EVM Puzzles Challenge 2 · A Sphynx Cat's Blog

Challenge:

Our second challenge is located in /puzzles/puzzle_2.json. Challenge 2 contains the following:

{
  "code": "34380356FDFD5B00FDFD",
  "askForValue": true,
  "askForData": false
}

Hint 1:

The corresponding EVM opcodes are:

CALLVALUE	
CODESIZE	
SUB	
JUMP	
REVERT	
REVERT	
JUMPDEST	
STOP	
REVERT	
REVERT

Hint 2:

CALLVALUE takes the value of the current call in wei
and places it on top of the stack. 
CODESIZE takes the size of the code 
and places it on the top of the stack.
SUB subtracts the second value on the stack
from the value on the top of the stack.


How can we JUMP over the 2 REVERT 
opcodes and land on the JUMPDEST?

Hint 3:

The CODESIZE is 10 or a in Hex


1  2  3  4  5  6  7  8  9  a
34 38 03 56 FD FD 5B 00 FD FD

Hint 4:

CALLVALUE   //Offset 0
CODESIZE    //Offset 1
SUB         //Offset 2
JUMP	    //Offset 3
REVERT	    //Offset 4
REVERT	    //Offset 5
JUMPDEST    //Offset 6
STOP	    //Offset 7
REVERT	    //Offset 8
REVERT      //Offset 9

Solution:

To solve this level, we just need to pass in a value of 4 
wei. This way CALLVALUE places 4 on the top of the stack.
CODESIZE will then push 'a' to the top of the stack. 
SUB will subtract 4 from 'a' and push 6 to the top of the stack 
and JUMP performs a valid jump over the REVERT calls to JUMPDEST.

Challenge:

Related Posts

More EVM Puzzles Part 2 22 Sep 2022

More EVM Puzzles Part 1 20 Sep 2022

Paradigm CTF 2021: bouncer 07 Aug 2022