EVM Puzzle 4 solution
This is Part 4 of the “Let’s play EVM Puzzles” series, where I will explain how to solve each puzzle challenge.
EVM Puzzles is a project developed by Franco Victorio (@fvictorio_nan) that a perfect fit if you are in the process of learning how the Ethereum EVM works and you want to apply some of the knowledge you have just acquired.
EVM Puzzle 4
00 34 CALLVALUE
01 38 CODESIZE
02 18 XOR
03 56 JUMP
04 FD REVERT
05 FD REVERT
06 FD REVERT
07 FD REVERT
08 FD REVERT
09 FD REVERT
0A 5B JUMPDEST
0B 00 STOP
Similar to the previous challenges, we need to find the correct
CALLVALUE value to pass to the contract to make the
JUMP jump to the valid
JUMPDEST opcode at the instruction 10 (
0A in hex)
Let's review each opcode before the
CALLVALUEpush in the stack the
weipassed along the transaction
CODESIZE: push in the stack the byte size of the contract's code
- XOR: pop the first and second element from the stack and perform the bitwise XOR operation between them. The result will be pushed back to the stack.
Remember that the Stack is a LIFO queue, so when the
XOR will be applied it would be like this:
The first valid
JUMPDEST operation is at position 10 so
XOR(CODESIZE, CALLVALUE) == 10.
In our case,
CODESIZE is 12 bytes, so we know that
XOR(12, CALLVALUE) must equal to 10.
The correct value of
CALLVALUE will be 6!
Here's the link to the solution of Puzzle 4 on EVM Codes website to simulate it.