PayPal’s secret strategy to smart contact security revealed
Trust — white hat hacker and head of smart contract auditing firm Trust Security — shed some light on a peculiar feature of the smart contract powering PayPal’s new stablecoin PYUSD. In a recent tweet, Trust pointed out that they have “seen a lot of dunking on PayPal for using an ancient Solidity compiler.” Seen a lot of dunking on @PayPal for using an ancient Solidity compiler. Here's why I think it is actually a 200IQ move! pic.twitter.com/jYN5eRNiNT — Trust (@trust__90) August 8, 2023 As pointed out in a recent article, an Analysis of the smart contract revealed that the company used Solidity compiler version 0.4.24. Considering that version 0.4.24 of Solidity was released on May 16, 2018, shows that the version chosen by PayPal was ancient indeed. Still, this is not necessarily a bad thing. Trust explained that when choosing a Solidity compiler version, a programmer is looking for a compromise with the latest versions guaranteeing lower gas ...