EVM Puzzles Challenge 1 · A Sphynx Cat's Blog

Setting up the environment:

First things first, clone the EVM puzzles repo. This contains all of the challenges we’ll be going through to improve our understanding of EVM byetecode.
Get familiar with the tools we’ll be using by reading through the hardhat docs and playing around with evm.codes
Optional: Read and walkthrough 1st portion of noxx’s EVM series

Challenge:

Our first challenge is located in /puzzles/puzzle_1.json. Challenge 1 contains the following:

{
  "code": "3456FDFDFDFDFDFD5B00",
  "askForValue": true,
  "askForData": false
}

Hint 1:

The "code" section contains EVM bytecode. 
Try converting that to opcodes.

(one way is to drop the bytecode into evm.codes)

Hint 2:

The corresponding EVM opcodes are:

CALLVALUE	
JUMP	
REVERT	
REVERT	
REVERT	
REVERT	
REVERT	
REVERT	
JUMPDEST	
STOP

The goal of this challenge is to not cause a revert.

Hint 3:

CALLVALUE takes the value of the current call in wei
and places it on top of the stack. 
JUMP takes the value on the top of the stack and moves
the program counter to the offset of that value.


How can we JUMP over the 6 REVERT 
opcodes and land on the JUMPDEST?

Hint 4:

Each of the opcodes are 1 byte in size

Hint 5:

CALLVALUE //Offset 0	
JUMP	  //Offset 1
REVERT    //Offset 2	
REVERT    //Offset 3	
REVERT    //Offset 4	
REVERT    //Offset 5	
REVERT    //Offset 6	
REVERT    //Offset 7	
JUMPDEST  //Offset 8
STOP

Solution:

To solve this level, we just need to pass in a value of 8 
wei, so that CALLVALUE places 8 on the top of the stack 
and JUMP performs a valid jump over the REVERT calls to JUMPDEST.

Setting up the environment:

Challenge:

Related Posts

More EVM Puzzles Part 2 22 Sep 2022

More EVM Puzzles Part 1 20 Sep 2022

Paradigm CTF 2021: bouncer 07 Aug 2022