A key innovation of the Lity compiler and virtual machine is that they are proactive in preventing common smart contract security issues. We have categorized known security issues with Ethereum Solidity smart contracts, extracted common coding patterns that lead to those issues, and installed checks for those patterns in both the Lity language compiler and the virtual machine. We believe that 95% of smart contract bugs that lead to money loss on Ethereum will not occur in the first place on the CyberMiles blockchain.
The ERC checker is a Lity compiler facility to make sure that smart contract source code correctly complies to the ERC standards they claim to implement. This analysis is done at the source code level by the compiler.
After the Lity compiler generates the bytecode for the smart contract, it automatically runs the Oyente static analysis tool to check for common security issues, such as call stack bugs, reentrancy issues, time dependency, and concurrency bugs. Oyente has a library of rules, which is frequently updated to check for new security issues.
One of the most common security issues in Ethereum smart contracts is integer overflow. Lity proactively eliminates the opportunities for integer overflow in smart contract code. Specifically, Lity takes a two-pronged approach to prevent integer overflow at both source code and execution runtime levels.
safeuintdata type for safe integers. All
safeuintoperations are automatically wrapped in SafeMath functions and hence are protected from overflows. Because of that,
safeuintis Lity’s recommended data type to represent token or coin amounts.