Solidity 官方文档中文版(二)

Solidity Assembly





  • 允许函数风格的操作码:mul(1, add(2, 3))等同于push1 3 push1 2 add push1 1 mul
  • 内联局部变量:let x := add(2, 3) let y := mload(0x40) x := add(x, y)
  • 可访问外部变量:function f(uint x) { assembly { x := sub(x, 1) } }
  • 标签:let x := 10 repeat: x := sub(x, 1) jumpi(repeat, eq(x, 0))
  • 循环:for { let i := 0 } lt(i, x) { i := add(i, 1) } { y := mul(2, y) }
  • switch语句:switch x case 0 { y := mul(x, 2) } default { y := 0 }
  • 函数调用:function f(x) -> y { switch x case 0 { y := 1 } default { y := mul(x, f(sub(x, 1))) } }

下面将详细介绍内联编译(inline assembly)语言。




  1. pragma solidity ^0.4.0;
  2. library GetCode {
  3. function at(address _addr) returns (bytes o_code) {
  4. assembly {
  5. // retrieve the size of the code, this needs assembly
  6. let size := extcodesize(_addr)
  7. // allocate output byte array - this could also be done without assembly
  8. // by using o_code = new bytes(size)
  9. o_code := mload(0x40)
  10. // new "memory end" including padding
  11. mstore(0x40, add(o_code, and(add(add(size, 0x20), 0x1f), not(0x1f))))
  12. // store length in memory
  13. mstore(o_code, size)
  14. // actually retrieve the code, this needs assembly
  15. extcodecopy(_addr, add(o_code, 0x20), 0, size)
  16. }
  17. }
  18. }


  1. pragma solidity ^0.4.0;
  2. library VectorSum {
  3. // This function is less efficient because the optimizer currently fails to
  4. // remove the bounds checks in array access.
  5. function sumSolidity(uint[] _data) returns (uint o_sum) {
  6. for (uint i = 0; i < _data.length; ++i)
  7. o_sum += _data[i];
  8. }
  9. // We know that we only access the array in bounds, so we can avoid the check.
  10. // 0x20 needs to be added to an array because the first slot contains the
  11. // array length.
  12. function sumAsm(uint[] _data) returns (uint o_sum) {
  13. for (uint i = 0; i < _data.length; ++i) {
  14. assembly {
  15. o_sum := mload(add(add(_data, 0x20), mul(i, 0x20)))
  16. }
  17. }
  18. }
  19. }


内联编译语言也会像Solidity一样解析注释,字面量和标识符。所以你可以使用///**/的方式注释。内联编译的在Solidity中的语法是包裹在assembly { ... },下面是可用的语法,后续有更详细的内容。

  • 字面量。如0x12342abc(字符串最多是32个字符)
  • 操作码(指令的方式),如mload sload dup1 sstore,后面有可支持的指令列表
  • 函数风格的操作码,如add(1, mlod(0)
  • 标签,如name:
  • 变量定义,如let x := 7let x := add(y, 3)
  • 标识符(标签或内联局部变量或外部),如jump(name)3 x add
  • 赋值(指令风格),如,3 =: x
  • 函数风格的赋值,如x := add(y, 3)
  • 支持块级的局部变量,如{ let x := 3 { let y := add(x, 1) } }







操作码 说明
stop - stop execution, identical to return(0,0)
add(x, y)   x + y
sub(x, y)   x - y
mul(x, y)   x y
div(x, y)   x / y
sdiv(x, y)   x / y, for signed numbers in two’s complement
mod(x, y)   x % y
smod(x, y)   x % y, for signed numbers in two’s complement
exp(x, y)   x to the power of y
not(x)   ~x, every bit of x is negated
lt(x, y)   1 if x < y, 0 otherwise
gt(x, y)   1 if x > y, 0 otherwise
slt(x, y)   1 if x < y, 0 otherwise, for signed numbers in two’s complement
sgt(x, y)   1 if x > y, 0 otherwise, for signed numbers in two’s complement
eq(x, y)   1 if x == y, 0 otherwise
iszero(x)   1 if x == 0, 0 otherwise
and(x, y)   bitwise and of x and y
or(x, y)   bitwise or of x and y
xor(x, y)   bitwise xor of x and y
byte(n, x)   nth byte of x, where the most significant byte is the 0th byte
addmod(x, y, m)   (x + y) % m with arbitrary precision arithmetics
mulmod(x, y, m)   (x y) % m with arbitrary precision arithmetics
signextend(i, x)   sign extend from (i8+7)th bit counting from least significant
keccak256(p, n)   keccak(mem[p…(p+n)))
sha3(p, n)   keccak(mem[p…(p+n)))
jump(label) - jump to label / code position
jumpi(label, cond) - jump to label if cond is nonzero
pc   current position in code
pop(x) - remove the element pushed by x
dup1 … dup16   copy ith stack slot to the top (counting from top)
swap1 … swap16 swap topmost and ith stack slot below it
mload(p)   mem[p..(p+32))
mstore(p, v) - mem[p..(p+32)) := v
mstore8(p, v) - mem[p] := v & 0xff - only modifies a single byte
sload(p)   storage[p]
sstore(p, v) - storage[p] := v
msize   size of memory, i.e. largest accessed memory index
gas   gas still available to execution
address   address of the current contract / execution context
balance(a)   wei balance at address a
caller   call sender (excluding delegatecall)
callvalue   wei sent together with the current call
calldataload(p)   call data starting from position p (32 bytes)
calldatasize   size of call data in bytes
calldatacopy(t, f, s) - copy s bytes from calldata at position f to mem at position t
codesize   size of the code of the current contract / execution context
codecopy(t, f, s) - copy s bytes from code at position f to mem at position t
extcodesize(a)   size of the code at address a
extcodecopy(a, t, f, s) - like codecopy(t, f, s) but take code at address a
returndatasize   size of the last returndata
returndatacopy(t, f, s) - copy s bytes from returndata at position f to mem at position t
create(v, p, s)   create new contract with code mem[p..(p+s)) and send v wei and return the new address
create2(v, n, p, s)   create new contract with code mem[p..(p+s)) at address keccak256(. n . keccak256(mem[p..(p+s))) and send v wei and return the new address
call(g, a, v, in, insize, out, outsize)   call contract at address a with input mem[in..(in+insize)) providing g gas and v wei and output area mem[out..(out+outsize)) returning 0 on error (eg. out of gas) and 1 on success
callcode(g, a, v, in, insize, out, outsize)   identical to call but only use the code from a and stay in the context of the current contract otherwise
delegatecall(g, a, in, insize, out, outsize)   identical to callcode but also keep caller and callvalue
staticcall(g, a, in, insize, out, outsize)   identical to call(g, a, 0, in, insize, out, outsize) but do not allow state modifications
return(p, s) - end execution, return data mem[p..(p+s))
revert(p, s) - end execution, revert state changes, return data mem[p..(p+s))
selfdestruct(a) - end execution, destroy current contract and send funds to a
invalid - end execution with invalid instruction
log0(p, s) - log without topics and data mem[p..(p+s))
log1(p, s, t1) - log with topic t1 and data mem[p..(p+s))
log2(p, s, t1, t2) - log with topics t1, t2 and data mem[p..(p+s))
log3(p, s, t1, t2, t3) - log with topics t1, t2, t3 and data mem[p..(p+s))
log4(p, s, t1, t2, t3, t4) - log with topics t1, t2, t3, t4 and data mem[p..(p+s))
origin   transaction sender
gasprice   gas price of the transaction
blockhash(b)   hash of block nr b - only for last 256 blocks excluding current
coinbase   current mining beneficiary
timestamp   timestamp of the current block in seconds since the epoch
number   current block number
difficulty   difficulty of the current block
gaslimit   block gas limit of the current block



  1. assembly { 2 3 add "abc" and }




  1. 3 0x80 mload add 0x80 mstore



  1. mstore(0x80, add(mload(0x80), 3))

函数风格的表达式不能在内部使用指令风格,如1 2 mstore(0x80, add)将不是合法的,必须被写为mstore(0x80, add(2, 1))。那些不带参数的操作码,括号可以忽略。






  • 调用者推入返回的label,arg1,arg2, … argn
  • 调用返回ret1,ret2,…, retm


  1. pragma solidity ^0.4.11;
  2. contract C {
  3. uint b;
  4. function f(uint x) returns (uint r) {
  5. assembly {
  6. r := mul(x, sload(b_slot)) // ignore the offset, we know it is zero
  7. }
  8. }
  9. }



  1. {
  2. let n := calldataload(4)
  3. let a := 1
  4. let b := a
  5. loop:
  6. jumpi(loopend, eq(n, 0))
  7. a add swap1
  8. n := sub(n, 1) jump(loop) loopend: mstore(0, a) return(0, 0x20) }



  1. {
  2. let x := 8
  3. jump(two)
  4. one:
  5. // Here the stack height is 2 (because we pushed x and 7),
  6. // but the assembler thinks it is 1 because it reads
  7. // from top to bottom.
  8. // Accessing the stack variable x here will lead to errors.
  9. x := 9
  10. jump(three)
  11. two:
  12. 7 // push something onto the stack
  13. jump(one)
  14. three:
  15. }



  1. {
  2. let x := 8
  3. jump(two)
  4. 0 // This code is unreachable but will adjust the stack height correctly
  5. one:
  6. x := 9 // Now x can be accessed properly.
  7. jump(three)
  8. pop // Similar negative correction.
  9. two:
  10. 7 // push something onto the stack
  11. jump(one)
  12. three:
  13. pop // We have to pop the manually pushed value here again.
  14. }



  1. pragma solidity ^0.4.0;
  2. contract C {
  3. function f(uint x) returns (uint b) {
  4. assembly {
  5. let v := add(x, 1)
  6. mstore(0x80, v)
  7. {
  8. let y := add(sload(v), 1)
  9. b := y
  10. } // y is "deallocated" here
  11. b := add(b, v)
  12. } // v is "deallocated" here
  13. }
  14. }



有两种方式的赋值方式:函数风格和指令风格。函数风格,比如variable := value,你必须在函数风格的表达式中提供一个变量,最终将得到一个栈变量。指令风格=: variable,值则直接从栈底取。以于两种方式冒号指向的都是变量名称(译者注:注意语法中冒号的位置)。赋值的效果是将栈上的变量值替换为新值。

  1. assembly {
  2. let v := 0 // functional-style assignment as part of variable declaration
  3. let g := add(v, 2)
  4. sload(10)
  5. =: v // instruction style assignment, puts the result of sload(10) into v
  6. }



  1. assembly {
  2. let x := 0
  3. switch calldataload(4) case 0 {
  4. x := calldataload(0x24)
  5. }
  6. default {
  7. x := calldataload(0x44)
  8. }
  9. sstore(0, div(x, 2))
  10. }




  1. assembly {
  2. let x := 0
  3. for { let i := 0 } lt(i, 0x100) { i := add(i, 0x20) } {
  4. x := add(x, mload(i))
  5. }
  6. }




如果你调用一个函数,并返回了多个值,你可以将他们赋值给一个元组,使用a, b := f(x)let a, b := f(x)


  1. assembly {
  2. function power(base, exponent) -> result {
  3. switch exponent
  4. case 0 { result := 1 }
  5. case 1 { result := base }
  6. default {
  7. result := power(mul(base, base), div(exponent, 2))
  8. switch mod(exponent, 2) case 1 { result := mul(base, result) }
  9. }
  10. }
  11. }









库与合约类似,但它的目的是在一个指定的地址,且仅部署一次,然后通过EVM的特性DELEGATECALL(Homestead之前是用CALLCODE)来复用代码。这意味着库函数调用时,它的代码是在调用合约的上下文中执行。使用this将会指向到调用合约,而且可以访问调用合约的存储(storage)。因为一个合约是一个独立的代码块,它仅可以访问调用合约明确提供的状态变量(state variables),否则除此之外,没有任何方法去知道这些状态变量。

使用库合约的合约,可以将库合约视为隐式的父合约(base contracts),当然它们不会显式的出现在继承关系中。但调用库函数的方式非常类似,如库L有函数f(),使用L.f()即可访问。此外,internal的库函数对所有合约可见,如果把库想像成一个父合约就能说得通了。当然调用内部函数使用的是internal的调用惯例,这意味着所有internal类型可以传进去,memory类型则通过引用传递,而不是拷贝的方式。为了在EVM中实现这一点,internal的库函数的代码和从其中调用的所有函数将被拉取(pull into)到调用合约中,然后执行一个普通的JUMP来代替DELEGATECALL

下面的例子展示了如何使用库(后续在using for章节有一个更适合的实现Set的例子)。

  1. pragma solidity ^0.4.0;
  2. library Set {
  3. // We define a new struct datatype that will be used to
  4. // hold its data in the calling contract.
  5. struct Data { mapping(uint => bool) flags; }
  6. // Note that the first parameter is of type "storage
  7. // reference" and thus only its storage address and not
  8. // its contents is passed as part of the call. This is a
  9. // special feature of library functions. It is idiomatic
  10. // to call the first parameter 'self', if the function can
  11. // be seen as a method of that object.
  12. function insert(Data storage self, uint value) returns (bool) {
  13. if (self.flags[value])
  14. return false; // already there
  15. self.flags[value] = true;
  16. return true;
  17. }
  18. function remove(Data storage self, uint value) returns (bool) {
  19. if (!self.flags[value])
  20. return false; // not there
  21. self.flags[value] = false;
  22. return true;
  23. }
  24. function contains(Data storage self, uint value) returns (bool) {
  25. return self.flags[value];
  26. }
  27. }
  28. contract C {
  29. Set.Data knownValues;
  30. function register(uint value) {
  31. // The library functions can be called without a
  32. // specific instance of the library, since the
  33. // "instance" will be the current contract.
  34. if (!Set.insert(knownValues, value))
  35. throw;
  36. }
  37. // In this contract, we can also directly access knownValues.flags, if we want.
  38. }


  • Library定义了一个数据结构体,用来在调用的合约中使用(库本身并未实际存储的数据)。如果函数需要操作数据,这个数据一般是通过库函数的第一个参数传入,按惯例会把参数名定为self
  • 另外一个需要留意的是上例中self的类型是storage,那么意味着传入的会是一个引用,而不是拷贝的值,那么修改它的值,会同步影响到其它地方,俗称引用传递,非值传递。
  • 库函数的使用不需要实例化,c.register中可以看出是直接使用Set.insert。但实际上当前的这个合约本身就是它的一个实例。
  • 这个例子中,c可以直接访问,knownValues。虽然这个值主要是被库函数使用的。



下面的例子演示了如何使用memory类型和内部函数(inernal function),来实现一个自定义类型,但不会用到外部函数调用(external function)

  1. pragma solidity ^0.4.0;
  2. library BigInt {
  3. struct bigint {
  4. uint[] limbs;
  5. }
  6. function fromUint(uint x) internal returns (bigint r) {
  7. r.limbs = new uint[](1);
  8. r.limbs[0] = x;
  9. }
  10. function add(bigint _a, bigint _b) internal returns (bigint r) {
  11. r.limbs = new uint[](max(_a.limbs.length, _b.limbs.length));
  12. uint carry = 0;
  13. for (uint i = 0; i < r.limbs.length; ++i) {
  14. uint a = limb(_a, i);
  15. uint b = limb(_b, i);
  16. r.limbs[i] = a + b + carry;
  17. if (a + b < a || (a + b == uint(-1) && carry > 0))
  18. carry = 1;
  19. else
  20. carry = 0;
  21. }
  22. if (carry > 0) {
  23. // too bad, we have to add a limb
  24. uint[] memory newLimbs = new uint[](r.limbs.length + 1);
  25. for (i = 0; i < r.limbs.length; ++i)
  26. newLimbs[i] = r.limbs[i];
  27. newLimbs[i] = carry;
  28. r.limbs = newLimbs;
  29. }
  30. }
  31. function limb(bigint _a, uint _limb) internal returns (uint) {
  32. return _limb < _a.limbs.length ? _a.limbs[_limb] : 0;
  33. }
  34. function max(uint a, uint b) private returns (uint) {
  35. return a > b ? a : b;
  36. }
  37. }
  38. contract C {
  39. using BigInt for BigInt.bigint;
  40. function f() {
  41. var x = BigInt.fromUint(7);
  42. var y = BigInt.fromUint(uint(-1));
  43. var z = x.add(y);
  44. }
  45. }



  • 状态变量(state variables)
  • 不能继承或被继承
  • 不能接收ether


附着库(Using for)

指令using A for B;用来附着库里定义的函数(从库A)到任意类型B。这些函数将会默认接收调用函数对象的实例作为第一个参数。语法类似,python中的self变量一样。

using A for *的效果是,库A中的函数被附着在做任意的类型上。


using A for B;指令仅在当前的作用域有效,且暂时仅仅支持当前的合约这个作用域,后续也非常有可能解除这个限制,允许作用到全局范围。如果能作用到全局范围,通过引入一些模块(module),数据类型将能通过库函数扩展功能,而不需要每个地方都得写一遍类似的代码了。


  1. pragma solidity ^0.4.0;
  2. // This is the same code as before, just without comments
  3. library Set {
  4. struct Data { mapping(uint => bool) flags; }
  5. function insert(Data storage self, uint value) returns (bool) {
  6. if (self.flags[value])
  7. return false; // already there
  8. self.flags[value] = true;
  9. return true;
  10. }
  11. function remove(Data storage self, uint value) returns (bool) {
  12. if (!self.flags[value])
  13. return false; // not there
  14. self.flags[value] = false;
  15. return true;
  16. }
  17. function contains(Data storage self, uint value) returns (bool) {
  18. return self.flags[value];
  19. }
  20. }
  21. contract C {
  22. using Set for Set.Data; // this is the crucial change
  23. Set.Data knownValues;
  24. function register(uint value) {
  25. // Here, all variables of type Set.Data have
  26. // corresponding member functions.
  27. // The following function call is identical to
  28. // Set.insert(knownValues, value)
  29. if (!knownValues.insert(value))
  30. throw;
  31. }
  32. }

我们也可以通过这种方式来扩展基本类型(elementary types)

  1. pragma solidity ^0.4.0;
  2. library Search {
  3. function indexOf(uint[] storage self, uint value) returns (uint) {
  4. for (uint i = 0; i < self.length; i++)
  5. if (self[i] == value) return i;
  6. return uint(-1);
  7. }
  8. }
  9. contract C {
  10. using Search for uint[];
  11. uint[] data;
  12. function append(uint value) {
  13. data.push(value);
  14. }
  15. function replace(uint _old, uint _new) {
  16. // This performs the library function call
  17. uint index = data.indexOf(_old);
  18. if (index == uint(-1))
  19. data.push(_new);
  20. else
  21. data[index] = _new;
  22. }
  23. }

需要注意的是所有库调用都实际上是EVM函数调用。这意味着,如果你传的是memory类型的,或者是值类型(vaue types),那么仅会传一份拷贝,即使是self变量。变通之法就是使用存储(storage)类型的变量,这样就不会拷贝内容。



  1. 不能继承其它合约,或接口。
  2. 不能定义构造器
  3. 不能定义变量
  4. 不能定义结构体
  5. 不能定义枚举类




  1. interface Token {
  2. function transfer(address recipient, uint amount);
  3. }


抽象(Abstract Contracts)


  1. pragma solidity ^0.4.0;
  2. contract Feline {
  3. function utterance() returns (bytes32);
  4. }


  1. pragma solidity ^0.4.0;
  2. contract Feline {
  3. function utterance() returns (bytes32);
  4. function getContractName() returns (string){
  5. return "Feline";
  6. }
  7. }
  8. contract Cat is Feline {
  9. function utterance() returns (bytes32) { return "miaow"; }
  10. }








  1. pragma solidity ^0.4.0;
  2. contract owned {
  3. function owned() { owner = msg.sender; }
  4. address owner;
  5. }
  6. // Use "is" to derive from another contract. Derived
  7. // contracts can access all non-private members including
  8. // internal functions and state variables. These cannot be
  9. // accessed externally via `this`, though.
  10. contract mortal is owned {
  11. function kill() {
  12. if (msg.sender == owner) selfdestruct(owner);
  13. }
  14. }
  15. // These abstract contracts are only provided to make the
  16. // interface known to the compiler. Note the function
  17. // without body. If a contract does not implement all
  18. // functions it can only be used as an interface.
  19. contract Config {
  20. function lookup(uint id) returns (address adr);
  21. }
  22. contract NameReg {
  23. function register(bytes32 name);
  24. function unregister();
  25. }
  26. // Multiple inheritance is possible. Note that "owned" is
  27. // also a base class of "mortal", yet there is only a single
  28. // instance of "owned" (as for virtual inheritance in C++).
  29. contract named is owned, mortal {
  30. function named(bytes32 name) {
  31. Config config = Config(0xd5f9d8d94886e70b06e474c3fb14fd43e2f23970);
  32. NameReg(config.lookup(1)).register(name);
  33. }
  34. // Functions can be overridden by another function with the same name and
  35. // the same number/types of inputs. If the overriding function has different
  36. // types of output parameters, that causes an error.
  37. // Both local and message-based function calls take these overrides
  38. // into account.
  39. function kill() {
  40. if (msg.sender == owner) {
  41. Config config = Config(0xd5f9d8d94886e70b06e474c3fb14fd43e2f23970);
  42. NameReg(config.lookup(1)).unregister();
  43. // It is still possible to call a specific
  44. // overridden function.
  45. mortal.kill();
  46. }
  47. }
  48. }
  49. // If a constructor takes an argument, it needs to be
  50. // provided in the header (or modifier-invocation-style at
  51. // the constructor of the derived contract (see below)).
  52. contract PriceFeed is owned, mortal, named("GoldFeed") {
  53. function updateInfo(uint newInfo) {
  54. if (msg.sender == owner) info = newInfo;
  55. }
  56. function get() constant returns(uint r) { return info; }
  57. uint info;
  58. }


  1. pragma solidity ^0.4.0;
  2. contract mortal is owned {
  3. function kill() {
  4. if (msg.sender == owner) selfdestruct(owner);
  5. }
  6. }
  7. contract Base1 is mortal {
  8. function kill() { /* do cleanup 1 */ mortal.kill(); }
  9. }
  10. contract Base2 is mortal {
  11. function kill() { /* do cleanup 2 */ mortal.kill(); }
  12. }
  13. contract Final is Base1, Base2 {
  14. }


  1. pragma solidity ^0.4.0;
  2. contract mortal is owned {
  3. function kill() {
  4. if (msg.sender == owner) selfdestruct(owner);
  5. }
  6. }
  7. contract Base1 is mortal {
  8. function kill() { /* do cleanup 1 */ super.kill(); }
  9. }
  10. contract Base2 is mortal {
  11. function kill() { /* do cleanup 2 */ super.kill(); }
  12. }
  13. contract Final is Base2, Base1 {
  14. }

如果Base1调用了函数super,它不会简单的调用基类的合约函数,它还会调用继承关系图谱上的下一个基类合约,所以会调用Base2.kill()。需要注意的最终的继承图谱将会是:Final,Base1,Base2,mortal,owned。使用super时会调用的实际函数在使用它的类的上下文中是未知的,尽管它的类型是已知的。这类似于普通虚函数查找(ordinary virtual method lookup)

基类构造器的方法(Arguments for Base Constructors)


  1. pragma solidity ^0.4.0;
  2. contract Base {
  3. uint x;
  4. function Base(uint _x) { x = _x; }
  5. }
  6. contract Derived is Base(7) {
  7. function Derived(uint _y) Base(_y * _y) {
  8. }
  9. }

或者直接在继承列表中使用is Base(7),或像修改器(modifier)使用方式一样,做为派生构造器定义头的一部分Base(_y * _y)。第一种方式对于构造器是常量的情况比较方便,可以大概说明合约的行为。第二种方式适用于构造的参数值由派生合约的指定的情况。在上述两种都用的情况下,第二种方式优先(一般情况只用其中一种方式就好了)。

多继承与线性化(Multiple Inheritance and Linearization)


Solidity的解决方案参考Python,使用C3_linearization来强制将基类合约转换一个有向无环图(DAG)的特定顺序。结果是我们希望的单调性,但却禁止了某些继承行为。特别是基类合约在is后的顺序非常重要。下面的代码,Solidity会报错Linearization of inheritance graph impossible

  1. pragma solidity ^0.4.0;
  2. contract X {}
  3. contract A is X {}
  4. contract C is A, X {}


一个简单的指定基类合约的继承顺序原则是从most base-likemost derived













  1. pragma solidity ^0.4.0;
  2. contract ClientReceipt {
  3. event Deposit(
  4. address indexed _from,
  5. bytes32 indexed _id,
  6. uint _value
  7. );
  8. function deposit(bytes32 _id) {
  9. // Any call to this function (even deeply nested) can // be detected from the JavaScript API by filtering // for `Deposit` to be called. Deposit(msg.sender, _id, msg.value);
  10. }
  11. }


  1. var abi = /* abi as generated by the compiler */;
  2. var ClientReceipt = web3.eth.contract(abi);
  3. var clientReceipt = /* address */);
  4. var event = clientReceipt.Deposit();
  5. // watch for changes
  6., result){
  7. // result will contain various information
  8. // including the argumets given to the Deposit
  9. // call.
  10. if (!error)
  11. console.log(result);
  12. });
  13. // Or pass a callback to start watching immediately
  14. var event = clientReceipt.Deposit(function(error, result) {
  15. if (!error)
  16. console.log(result);
  17. });

底层的日志接口(Low-level Interface to Logs)

通过函数log0log1log2log3log4,可以直接访问底层的日志组件。logi表示总共有带i + 1个参数(i表示的就是可带参数的数目,只是是从0开始计数的)。其中第一个参数会被用来做为日志的数据部分,其它的会做为主题(topics)。前面例子中的事件可改为如下:

  1. log3(
  2. msg.value,
  3. 0x50cb9fe53daa9737b786ab3646f04d0150dc50ef4e75f59509d83667ad5adb20,
  4. msg.sender,
  5. _id
  6. );



  • Javascript documentation
  • Example usage of events
  • How to access them in js

回退函数(fallback function)




  • 写入到存储(storage)
  • 创建一个合约
  • 执行一个外部(external)函数调用,会花费非常多的gas
  • 发送ether


一个没有定义一个回退函数的合约。如果接收ether,会触发异常,并返还ether(solidity v0.4.0开始)。所以合约要接收ether,必须实现回退函数。下面来看个例子:

  1. pragma solidity ^0.4.0;
  2. contract Test {
  3. // This function is called for all messages sent to
  4. // this contract (there is no other function).
  5. // Sending Ether to this contract will cause an exception,
  6. // because the fallback function does not have the "payable"
  7. // modifier.
  8. function() { x = 1; }
  9. uint x;
  10. }
  11. // This contract keeps all Ether sent to it with no way
  12. // to get it back.
  13. contract Sink {
  14. function() payable { }
  15. }
  16. contract Caller {
  17. function callTest(Test test) {
  18.; // hash does not exist
  19. // results in test.x becoming == 1.
  20. // The following call will fail, reject the
  21. // Ether and return false:
  22. test.send(2 ether);
  23. }
  24. }


常量(constant state variables)





  1. pragma solidity ^0.4.0;
  2. contract C {
  3. uint constant x = 32**22 + 8;
  4. string constant text = "abc";
  5. bytes32 constant myHash = keccak256("abc");
  6. }

常函数(Constant Functions)


  1. pragma solidity ^0.4.0;
  2. contract C {
  3. function f(uint a, uint b) constant returns (uint) {
  4. return a * (b + 42);
  5. }
  6. }


函数修改器(Function Modifiers)


  1. pragma solidity ^0.4.0;
  2. contract owned {
  3. function owned() { owner = msg.sender; }
  4. address owner;
  5. // This contract only defines a modifier but does not use
  6. // it - it will be used in derived contracts.
  7. // The function body is inserted where the special symbol
  8. // "_;" in the definition of a modifier appears.
  9. // This means that if the owner calls this function, the
  10. // function is executed and otherwise, an exception is
  11. // thrown.
  12. modifier onlyOwner {
  13. if (msg.sender != owner)
  14. throw;
  15. _;
  16. }
  17. }
  18. contract mortal is owned {
  19. // This contract inherits the "onlyOwner"-modifier from
  20. // "owned" and applies it to the "close"-function, which
  21. // causes that calls to "close" only have an effect if
  22. // they are made by the stored owner.
  23. function close() onlyOwner {
  24. selfdestruct(owner);
  25. }
  26. }
  27. contract priced {
  28. // Modifiers can receive arguments:
  29. modifier costs(uint price) {
  30. if (msg.value >= price) {
  31. _;
  32. }
  33. }
  34. }
  35. contract Register is priced, owned {
  36. mapping (address => bool) registeredAddresses;
  37. uint price;
  38. function Register(uint initialPrice) { price = initialPrice; }
  39. // It is important to also provide the
  40. // "payable" keyword here, otherwise the function will
  41. // automatically reject all Ether sent to it.
  42. function register() payable costs(price) {
  43. registeredAddresses[msg.sender] = true;
  44. }
  45. function changePrice(uint _price) onlyOwner {
  46. price = _price;
  47. }
  48. }






  1. pragma solidity ^0.4.0;
  2. contract Mutex {
  3. bool locked;
  4. modifier noReentrancy() {
  5. if (locked) throw;
  6. locked = true;
  7. _;
  8. locked = false;
  9. }
  10. /// This function is protected by a mutex, which means that
  11. /// reentrant calls from within cannot call f again.
  12. /// The `return 7` statement assigns 7 to the return value but still
  13. /// executes the statement `locked = false` in the modifier.
  14. function f() noReentrancy returns (uint) {
  15. if (! throw;
  16. return 7;
  17. }
  18. }






访问函数(Getter Functions)


  1. pragma solidity ^0.4.0;
  2. contract C{
  3. uint public c = 10;
  4. }
  5. contract D{
  6. C c = new C();
  7. function getDataUsingAccessor() returns (uint){
  8. return c.c();
  9. }
  10. }


  1. pragma solidity ^0.4.0;
  2. contract C{
  3. uint public c = 10;
  4. function accessInternal() returns (uint){
  5. return c;
  6. }
  7. function accessExternal() returns (uint){
  8. return this.c();
  9. }
  10. }

acessExternal函数中,如果直接返回return this.c;,会出现报错Return argument type function () constant external returns (uint256) is not implicitly convertible to expected type (type of first return variable) uint256.。原因应该是通过外部(external)的方式只能访问到this.c作为函数的对象,所以它认为你是想把一个函数转为uint故而报错。


  1. pragma solidity ^0.4.0;
  2. contract ComplexSimple{
  3. struct Cat{
  4. uint a;
  5. bytes3 b;
  6. mapping(uint => uint) map;
  7. }
  8. //
  9. mapping(uint => mapping(bool => Cat)) public content;
  10. function initial(){
  11. content[0][true] = Cat(1, 1);
  12. content[0][true].map[0] = 10;
  13. }
  14. function get() returns (uint, bytes3, uint){
  15. return (content[0][true].a, content[0][true].b, content[0][true].map[0]);
  16. }
  17. }
  18. contract Complex {
  19. struct Data {
  20. uint a;
  21. bytes3 b;
  22. mapping (uint => uint) map;
  23. }
  24. mapping (uint => mapping(bool => Data[])) public data;
  25. }

文档中自带的的这个Demo始终跑不通,数组类型这里不知为何会抛invalid jump。把这块简化了写了一个ComplextSimple供参考。




可见性或权限控制(Visibility And Accessors)













可见性的标识符的定义位置,对于state variable是在类型后面,函数是在参数列表和返回关键字中间。来看一个定义的例子:

  1. pragma solidity ^0.4.0;
  2. contract C {
  3. function f(uint a) private returns (uint b) { return a + 1; }
  4. function setData(uint a) internal { data = a; }
  5. uint public data;
  6. }


  1. pragma solidity ^0.4.0;
  2. contract C {
  3. uint private data;
  4. function f(uint a) private returns(uint b) { return a + 1; }
  5. function setData(uint a) { data = a; }
  6. function getData() public returns(uint) { return data; }
  7. function compute(uint a, uint b) internal returns (uint) { return a+b; }
  8. }
  9. contract D {
  10. function readData() {
  11. C c = new C();
  12. uint local = c.f(7); // error: member "f" is not visible
  13. c.setData(3);
  14. local = c.getData();
  15. local = c.compute(3, 5); // error: member "compute" is not visible
  16. }
  17. }
  18. contract E is C {
  19. function g() {
  20. C c = new C();
  21. uint val = compute(3, 5); // acces to internal member (from derivated to parent contract)
  22. }
  23. }



Solidity中合约有点类似面向对象语言中的类。合约中有用于数据持久化的状态变量(state variables),和可以操作他们的函数。调用另一个合约实例的函数时,会执行一个EVM函数调用,这个操作会切换执行时的上下文,这样,前一个合约的状态变量(state variables)就不能访问了。





  1. // Need to specify some source including contract name for the data param below
  2. var source = "contract CONTRACT_NAME { function CONTRACT_NAME(unit a, uint b) {} }";
  3. // The json abi array generated by the compiler
  4. var abiArray = [
  5. {
  6. "inputs":[
  7. {
  8. "name":"x","type":"uint256"},
  9. {
  10. "name":"y","type":"uint256"}
  11. ],
  12. "type":"constructor"
  13. },
  14. {
  15. "constant":true,
  16. "inputs":[],
  17. "name":"x",
  18. "outputs":[{
  19. "name":"","type":"bytes32"}],
  20. "type":"function"
  21. }
  22. ];
  23. var MyContract_ = web3.eth.contract(source);
  24. MyContract = web3.eth.contract(;
  25. // deploy new contract
  26. var contractInstance =
  27. 10,
  28. 11,
  29. {from: myAccount, gas: 1000000}
  30. );



  1. pragma solidity ^0.4.0;
  2. contract OwnedToken {
  3. // TokenCreator is a contract type that is defined below.
  4. // It is fine to reference it as long as it is not used
  5. // to create a new contract.
  6. TokenCreator creator;
  7. address owner;
  8. bytes32 name;
  9. // This is the constructor which registers the
  10. // creator and the assigned name.
  11. function OwnedToken(bytes32 _name) {
  12. // State variables are accessed via their name
  13. // and not via e.g. this.owner. This also applies
  14. // to functions and especially in the constructors,
  15. // you can only call them like that ("internall"),
  16. // because the contract itself does not exist yet.
  17. owner = msg.sender;
  18. // We do an explicit type conversion from `address`
  19. // to `TokenCreator` and assume that the type of
  20. // the calling contract is TokenCreator, there is
  21. // no real way to check that.
  22. creator = TokenCreator(msg.sender);
  23. name = _name;
  24. }
  25. function changeName(bytes32 newName) {
  26. // Only the creator can alter the name --
  27. // the comparison is possible since contracts
  28. // are implicitly convertible to addresses.
  29. if (msg.sender == address(creator))
  30. name = newName;
  31. }
  32. function transfer(address newOwner) {
  33. // Only the current owner can transfer the token.
  34. if (msg.sender != owner) return;
  35. // We also want to ask the creator if the transfer
  36. // is fine. Note that this calls a function of the
  37. // contract defined below. If the call fails (e.g.
  38. // due to out-of-gas), the execution here stops
  39. // immediately.
  40. if (creator.isTokenTransferOK(owner, newOwner))
  41. owner = newOwner;
  42. }
  43. }
  44. contract TokenCreator {
  45. function createToken(bytes32 name) returns (OwnedToken tokenAddress) {
  46. // Create a new Token contract and return its address.
  47. // From the JavaScript side, the return type is simply
  48. // "address", as this is the closest type available in
  49. // the ABI.
  50. return new OwnedToken(name);
  51. }
  52. function changeName(OwnedToken tokenAddress, bytes32 name) {
  53. // Again, the external type of "tokenAddress" is
  54. // simply "address".
  55. tokenAddress.changeName(name);
  56. }
  57. function isTokenTransferOK( address currentOwner, address newOwner ) returns (bool ok) {
  58. // Check some arbitrary condition.
  59. address tokenAddress = msg.sender;
  60. return (keccak256(newOwner) & 0xff) == (bytes20(tokenAddress) & 0xff);
  61. }
  62. }

内联汇编(Inline Assembly)


  • 函数式的操作码:mul(1, add(2, 3))代替push1 3 push1 2 add push1 1 mul
  • 本地汇编变量:let x := add(2, 3) let y := mload(0x40) x := add(x, y)
  • 访问外部变量:function f(uint x){ assembly { x := sub(x,1)}}
  • 标签支持:let x := 10 repeat := sub(x, 1) jumpi(repeat, eq(x, 0))

Solidity Assembly是对内联汇编的详细介绍。


有一些情况下,异常是自动抛出来的(见下),你也可以使用throw来手动抛出一个异常。抛出异常的效果是当前的执行被终止且被撤销(值的改变和帐户余额的变化都会被回退)。异常还会通过Solidity的函数调用向上冒泡(bubbled up)传递。(send,和底层的函数调用call,delegatecallcallcode是一个例外,当发生异常时,这些函数返回false)。



  1. pragma solidity ^0.4.0;
  2. contract Sharer {
  3. function sendHalf(address addr) payable returns (uint balance) {
  4. if (!addr.send(msg.value / 2))
  5. throw; // also reverts the transfer to Sharer
  6. return this.balance;
  7. }
  8. }


  1. 如果越界,或是负的序号值访问数组。
  2. 如果访问一个定长的bytesN,序号越界,或是负的序号值。
  3. 如果你通过消息调用一个函数,但在调用的过程中,并没有正确结束(gas不足,没有匹配到对应的函数,或他自己出现异常)。底层操作如call,send,delegatecallcallcode除外,它们不会抛出异常,但它们会通过返回false来表示失败。
  4. 如果在使用new创建一个新合约时,但合约的初化化由于类似3中的原因没有正常完成。
  5. 被除数为0。
  6. 对一个二进制移动一个负的值。
  7. 使用枚举时,将过大值,负值转为枚举类型。
  8. 使用外部函数调用时,被调用的对象并不包含代码。
  9. 如果你的public的函数在没有payable关键字时,却尝试在接收ether(包括构造函数,和回退函数)。
  10. 合约通过一个publicgetter函数(public getter funciton)接收ether
  11. 调用一个未初始化的内部函数。
  12. .transfer()执行失败
  13. assert返回false


  1. 调用throw
  2. 调用require,但参数值为false。



作用范围和声明(Scoping And Decarations)



函数内定义的变量,在整个函数中均可用,无论它在哪里定义)。因为Solidity使用了javascript的变量作用范围的规则。与常规语言语法从定义处开始,到当前块结束为止不同。由此,下述代码编译时会抛出一个异常,Identifier already declared

  1. pragma solidity ^0.4.0;
  2. contract ScopingErrors {
  3. function scoping() {
  4. uint i = 0;
  5. while (i++ < 1) {
  6. uint same1 = 0;
  7. }
  8. while (i++ < 2) {
  9. uint same1 = 0;// Illegal, second declaration of same1
  10. }
  11. }
  12. function minimalScoping() {
  13. {
  14. uint same2 = 0;
  15. }
  16. {
  17. uint same2 = 0;// Illegal, second declaration of same2
  18. }
  19. }
  20. function forLoopScoping() {
  21. for (uint same3 = 0; same3 < 1; same3++) {
  22. }
  23. for (uint same3 = 0; same3 < 1; same3++) {
  24. // Illegal, second declaration of same3
  25. }
  26. }
  27. function crossFunction(){
  28. uint same1 = 0;//Illegal
  29. }
  30. }


  1. pragma solidity ^0.4.0;
  2. contract C{
  3. function foo() returns (uint) {
  4. // baz is implicitly initialized as 0
  5. uint bar = 5;
  6. if (true) {
  7. bar += baz;
  8. } else {
  9. uint baz = 10;// never executes
  10. }
  11. return bar;// returns 5
  12. }
  13. }



