# Secureum SOL 101 & 201 notes

By [0xQTPie](https://paragraph.com/@0xqtpie) · 2023-01-29

---

### Pragmas

keyword that enables certain compiler feature or checks

*   compiler version (pragma solidity ^0.8.0;)
    
*   ABI Version (pragma abicoder v2;)
    
*   experimental versions (pragma experimental smtchecker;)
    

### variables n such

can be accessed by all functions of the contract and whose values are permanently stored on the blockchain. vs global vars like block timestamp, etc. Visibility:

*   public - part of contract interface and can be either accessed internally or via messages/calls
    
*   internal - accessed internally from within contract or derived contracts
    
*   private (still visible to 'humans') - accessed from the contract they are defined in and not even in derived contracts!
    
*   also that local variables are ephemeral
    

![](https://storage.googleapis.com/papyrus_images/425b5955baf9271af53fe6a32672381c041364b94ecf7c007ca279db60ac1444.png)

\*

*   Immutable & const state vars are lighter on gas when functions call this state variable
    
    *   const var: the expression assigned to it is copied to all places where it is accessed and re-evaluated each time
        
    *   immutable vars are evaluated once at construction time and their value is copied to all the places in the code where they are accessed
        
        *   for these copied values, 32 bytes are reserved even if they would fit in fewer bytes, so const var can be lighter on gas than immut var
            

### Functions

walking through a function

![](https://storage.googleapis.com/papyrus_images/452f6826c318745c7d106dea84ecab9dc0e4ae20e155eff0574b3bdb57d2bde3.png)

function returning with a named param vs just a type

*   when specifying named of returned param you don't need to explicitly return
    

Modifiers - use to change behavior of a func. can use to auto check a condition prior to execution (onlyOwner is a common one for example). Great way to reuse assertions

*   underscore + ; tells solidity compiler to put the body of the modified function here (kind of like a template literal/string lol). so this is always found after the modifier's conditional checks/assertions
    
*   a classic\`\`\`
    

    modifier onlyOwner() { 
        require(msg.sender == owner, "Not owner"); 
        _; 
    }
    

function visibility

*   public
    
    *   part of contract interf. can be called internally or via messages
        
*   external
    
    *   part of contract interf. can be called from other contracts and via txs. external func cannot be called internally (f() doesn't work, but this.f() will)
        
*   internal
    
    *   can only be accessed from within current contract or derived contracts
        
*   private
    
    *   can only be accessed from within current contract (no derived)
        

Pure vs view vs default

*   func is default if it modifies or reads state vars
    
*   view is read only (global or state) does not modify state
    
*   pure doesn't read or modify state vars, it only works with local state and/or params
    

Override vs virtual: A function that allows an inheriting contract to override its behavior will be marked as `virtual`. The function that overrides that base function should be marked as `override`.

### access control & authorization

*   most basic version of this === OZ ownable contracts/onlyOwner modifier
    
*   more adv access control via roles initialized in constructor (RBAC) offered by OZ
    
*   DSRole similar but based on lookup tables
    
*   DSAUTH auth modifier triggers the internal isAuthorized function to require that the msg.sender is authed
    
*   DSGuard maintains an ACL that acts as the authority for dsauth

---

*Originally published on [0xQTPie](https://paragraph.com/@0xqtpie/secureum-sol-101-201-notes)*