My notes on the Ethereum developer ecosystem and tooling
Hey Slava! By far & wide agree with your analysis, the client-side is a source of immense pain.
Some suggestions for your wishlist:
- typescript generation: I believe typechain does this (but I felt some pain when I used it)
- REPL: doesn't exist that I know of, but Solidity scripting in Foundry comes close to what I'd like to use a REPL for
(In general, Foundry is a step up from Hardhat - which is already pretty good. The two killer features are compilation speed & being able to write tests directly in Solidity)
- tools for finding Solidity bugs: multiple things like this exist though they could probably improve. The one that is top of mind is Slither. There are also a few fuzzers like Echidna.
Finally, a small correction: I don't think Vitalik was involved with Solidity. I think Gavin Wood might have come up with the initial design & then it was developped by a dedicated team (Wikipedia names Christian Reitwiessner & Alex Beregszaszi).
Have you heard of Clarity? https://clarity-lang.org/ or https://docs.stacks.co/docs/write-smart-contracts/
Clarity is a non-Turing complete/decidable, interpreted smart contract language used primarily on Stacks, a smart contract abstraction layer on Bitcoin.
It's a LISP-like language and imposes an explicit and opinionated view on smart contract development. There is a much smaller developer ecosystem—like a few hundred compared to the ~20,000 in all of crypto—so the network effect isn't comparable to the EVM, although Stacks will soon be extended with an L2, Subnets, that can be EVM-compatible.
I work for Hiro, the dev tooling company, so I'm biased. But I've been thinking a lot about the 1) network effects of EVM + Solidity versus 2) its attack, exploit, and bug surface, and wondering what will win out.
Nice post. Timely as I have just picked up Solidity again after a few years away - all the Hardhat tooling was new to me.
Wasn't it Gavin Wood who developed developed Solidity?
You didn’t mention the open zeppelin stuff - could that have helped reduce your security risk?
Have you checked out Gitcoin / standard bounty contract?