sudo init vyper
@big_tech_sux
Followers
3K
Following
12K
Media
364
Statuses
3K
Honestly, feels pretty good to have your work start to be recognized, especially after a ton of really tough work to clean up code and abstractions behind the scenes to ensure compiler correctness, enable performant codegen and iteration on features more quickly. /.
10
14
171
don't sleep on @vyperlang. i am dead set on getting vyper to:.- best UX/devex for sc langs.- safest+most performant lang for EVM programming .- highest use sc lang for new projects. in the next 6-12 months.
6
12
165
it's done. the dream is a reality. and the impedance/friction between @vyperlang and python is SO. LOW. a native scripting environment for your smart contracts!
9
31
159
sanctioning TC is like banning doing math together. quick reminder that TC is a completely autonomous smart contract based on zk SNARKS. the best physical analogy is like, imagine there were a magical physical location /.
5
21
151
line profiler for titanoboa just dropped. quickly check your per-line gas usage for vyper contracts
16
13
160
hosted vyper dev experience on jupyter, anybody can log in (with github auth)
17
22
144
i can't believe we need to defend financial privacy. anybody who thinks that financial privacy == money laundering, i invite you right now to tweet or otherwise publicize:. - your bank account balance(s).- all bank / credit card statements and financial records for all time.
Starting a thread of reasons you might want financial privacy. - You're buying birth control and are afraid it might become illegal at a later date. - You're paying dues at a religious institution that may be the target of hate.
3
24
123
henlo, smol update -- today we are releasing @vyperlang v0.3.4! this release contains a bunch of QOL improvements including:.- abi decoding.- enums.- uint2str.- support for new (ERC5202) factory patterns. and many more updates. full release notes at /.
12
24
91
you need to be compliance maxxing, you need to be tracking users on at least 3 different 3rd party platforms, you need to be censoring minimal risk addresses, you need to be interpreting the law more aggressively than OFAC themselves, embrace pre-emptive compliance.
6
11
95
smol announcement: vyper 0.3.9 has been released! originally we were going to go straight to vyper 0.4.0, which would include a module system and be a breaking change. unfortunately life had other plans for me and i spent most of the last 8 months recovering from (separate, but /.
2
15
98
what a day. a lot of analysis has already been posted on twitter, but will follow up with full post mortem and further steps on the vyper side once things settle down.
3
9
92
fun new titanoboa integration with jupyter notebooks: signing via browser! best of both worlds - write, debug, test and deploy @vyperlang contracts all from the comfyness of a jupyter notebook! ๐คฏ. if you want to give it a spin, check it out at
9
17
87
added an eval function to titanoboa so you can quickly see what a given vyper expression does - no need to spin up an entire contract to check small pieces of behavior!
6
11
82
so. finally releasing 0.3.2(!). the main goal for this release was full ABI compatibility with solidity. all solidity interfaces are now natively supported in @vyperlang!. (also we put in the work toย support a non-EVM backend. so that should be dropping soon!).
4
17
79
i want to point out that training copilot on github-hosted projects is such a massive IP and privacy violation, not to mention likely being super violation of basically all copyleft licenses. folks working for big tech who criticize crypto, i don't even want to hear it. garbage.
and there it is. github takes all our free code, puts it in a blender, uses us for free QA on the result, and finally turns around and charges for it.
2
4
69
so will release an official&long-form post-mortem later this week but first, short update on bird app. the incident analysis was largely covered in so i won't re-cover that./.
We've published a postmortem of the recent reentrancy exploit that resulted in loss of LP funds in several Curve pools:.
4
28
72
didn't quite get 30x but - new architecture gets another 14x for a total of ~212x /
@BowTiedDevil i might have a way to get another 30x, stay tuned.
6
5
68
current status:. - ~75% of funds recovered.- rapidly improving FV story for vyper. working with multiple teams, we may have multiple backends soon :).- many auditor eyes on vyper - bug bounties+competitions as early as next week
additionally, keep an eye out for more details in the coming days regarding bug bounty programs and contests for @vyperlang. working closely with @immunefi and @CodeHawks on this front!.
3
13
66
@vyperlang v0.3.10 is out! is a performance focused release, featuring O(1) selector tables ๐ฑ as well as a codesize/gas optimization switch. v0.3.10 also went through substantial review by both @chain_security and @osec_io, making it the most heavily /.
4
14
61
teaser of slides from my talk tomorrow because i am unhinged and don't answer to anybody. #vyperday #devconnect2023 #istanbul
5
9
64
Surprised by how few people seem to know that formatting your solidity code this way will coax it to using the @vyperlang compiler for gas savings
Surprised by how few people seem to know that correctly placing commas in your function signatures saves huge amounts of gas. The compiler recognizes the superior aesthetics and rewards you by removing a bunch of extraneous opcodes.
3
6
57
reminder to vote for @vyperlang in retropgf! we have been doing a lot of stuff lately (security, features, code competition) and we could use the funding. if you're a badgeholder, please vote!.
6
19
61
ABIv2 quick reference. this is all stuff from the ABI spec but it has a reputation for being a bit hard to approach so I wanted to make a more friendly explanation. (hope to catch all cases but going for readability over precision here).
3
11
52
titanoboa now supports interacting with ethereum nodes! this means you can interact with contracts, and yes, deploy contracts using titanoboa! hardhat, anvil, alchemy, geth and erigon *should* work. not only that, it has feature parity with local titanoboa, so all features you /
should titanoboa add deployment / chain interaction functionality (even if it does not have feature parity with the local environment)?.a) definitely.b) only if it gets feature parity, otherwise it will be too confusing.c) no - boa should be simulation only!.
6
11
54
three ways of naming projects.- animals: vyper, titanoboa, defillama.- industrial: hardhat, foundry, anvil.- food: java, truffle, brownie.
6
5
53
i've decided to take a step back from working on day-to-day coding at @vyperlang and will go into advisory roles at various defi teams ๐งต๐ /.
9
1
54
here's a demo of how to use opcode patching to implement TLOAD/TSTORE with titanoboa. it uses a patched vyper which has full support for the transient keyword. note it didn't require any changes to titanoboa, it's all implemented using native facilities!
anybody interested in a demo of TLOAD/TSTORE?.
5
11
55
some titanoboa updates :) after demonstrated to me the potential of interpretedย @vyperlangย i got quite excited and started prototyping a "classic" interpreter - walking the AST+executing the language semantics at each step. /.
3
12
53
the response has been kind of incredible actually. working with multiple teams to prevent this kind of thing (to the extent possible) from happening again. from better tooling+more eyes on compiler to even non-technical/economic ideas around mitigating risk. please stay tuned!.
@ameensol A huge involuntary investment was just made into vyper. Anyone can start a new language, but they can't replace the shared trauma and lessons that the vyper ecosystem was gifted yesterday.
1
5
53
many titanoboa features have come as a direct result of requests from the curve team - please thank them for pushing titanoboa's feature set ๐! and as a result, the stablecoin repo is a great example of modern vyper and idiomatic titanoboa usage. highly recommend taking a look!.
Most importantly, the entire test suite started off using Brownie, and eventually got ported to @vyperlangโs Titanoboa. If you want to learn how to test contracts in python, this should be excellent study material.
3
5
53
ok i need MODULES TO GO UP. every day i am checking vyperlang github, no modules commits. every day, check github, see create2 commits, abi_decode commits, enum commits. NO MODULE COMMITS. i can't take this anymore. i need modules to GO UP ALREADY. can devs DO SOMETHING.
3
7
49
titanoboa now connects to @0xFrame natively! just use `boa.env.add_accounts_from_rpc(" http://localhost:1248")`.
#titanoboa #vyperlang #fun
๐ Connecting to Frame's local RPC Endpoint. Frame is full of unique features for both users and developers. In just a few steps, weโll explore how you can use our local RPC endpoint to get the most of Frame's capabilities!
4
16
50
btw want to point out that "assembly" blocks in solidity are a bit of a misnomer. usually assembly gives access to stack and control flow instructions, yul does not. this is one reason vyper can outperform seemingly well-optimized yul, because yul is still a high level language /.
1
1
50
by the way, i want to add emphasis that after the events of jul 30, we have tripled down on security efforts at vyper, not just in words but in follow through as well. a vyper audit contest is currently ongoing with @CodeHawks (funded with $160k total prize pool, /.
@vyperlang v0.3.10 is out! is a performance focused release, featuring O(1) selector tables ๐ฑ as well as a codesize/gas optimization switch. v0.3.10 also went through substantial review by both @chain_security and @osec_io, making it the most heavily /.
2
8
49
1. add IR interpreter to titanoboa.2. optimize.3. 15x faster.4. profit
4
6
46
an alternative to shadow blocks at the language level: shadow-type events which don't get emitted in production code but do get emitted in "shadow mode".
Weโre proposing ERC-7571 ๐. A standardized syntax for shadow events within Ethereum smart contracts to make it easier for them to be specified, discovered, and fetched by any offchain developer tools or infrastructure.
9
6
47
ok that was a bit easier than expected actually
@fubuloubu might have dedicated jupyter support for vyper soon too ๐ (like define a vyper contract in one cell, debug it in next cell).
1
8
45
found em
2
1
46
gas optimization is really a race to zero -- eventually everyone needs to compete on devex.
2
3
42
titanoboa now has user definable precompiles! you can think of these as "user-defined cheats" (per foundry vocabulary). here is a simple example which prints the sender to stdout. anything that is possible in python is possible here including tracing, http requests, and more /
@gakonst oh, you just gave me an idea for titanoboa.
5
3
43
And that's just scratching the surface! Plus, planning/ in progress on a whole slew of features which should be very exciting for experienced and budding sc devs alike. Here's to the future of @vyperlang and the next generation of smart contract development! ๐๐๐.
0
0
43
benefits of an interpreter -- no EVM overhead. performance win AND simplifies tooling dependencies. don't need an EVM in order to test code! IDE does not need an EVM! can use pytest to test code!.
so i guess this answers the question of what to do with prototype is starting to take shape!.
1
6
41
.@bantg thanks for the prototype -- now added to titanoboa! all contracts now trace and enumerate their storage including mappings, just grab it with <my contract>._storage.<storage_var>.get()
posted a prototype here.
3
5
40
bit of a break from TC news: filter revert reasons with `boa.reverts()` today!. this is a very general mechanism which allows you to filter on physical revert strings, brownie- or natspec/doxygen- style dev reason strings -- and even compiler generated checks!
1
5
36
Not very many people know this but the @vyperlang compiler doesn't actually do any compiling. It actually uploads your code to a server where a group of graduate students hand compile your code to assembly.
4
1
35
It's no accident for instance that we could add transient storage to the language in ~20(!) lines of code, host a dedicated interpreter for the language or generate the best bytecode size in the industry despite having an incredibly small team. /.
1
1
39
in software development, being able to quickly debug issues as they happen is super important! for that reason, titanoboa is adding storage dumps to tracebacks so it's crystal clear where things are going wrong without having to manually inspect every variable in your contract.
.@bantg thanks for the prototype -- now added to titanoboa! all contracts now trace and enumerate their storage including mappings, just grab it with <my contract>._storage.<storage_var>.get()
0
6
37
GPT-3 implements compilers in the language of your choice now
2
6
33
how it started (comms dated Jun 14 22) vs how it's going
5
8
36
finally, a quick shout-out to @chain_security! this release involved some optimizer refactoring and so we took a bit more time than usual between feature freezing and release to have some expert eyes on our code. we are happy to report that nothing major was found. /.
6
5
32
paired release of titanoboa - in case you haven't been following along with the dev version, this includes!. - per line gas profiling.- user-definable precompiles.- opcode patching.- pattern matching for revert checking.- mainnet forking.- smol bugfixes :).
5
6
34
i should learn vyper.
2
4
33
devs did something!
1
12
24
what do compiler engineers do on friday night? annotated revert reasons - with no runtime overhead ("dev revert reasons")!. note these are now provided courtesy of the compiler so the interpreter does not have to rely on heuristics to guess what the reason was.
2
3
34
fun new titanoboa feature - dynamic function injection! this is a testing-oriented feature which goes beyond dynamic evaluation of simple expressions. you can now patch entire functions into your contract without changing the contract source!
1
6
32
you need to be language maxxing. you need a new language for every program, you need to implement a new compiler for every project. you need compilers for your interpreters' compilers, you need to be swapping out runtimes at runtime.
2
2
32
you can try it out here! please be a lab rat :). the work remaining going forward is to make the API more powerful+user-friendly. submit feature requests and bug reports! @vyperlang team will try to keep abreast ;).
7
6
32
- all cash transactions you have ever conducted.- all your receipts.- current contents of your wallet. if your reaction to this was "none of your business" -- yes. yes, that is the point.
0
0
28
internal functions are now exposed as part of the contract interface in titanoboa! test internal functions directly without exposing shim external wrappers (that need to be disabled before production)!. very nice work by @_bout3fiddy_ on the implementation!
4
4
30
titanoboa v0.1.8 released today -- it has the necessary changes to be compatible with vyper 0.3.10! it also officially releases some features you may have been playing with already, including:.
3
5
29
first tload/tstore reentrancy guards? ๐.
first blobs have landed on sepolia! ๐ต๐ต๐ต.
4
4
27
i created some template licenses which *explicitly* forbid this kind of usage without relying on theoretical IP/copyright justifications. Anybody can copy paste them into their projects! (IANAL but will run it by some lawyer friends.).
i want to point out that training copilot on github-hosted projects is such a massive IP and privacy violation, not to mention likely being super violation of basically all copyleft licenses. folks working for big tech who criticize crypto, i don't even want to hear it. garbage.
2
8
28
if you're interested in web3 infra/tooling or jupyter internals, i highly recommend giving this a read. don't be fooled by how easy @danielschiavini made the code look in his PR either -- some tough integration problems were solved here with some very slick engineering!.
My work on the Vyper integration with JupyterLab Notebooks and Google Colab has just been merged ๐. Check out the full report and some highlights below ๐: ๐งต1/5.
6
3
26
so i've been benchmarking transient storage in revm (thanks for help from @rakitadragan) and it seems a single tstore is at least 10x faster than a single sha3. however, it is *priced* to be 3.3x more expensive(!) than a single sha3. what should we do?.
7
0
29
official slither support for @vyperlang, plus echidna and medusa support come "for free" ๐. try it out!
Slither now supports Vyper and includes 5 new detectors, thanks to @vyperlang and @dguido ๐. Foundry UX is also much improved: tests and scripts are now excluded, and Slither can run on single files.
0
7
28
oh by the way, if compile times go way down with vyper 0.3.4 -- not a mistake. a compile-time blowup was identified, large contracts near the 24kb limit may have something like 90% of compile-time shaved off. (looking at certain power users @CurveFinance ).
0
3
26
decided to take it a bit further and add opcode patching. with boa.patch_opcode, you can patch arbitrary opcode implementations into the VM. this is useful for very fine grained tests! as an example, here is titanoboa's sstore, which traces all touched storage slots by address.
titanoboa now has user definable precompiles! you can think of these as "user-defined cheats" (per foundry vocabulary). here is a simple example which prints the sender to stdout. anything that is possible in python is possible here including tracing, http requests, and more /
5
2
30
so, *raises hand*, dumb question but how does an exchange that specializes in margin trading . not know how much margin is being used?.
5) The full story here is one I'm still fleshing out every detail of, but as a very high level, I fucked up twice. The first time, a poor internal labeling of bank-related accounts meant that I was substantially off on my sense of users' margin. I thought it was way lower.
4
1
29
you don't even need a t shirt to get a copy of the TC code or distribute it. just literally run a node. it is on all nodes all around the world!.
2
2
24
pretty tracebacks, dev revert reasons, and now function frame inspection. what are you waiting for, anon!
0
3
27
here's a fun example showing that pure computations only used inside the log can get entirely optimized out ๐ฑ
an alternative to shadow blocks at the language level: shadow-type events which don't get emitted in production code but do get emitted in "shadow mode".
2
4
25
optimizors: i don't think folks are generally aware of how much @vyperlang's codegen has progressed in the last year or so. to demonstrate, here's a quick puzzle! match the contract to the generated code: (vyper 0.3.2, solc 0.8.13 --optimize --via-ir)
2
4
24
