mcfx's blog


"Minimal" Arbitrary Proxy

Update: you can use CALLDATALOAD instead of CALLDATACOPY and MLOAD, I forgot about that.

Inspired by, we can build a similar one, but allows arbitrary delegatecall target.

In order to save gas, we only store the target address in input data (which we can deploy one for each airdrop target), don't allow call data for the delegatecall, and ignore the return value.

Here's the main code:

Code Instruction Stack Memory / Comments
363d3d37 Similar to part 1 in the link above - [0, cds] = calldata (target addr)
3d3d3d3d3d RETURNDATASIZE * 5 0 0 0 0 0 [0, cds] = addr
51 MLOAD addr 0 0 0 0 (no longer used)
5a GAS gas addr 0 0 0 0
32 ORIGIN origin ...
73 origin PUSH20 allowed origin allowed origin ...
18 XOR [zero if allowed] ...
3d RETURNDATASIZE 0 [zero if allowed] ...
57 JUMPI gas addr 0 0 0 0 If the origin is not allowed, it will jump to zero, which is not a valid jump destination
3d3d RETURNDATASIZE 0 0 success The call target should make rds=0
f3 RETURN success

Then the runtime code is:


We can also make a call in the creation code. The analysis is similar, and omitted. Here is the final code:

[first delegatecall target]

日期: 2022-10-11

标签: Blockchain