Understanding Typing-Related Bugs in Solidity Compiler

TL;DR

This paper conducts the first systematic empirical study on typing-related bugs in the Solidity compiler, analyzing 146 bugs to reveal patterns, causes, and fix strategies, with implications for improving compiler security.

Contribution

It provides a comprehensive classification and analysis of typing-related bugs in Solidity, offering new insights into their characteristics and guiding better detection and fixing methods.

Findings

Identified key distribution patterns of bugs

Classified root causes and exposure conditions

Summarized 12 core findings on bug characteristics

Abstract

The correctness of the Solidity compiler is crucial for ensuring the security of smart contracts. However, the implementation complexity of its type system often introduces elusive defects. This paper presents the first systematic empirical study on typing-related bugs in the Solidity compiler. To systematically analyze these bugs, we collected 146 officially confirmed and fixed typing-related bugs from the official GitHub repository of Solidity compiler. For each bug, we conducted an in-depth analysis and classification from four dimensions: symptoms, root causes, exposure conditions, and fix strategies. Through this study, we reveal unique distribution patterns and key characteristics of such bugs, and summarize 12 core findings. We additionally give the implications of our findings, and these implications not only deepen the understanding of inherent weaknesses in the Solidity compiler but also provide new insights for detecting and fixing typing-related bugs in the Solidity compiler.