gilbert pfp

gilbert

@0xgib

105 Following
217 Followers


gilbert pfp
gilbert
@0xgib
On Solana, you can have a single transaction that makes multiple top-level program calls. In contrast, an EVM tx only supports sending calldata to a single contract address.
1 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
Security question: If deploying a contract can take 100-1000x transactions, then how does upgrading a contract work for that same number of transactions? Will the contract still function? As its old version? Or do you upload to a buffer and switch to it in 1 tx instead?
1 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
Raise your hand and drop a link if your company survived the crypto bear market 👋
1 reply
0 recast
3 reactions

gilbert pfp
gilbert
@0xgib
EVM smart contracts don't really have a max size, since an SSTORE opcode has an entire 256 bits of address space to write to (in theory, anyway) Solana accounts have a max size of 10 MiB, which must be incremented to via the limit of 10 KiB per instruction.
0 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
"Deploying a program on Solana requires hundreds, if not thousands of transactions, due to the max size limit of 1232 bytes for Solana transactions" 🧐🧐🧐 https://solana.com/docs/programs/deploying
3 replies
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
In a Solana transaction, a program cannot arbitrarily read data from just any address. You MUST specify which accounts you wish to read from, upfront, BEFORE the program even begins to run 😦 https://warpcast.com/0xgib/0xa0a411ba
2 replies
0 recast
0 reaction

gilbert pfp
gilbert
@0xgib
Correction: Rent doesn't really exist anymore as a mechanism in Solana. As of June 2022, all storage MUST deposit 2 years worth of "rent" to be accepted on-chain. "Deposit" means you get it back when you delete that same storage. https://warpcast.com/0xgib/0x5247264a
0 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
Solana storage fees are not one-and-done. You have to pay "rent" over time to maintain that data's persistence on-chain. If you don't pay, your data could get garbage collected 🗑️
1 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
By default, Solana programs are upgradable 😮 The deployer can update the program bytecode at any time This feature is built into Solana, so no proxy patterns are required
1 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
Useful (EVM → Solana) Terms EOA → User account Opcode → Instruction Address → Account Gas limit → Compute budget Wei, 1e-18 → Lamport, 1e-9 External call → Cross-program invocation (CPI) Smart contract → Program; executable account 1/n
3 replies
0 recast
7 reactions

gilbert pfp
gilbert
@0xgib
Not related to security, but in Solana they're called "programs" not "smart contracts" 🙊
0 reply
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
Solana programs ("executable accounts") don't contain their own data. Instead, they spawn and exclusively own "non-executable accounts" whose only purpose is to hold data. They write data to user accounts too (also considered non-executable), but supposedly this is less flexible. https://warpcast.com/0xgib/0xa0a411ba
0 reply
0 recast
2 reactions

gilbert pfp
gilbert
@0xgib
Hey all, I'm the author of LearnEVM.com I'm diving into Solana this month. If you're curious, you can follow my progress on /solana-security Should be interesting if you want to learn security facts from the perspective of the EVM 🤓
1 reply
1 recast
2 reactions

gilbert pfp
gilbert
@0xgib
diving into solana this month, you can follow my progress on /solana-security
0 reply
0 recast
3 reactions

gilbert pfp
gilbert
@0xgib
The Solana program call stack limit is 64 However, programs calling other programs is limited to a depth of 4
1 reply
0 recast
2 reactions

gilbert pfp
gilbert
@0xgib
`ecrecover`-like operations are built-in on Solana. You can check if an involved account signed the current transaction by checking the `foo_account.is_signer` boolean
1 reply
0 recast
3 reactions

gilbert pfp
gilbert
@0xgib
Solana account data can be read by any on-chain program. This is unlike an EVM smart contract's data which is encapsulated, and thus only accessible on-chain if the sc chooses to expose it
1 reply
0 recast
2 reactions

gilbert pfp
gilbert
@0xgib
tried uninstalling and reinstalling, now hubble thinks it doesn't have enough ram? (I have 96GB)
2 replies
0 recast
1 reaction

gilbert pfp
gilbert
@0xgib
The trend of frames having their main link go to a blank page is interesting because it trains users to not click and only consider interacting with the frame's buttons 🤔
1 reply
0 recast
5 reactions

gilbert pfp
gilbert
@0xgib
can we pin casts to our profile or a channel? would be useful for frames
1 reply
0 recast
0 reaction