Highlights

Many of the updates from the core development team this month centered on the maintainability and long-term stability for Neo, both as a protocol and as a development platform. The implementation of hard fork support allows for backwards incompatible changes to be safely introduced, the first being alterations to syscall prices that would alleviate DoS concerns.

Snapshot isolation was another example, which prevents unwanted contract storage changes persisting between contract calls where exceptions occur. The contract development experience for the C# developer was enhanced through conditional compilation, removing the need for code rewrites between debug and production compiles.

Neo’s sponsored community development groups released their own updates in step with the core, adapting to modifications and transplanting the new pieces of functionality. NEXT completed its preparations for a major NeoLine extension wallet upgrade, bringing Ledger support and custom network support to make the wallet more versatile for users and developers alike. 

Meanwhile, Neo SPCC explored new NeoFS optimizations in the form of the Object tree service, and NGD Enterprise continued to cover ground in development of its new compiler for TypeScript smart contracts.

The full Neo global monthly development report for May can be found below.

Protocol Development

Neo Core

Exception handling improvements implemented for cross-contract calls

The addition of snapshot isolation in the Neo core was one of the most notable upgrades Neo received in May. Following the update, state changes caused by contract invocations are kept separate between each contract call. 

If a given call results in an exception, state changes in the called contract are automatically rolled back, preventing unintended consequences that could occur when exceptions are handled by the contract performing the call.

Support for protocol-level hardforks and syscall price adjustments

The core development team worked towards the Neo v3.3.0 milestone release in May, which would become the first release to include support for protocol-level hard forks. This allows the platform to make adjustments to hardcoded syscall prices without breaking transactions in past blocks. In the first fork, the fees for getRandom and createMultisigAccount were adjusted to mitigate DoS concerns and other issues.

 NeoVM enhanced with new opcodes and deep copies as immutable for StackItems

MODMUL and MODPOW arrived in NeoVM, opening new opportunities for on-chain applications relating to cryptography and zero-knowledge proofs. Another change at the NeoVM level was the ability to deep copy stack items as immutable. This allows performance to be improved in situations involving Notify and GetNotifications while avoiding the potential for a contract to modify the received notifications.

Conditional compilation and new methods land in the neo-devpack-dotnet

The C# contract compiler received a number of updates in May, including new math methods for returning absolute values, optimizations for storage maps, and the ability to concatenate bytestrings.

Conditional compilation support via #if DEBUG was also implemented, improving the contract development workflow for C# developers. Most notably, it can be used to temporarily disable the safe attribute on read-only methods, allowing for the use of Runtime.Log() during development without compromising release code.

Infrastructure and Tools Development

Highlights

AxLabs

Updated the neow3j SDK and devpack with the ability to transmit transactions that will FAULT and new helper methods for the storage and storage map classes.

Neo SPCC 

Completed a new batch of NeoGo enhancements and updated NeoFS with a new Object tree service to improve performance under high load.

NGD Enterprise

Prepared a new batch of Neo Blockchain Toolkit improvements following Neo core v3.3.0 changes and continued development of its TypeScript contract compiler. 

NEXT

Overhauled the NeoLine Chrome extension wallet with UI/UX improvements, Ledger hardware wallet support, and the ability to use it with custom Neo networks/RPC servers.

Red4Sec

Reviewed proposed fixes following audits of Flamingo, GrantShares, and Payproxy in addition to two high vulnerabilities in the Neo core.

Node

NeoGo by Neo SPCC (https://github.com/nspcc-dev/neo-go)

Neo SPCC completed its usual mountain of NeoGo updates this month. As in past months, changes were split between protocol changes in the reference implementation and Go node-specific optimizations and bug fixes.

Tracking the core and its recent v3.3.0 release, the team implemented all adjustments required to maintain full C# compatibility. These included bytearray comparable limits, immutable stack items, and new opcodes in the VM, as well as hard fork support and various refactorings/DOS mitigations. 

A long list of NeoGo-specific updates were implemented in May. Examples include oracle system redirect improvements, state incompatibilities, password handling with tty, fixes for reference counter issues and the Rules witness scope, and various enhancements to the RPC package.

The team also enhanced its documentation and code comments with a thorough grammatical review. Almost 300 files received improvements, cementing NeoGo as one of the most thoroughly documented projects in the ecosystem.

SDK

neow3j by AxLabs (https://github.com/neow3j/neow3j)

Axlabs released v3.17.1 of neow3j in May, a minor update that brought changes to the SDK and devpack. In the former, the release made a change that allows transactions to be built that will end in a FAULT state in NeoVM. Originally only transactions that executed successfully could be transmitted; a new option will allow faulted transactions to proceed for the purposes of contract testing. 

In the devpack, new convenience methods were added to make it easy to retrieve Hash160 and Hash256 from the Storage and StorageMap classes without the need for manual instantiation.

Smart Contract & dApp framework

Neo Blockchain Toolkit by NGD Enterprise (https://marketplace.visualstudio.com/items?itemName=ngd-seattle.neo-blockchain-toolkit)

The Neo Blockchain Toolkit received a number of changes following Neo core v3.3 updates. Pre-releases were published and are undergoing testing, pending plugin updates required before the final release. The Storage schema design that was previewed by the team last month also received changes following developer feedback and review.

The team also continued its endeavor to develop a new smart contract compiler for TypeScript, currently in the early stages of development. Once complete, the language will become the fifth supported Neo N3 smart contract language, presenting a major onboarding opportunity for traditional (particularly web) developers to blockchain.

Wallet

NeoLine by NEXT (https://neoline.io/en/)

Major enhancements were completed for the NeoLine Chrome extension wallet in May. Support for Ledger hardware wallet devices, custom networks and RPC servers, and UX improvements such as wallet searching and an active wallet indicator. NEXT also redesigned the UI for its wallet details page, rewriting the underlying logic to account for the new features and improving overhaul design.

NeoFS

NeoFS by Neo SPCC (https://fs.neo.org/)

Through May, NeoFS development centered on performance and maintainability improvements. The most significant change came in the form of the Object tree service, handling access control, replication, and bringing with it a number of optimizations. A CLI refactoring, SDK update, and API improvements were also implemented in the NeoFS core.

The NeoFS services were also adjusted to adopt the tree service, improving the performance in the S3 gateway under high load. The team also prepared for the public release of the NeoFS CDN service, and created a universal load testing tool for benchmarking S3 compatible solutions.

Audit

Auditing by Red4Sec (https://red4sec.com/en)

Red4Sec continued its auditing of ecosystem projects in May, including review of fixes and final delivery of the GrantShares smart contracts, pull request reviews for PayProxy, and a new issue detected in the FlamingoSwapPair project. An audit was also scheduled in June for Saffron Finance for June, and two vulnerabilities were found and reported in the core Neo platform.