{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T11:07:54Z","timestamp":1777892874340,"version":"3.51.4"},"reference-count":34,"publisher":"Association for Computing Machinery (ACM)","issue":"OOPSLA2","license":[{"start":{"date-parts":[[2022,10,31]],"date-time":"2022-10-31T00:00:00Z","timestamp":1667174400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-sa\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Proc. ACM Program. Lang."],"published-print":{"date-parts":[[2022,10,31]]},"abstract":"The Solidity programming language is the most widely used language for smart contract development. Improving smart contracts\u2019 correctness, security, and performance has been the driving force for research in vulnerability detection, program analysis, and compiler techniques for Solidity. Similar to system-level languages such as C, Solidity enables the embedding of low-level code in programs, in the form of inline assembly code. Developers use inline assembly for low-level optimizations, extending the Solidity language through libraries, and using blockchain-specific opcodes only available through inline assembly. Nevertheless, inline assembly fragments are not well understood by an average developer and can introduce security threats as well as affect the optimizations that can be applied to programs by the compiler; it also significantly limits the effectiveness of source code static analyzers that operate on the Solidity level. A better understanding of how inline assembly is used in practice could in turn increase the performance, security, and support for inline assembly in Solidity. \nThis paper presents a large-scale quantitative study of the use of inline assembly in 6.8M smart contracts deployed on the Ethereum blockchain. We find that 23% of the analyzed smart contracts contain inline assembly code, and that the use of inline assembly has become more widespread over time. We further performed a manual qualitative analysis for identifying usage patterns of inline assembly in Solidity smart contracts. Our findings are intended to help practitioners understand when they should use inline assembly and guide developers of Solidity tools in prioritizing which parts of inline assembly to implement first. Finally, the insights of this study could be used to enhance the Solidity language, improve the Solidity compiler, and to open up new research directions by driving future researchers to build appropriate methods and techniques for replacing inline assembly in Solidity programs when there is no real necessity to use it.<\/jats:p>","DOI":"10.1145\/3563328","type":"journal-article","created":{"date-parts":[[2022,10,31]],"date-time":"2022-10-31T20:23:35Z","timestamp":1667247815000},"page":"1123-1149","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["A study of inline assembly in solidity smart contracts"],"prefix":"10.1145","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5414-4120","authenticated-orcid":false,"given":"Stefanos","family":"Chaliasos","sequence":"first","affiliation":[{"name":"Imperial College London, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3565-3410","authenticated-orcid":false,"given":"Arthur","family":"Gervais","sequence":"additional","affiliation":[{"name":"Imperial College London, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4921-8452","authenticated-orcid":false,"given":"Benjamin","family":"Livshits","sequence":"additional","affiliation":[{"name":"Imperial College London, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2022,10,31]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319647.3325833"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-70278-0_31"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3385412.3385990"},{"key":"e_1_2_1_4_1","volume-title":"Vandal: A Scalable Security Analysis Framework for Smart Contracts. ArXiv, abs\/1809.03981","author":"Brent Lexi","year":"2018","unstructured":"Lexi Brent , Anton Jurisevic , Michael Kong , Eric Liu , Fran\u00e7ois Gauthier , Vincent Gramoli , Ralph Holz , and Bernhard Scholz . 2018 . Vandal: A Scalable Security Analysis Framework for Smart Contracts. ArXiv, abs\/1809.03981 (2018). Lexi Brent, Anton Jurisevic, Michael Kong, Eric Liu, Fran\u00e7ois Gauthier, Vincent Gramoli, Ralph Holz, and Bernhard Scholz. 2018. Vandal: A Scalable Security Analysis Framework for Smart Contracts. ArXiv, abs\/1809.03981 (2018)."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5281\/zenodo.7071281"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485500"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.295895"},{"key":"e_1_2_1_8_1","volume-title":"Proceedings of the 27th USENIX Conference on Security Symposium (SEC\u201918)","author":"Corteggiani Nassim","year":"2018","unstructured":"Nassim Corteggiani , Giovanni Camurati , and Aur\u00e9lien Francillon . 2018 . Inception: System-Wide Security Testing of Real-World Embedded Systems Software . In Proceedings of the 27th USENIX Conference on Security Symposium (SEC\u201918) . USENIX Association, USA. 309\u2013326. isbn:978 1931971461 Nassim Corteggiani, Giovanni Camurati, and Aur\u00e9lien Francillon. 2018. Inception: System-Wide Security Testing of Real-World Embedded Systems Software. In Proceedings of the 27th USENIX Conference on Security Symposium (SEC\u201918). USENIX Association, USA. 309\u2013326. isbn:9781931971461"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380364"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/WETSEB.2019.00008"},{"key":"e_1_2_1_11_1","unstructured":"Robert Feldt and Ana Magazinius. 2010. Validity threats in empirical software engineering research-an initial survey.. In Seke. 374\u2013379. \t\t\t\t Robert Feldt and Ana Magazinius. 2010. Validity threats in empirical software engineering research-an initial survey.. In Seke. 374\u2013379."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485502"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3276486"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.3390\/technologies7010006"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336758"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2983990.2983996"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3324884.3416626"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2384616.2384660"},{"key":"e_1_2_1_19_1","volume-title":"Bitcoin: A peer-to-peer electronic cash system. https:\/\/bitcoin.org\/bitcoin.pdf","author":"Nakamoto Satoshi","year":"2008","unstructured":"Satoshi Nakamoto . 2008 . Bitcoin: A peer-to-peer electronic cash system. https:\/\/bitcoin.org\/bitcoin.pdf Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. https:\/\/bitcoin.org\/bitcoin.pdf"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380250705"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2921936"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00113"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00060"},{"key":"e_1_2_1_24_1","volume-title":"Proceedings of the 25th European Conference on Object-Oriented Programming (ECOOP\u201911)","author":"Richards Gregor","year":"2011","unstructured":"Gregor Richards , Christian Hammer , Brian Burg , and Jan Vitek . 2011 . The Eval That Men Do: A Large-Scale Study of the Use of Eval in Javascript Applications . In Proceedings of the 25th European Conference on Object-Oriented Programming (ECOOP\u201911) . Springer-Verlag, Berlin, Heidelberg. 52\u201378. isbn:9783642226540 https:\/\/doi.org\/10.5555\/ 2032497.2032503 10.5555\/2032497.2032503 Gregor Richards, Christian Hammer, Brian Burg, and Jan Vitek. 2011. The Eval That Men Do: A Large-Scale Study of the Use of Eval in Javascript Applications. In Proceedings of the 25th European Conference on Object-Oriented Programming (ECOOP\u201911). Springer-Verlag, Berlin, Heidelberg. 52\u201378. isbn:9783642226540 https:\/\/doi.org\/10.5555\/2032497.2032503"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1806596.1806598"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3338907"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3186411.3186418"},{"key":"e_1_2_1_28_1","unstructured":"Solidity. 2022. Solidity Inline Assembly Documentation. https:\/\/docs.soliditylang.org\/en\/latest\/assembly.html \t\t\t\t Solidity. 2022. Solidity Inline Assembly Documentation. https:\/\/docs.soliditylang.org\/en\/latest\/assembly.html"},{"key":"e_1_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Nick Szabo. 1997. Formalizing and securing relationships on public networks. First monday. \t\t\t\t Nick Szabo. 1997. Formalizing and securing relationships on public networks. First monday.","DOI":"10.5210\/fm.v2i9.548"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3194113.3194115"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.13140\/RG.2.2.25506.12483"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243780"},{"key":"e_1_2_1_33_1","volume-title":"Ethereum: A secure decentralised generalised transaction ledger.","author":"Wood Gavin","year":"2022","unstructured":"Gavin Wood . 2022 . Ethereum: A secure decentralised generalised transaction ledger. Gavin Wood. 2022. Ethereum: A secure decentralised generalised transaction ledger."},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2942301"}],"container-title":["Proceedings of the ACM on Programming Languages"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3563328","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3563328","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:38:10Z","timestamp":1750178290000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3563328"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,31]]},"references-count":34,"journal-issue":{"issue":"OOPSLA2","published-print":{"date-parts":[[2022,10,31]]}},"alternative-id":["10.1145\/3563328"],"URL":"https:\/\/doi.org\/10.1145\/3563328","relation":{},"ISSN":["2475-1421"],"issn-type":[{"value":"2475-1421","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,10,31]]},"assertion":[{"value":"2022-10-31","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}