Ethereum vs Solana: Devs and Programming Language

You are reading an excerpt from our free but shortened abridged report! While still packed with incredible research and data, for just $40/month you can upgrade to our FULL library of 60+ reports (including this one) and complete industry-leading analysis on the top crypto assets. 


Becoming a Premium member means enjoying all the perks of a Basic membership PLUS:

  • Full-length CORE Reports: More technical, in-depth research, actionable insights, and potential market alpha for serious crypto users
  • Early access to future CORE ratings: Being early is sometimes just as important as being right!
  • Premium Member CORE+ Reports: Coverage on the top issues pertaining to crypto users like bridge security, layer two solutions, DeFi plays, and more
  • CORE report Audio playback: Don’t want to read? No problem! Listen on the go.




Solidity was crafted with a vision to bridge the gap between traditional programming paradigms and the nascent realm of blockchain. The design of Solidity was influenced by ECMAScript (JavaScript), allowing developers to transition with relative ease. Solidity thrives on static typing, demanding explicit declaration of variable types, a departure from contemporary languages. This nuance enables early error detection at the compile-time, bolstering code integrity, but as we have seen with billions of dollars of DeFi hacks, this alone has not been enough to foster a secure Web3 experience.

Central to Solidity's ideology is the concept of 'contracts.' In the Solidity domain, this term, reminiscent of age-old legal documents, refers to structured blocks of code. These blocks range from simple constructs, like tokens, to more elaborate structures characteristic of extensive decentralized applications. Solidity also refines the developer experience by introducing mechanisms such as code inheritance. This feature enables foundational contracts to grow organically, extending their functionalities through derivative contracts.

Though Solidity is not without its challenges, its syntactic resemblance to JavaScript has allowed new developers to familiarize themselves with the language easily, and whilst it may be easy to build an initial smart contract, JavaScript was not designed for the safe handling financial applications handling billions of dollars, resulting in Solidity being difficult to build complex and secure applications in. 

As an illustration of its dominance, Solidity has carved itself a niche, becoming the primary language for scripting smart contracts. Its open-source nature on Ethereum equips developers to build atop these contracts, evolving them into entirely distinct decentralized applications. Statistics indicate that contracts written in Solidity govern over 90% of DeFi's Total Value Locked (TVL).

The Ethereum ecosystem's depth extends beyond Solidity. It has been the genesis for several globally recognized standards, including:

  • ERC20/ERC721: Ethereum's token benchmarks
  • Ethereum's JSON-RPC Client API: A blueprint for communicating seamlessly with Ethereum nodes
  • Ethers.js: A foundational web library tailored for Ethereum
  • Pioneering Cryptographic Practices: including the Keccak256 hash algorithm and ECDSA signatures applied over Secp256k1

While it's feasible to architect an EVM-compatible chain devoid of these standards, adherence amplifies developmental efficacy and user experience. This standardization fosters composability, equipping developers to leverage various benefits. 

Examples include Ethereum's Social Graph, which facilitates shared metadata across EVM chains, and interoperability elements, such as cross-chain governance. Furthermore, toolkits like OpenZeppelin, Hardhat, and Foundry, along with infrastructural tools such as Gnosis Safe, WalletConnect, Zerion, Metamask, and Etherscan, have cemented Ethereum's reputation, with 8 out of the top 20 blockchain ecosystems rooted in EVM.

Utility in the Ethereum Ecosystem

Thanks to Solidity’s “first-mover advantage” compared to newer chains, it has developed certain advantages and offers more developer support tools than other blockchains. Backed by a reservoir of comprehensive documentation and the industry’s largest developer community, Solidity is the current de facto smart contracting language. Tools like Remix, an online integrated development environment, and Truffle, offering frameworks to further ease the Solidity development lifecycle have become staples in the developer tool kit. Furthermore, Ethereum's growing prominence paved the way for a deluge of educational content centered on Solidity, creating a positive feedback loop for the developer community.


However, amid its accolades, Solidity faces its own set of tribulations. Despite its widespread adoption, Solidity has been marred by security breaches, with the infamous DAO attack of 2016 serving as a stark reminder. Although the entire space (and code) has come a long way since then, the DeFi sector within the EVM ecosystem continues to witness reentrancy attacks. In fact, re-entrancy is a core enabling feature that many EVM dApps require to work, so re-entrancy exploits will continue to occur. These persistent threats underscore the vulnerabilities that lurk within Solidity and the EVM. 

The root cause of these issues stems from the platform’s lack of asset standardization and guarantee on how tokens and NFTs behave and the complexity thrust upon developers to learn the specifics of how Solidity and the EVM work. EVM developers are required to build much of this complexity themselves from scratch as they can’t re-use common logic, and thus, even the slightest mistake made can have disastrous results.

The result is that to build a complex and secure dApp, Solidity often presents a steep learning curve, with the need to build things like permissions to each smart contract from scratch - coding which addresses have access to which methods directly within the smart contract. Lastly, while the mathematical veracity of contracts is paramount, Solidity's innate toolset falls short in offering rigorous formal verification, though external tools have emerged to bridge this gap.

Solidity will continue to see many developers flock to it despite these issues due to the EVM’s dominance, but more robust programming environments are needed if Web3 and DeFi are to gain the trust of mainstream users and institutions for their day-to-day transactions.


Rust Language on Solana

Rust has captured significant attention within the developer community for its blend of performance, concurrency, and safety. Originating from Mozilla, it was designed to deliver software that is not only fast but also immune to a vast array of bugs that plague other languages. Rust's ownership system, along with its borrow checker, ensures memory safety without necessitating a garbage collector. This results in an inherently safer language while still achieving the performance of languages like C and C++.

Solana has charted a distinct trajectory, unlike Ethereum and other blockchain platforms that have coalesced around the Ethereum Virtual Machine (EVM) and its associated languages. Eschewing EVM compatibility, Solana harnesses the Low-Level Virtual Machine (LLVM). The LLVM, a pivotal innovation in the programming world, is a collection of modular and reusable compiler and toolchain technologies. It acts as an intermediate representation, bridging the gap between high-level code and machine code, allowing for optimal performance across various hardware architectures.

Rust plays a pivotal role in Solana's architecture. Instead of conventional "smart contracts," Solana employs the concept of "programs." These programs, the equivalents of Ethereum's smart contracts, are predominantly written in Rust, though C and C++ are also supported. 

Solana's choice to utilize Rust as its primary programming language is deeply rooted in its overarching objectives and the distinct advantages that Rust brings to the table. One of the most compelling attributes of Rust is its prowess in performance and concurrency. The language is engineered with efficient memory management and zero-cost abstractions, ensuring that any code executed is optimized for speed. This complements Solana's emphasis on scalability, a vital attribute in the blockchain sphere, where transaction speed and throughput are paramount.

Rust, by nature, presents a steeper learning curve compared to some of its counterparts, like Solidity. This complexity is a sieve, naturally appealing to more experienced and professional developers. Solana Labs has been transparent about its intention here: cultivating an ecosystem enriched by innovative, high-quality projects. This strategy is in stark contrast to other platforms that sometimes grapple with a deluge of derivative projects.

However, Rust on Solana, like Ethereum, does not provide developers with many native tools to reduce hacks and exploits and, as a result, improve developer productivity. Tokens on Solana are still smart contracts, which can have mistakes and thus result in users’ loss of funds. Solana still relies on re-entrancy, which introduces vulnerabilities.

Like Ethereum, much of the logic around how assets behave and how transactions get accounted for is still built by each smart contract developer, meaning that Solana developers are still required to spend significant amounts of time validating that their contracts are correctly implemented and do not open up security vulnerabilities.

Case in point, the root cause behind the $48m Cashio hack on Solana was because a smart contract was fooled into believing that a fake asset had been deposited. 


Enjoyed this article? Stay informed by joining our newsletter!


You must be logged in to post a comment.

About Author owner