_xyz Smart Contracts optimization and advice Artist/Dev of MeatKites. MeatKites only official twitter https://t.co/W7tcNfkmgQ
no_side
@no_side666
6 āļ.āļĒ.

This is not good advice. It's generally considered insecure and bad practice to mix testing concerns within production contracts. One of the top causes of bugs are copying/pasting/adding/removing code. If you have code or macros that are toggled depending on environment, youâ€Ķ

1
0
3
0
93
ProgrammerSmart's profile picture. https://t.co/1QN0tguH9c https://t.co/9Is13KVO2c https://t.co/k6t3JMxZen https://t.co/LLkIeiANtk
ðŸļSmartðŸļContractðŸļProgrammerðŸļ
@ProgrammerSmart
6 āļ.āļĒ.

Thanks. It's definitely not an advice. It's an idea maybe worth exploring? I don't see the disadvantage. Testing can still be execised properly. Test with PROD = false and then test with PROD = true

0
0
1
0
73
idontmintrugs's profile picture. SR || dev || collab manager || writer || gym rat🏋ïļ
chobby
@idontmintrugs
19 āļ.āļĒ.

if we add asserts while writing the actual code, will there be any need to test it? or are you saying that by doing this we code and test at once? genuinely trying to understand your point of view here

1
0
0
0
26
ProgrammerSmart's profile picture. https://t.co/1QN0tguH9c https://t.co/9Is13KVO2c https://t.co/k6t3JMxZen https://t.co/LLkIeiANtk
ðŸļSmartðŸļContractðŸļProgrammerðŸļ
@ProgrammerSmart
19 āļ.āļĒ.

Yes, tests are needed. The purpose is to check parts of code (during testing) that are difficult to check. For example, tests can check the initial and final states after function calls but it's difficult to test the intermediate steps.

1
0
0
0
16
MidvelCorp's profile picture. 🇚ðŸ‡Ķ Art & Code || CEO & Co-Founder in Ecliptic Security || CTO & Security Advisor @woof_software || Web3, blockchain, fintech, security, big data
Pavlo Midvel 🇚ðŸ‡Ķ
 @MidvelCorp
5 āļ.āļĒ.

Finally, regular practices from C++/Rust are making their way to web3. It is a bit of re-inventing a wheel, but it is a solid practice which is proven by time in web2, I vote for it.

0
0
2
0
160
UnityGameStart's profile picture.
s
 @UnityGameStart
6 āļ.āļĒ.

Assert should only be used to test for internal errors, and to check invariants.

0
0
1
0
41
__alexlazar__'s profile picture.
Alex Lazar
 @__alexlazar__
9 āļ.āļĒ.

This is interesting, but also I can see it biting back. Example: in Rust in debug mode underflows/overflows panic, in prod mode they don't. I've had it before that someone didn't know this and wrote code that would underflow but they thought it'd panic and they were safe.

0
0
1
0
31
viktoronweb3's profile picture. ðŸĶ„ Uniswap v4 maestro. ðŸ•ĩïļâ€â™‚ïļ Master of cryptographic warfare. Turning "assumptions" into attack vectors
Viktor on Web3 ðŸ‡Ķ🇷 @DevConnect
 @viktoronweb3
5 āļ.āļĒ.

thanks for innovating a new security standard

0
0
1
0
169
United States āđ€āļ—āļĢāļ™āļ”āđŒ

Something went wrong.


Something went wrong.