Free 30-min Web3 Consultation
Book Consultation
Smart Contract Security Audits
View Audit Services
Custom DeFi Protocol Development
Explore DeFi
Full-Stack Web3 dApp Development
View App Services
Free 30-min Web3 Consultation
Book Consultation
Smart Contract Security Audits
View Audit Services
Custom DeFi Protocol Development
Explore DeFi
Full-Stack Web3 dApp Development
View App Services
Free 30-min Web3 Consultation
Book Consultation
Smart Contract Security Audits
View Audit Services
Custom DeFi Protocol Development
Explore DeFi
Full-Stack Web3 dApp Development
View App Services
Free 30-min Web3 Consultation
Book Consultation
Smart Contract Security Audits
View Audit Services
Custom DeFi Protocol Development
Explore DeFi
Full-Stack Web3 dApp Development
View App Services
LABS
Glossary

Calldata

Calldata is the immutable input data field of a blockchain transaction, containing the function signature and arguments for a smart contract call.
Chainscore © 2026
definition
BLOCKCHAIN GLOSSARY

What is Calldata?

A precise definition of calldata, the mechanism for passing data into smart contract functions on the Ethereum Virtual Machine.

Calldata is a read-only, non-persistent data area in the Ethereum Virtual Machine (EVM) that contains the arguments passed to a smart contract function during an external call or transaction. It is a crucial component of the EVM execution context, acting as the primary input channel for function parameters and the function selector itself. Unlike contract storage, data in calldata is immutable for the duration of the call and is not stored on-chain after execution, making it a gas-efficient location for passing large amounts of data.

The structure of calldata is a tightly packed byte array. The first four bytes are the function selector, a hash of the function's signature used to identify which contract function to execute. The remaining bytes contain the ABI-encoded arguments for that function. This encoding follows the Ethereum Application Binary Interface (ABI) specification, which defines how to serialize and deserialize data for machine consumption. Developers interact with calldata using Solidity's calldata keyword for function parameters, which ensures the data is read from this specific memory region.

Using calldata for function parameters is a key gas optimization strategy. Reading from calldata is cheaper than reading from memory or copying data into memory. Therefore, for external functions where arguments are provided by the caller, parameters should be declared as calldata when they are only read and not modified. For example, a function signature like function processData(bytes calldata _data) external is more gas-efficient than using bytes memory _data if the data is not altered within the function.

Calldata is distinct from other data locations in Solidity: storage (persistent on-chain), memory (mutable, temporary), and stack (for small local variables). It is the origin point for transaction input data, visible in explorers as the input field of a transaction. While primarily for external calls, internal function calls can also use calldata parameters for consistency and efficiency. Understanding its role is essential for writing secure, efficient smart contracts and analyzing transaction data on-chain.

key-features
BLOCKCHAIN DATA LAYER

Key Features of Calldata

Calldata is the primary mechanism for passing information into a smart contract function call on the Ethereum Virtual Machine (EVM). It is a read-only, non-persistent data area that defines what the contract should execute.

01

Function Selector & Arguments

The first 4 bytes of calldata are the function selector, a hash of the function signature (e.g., transfer(address,uint256)). The remaining bytes are the ABI-encoded arguments. This structure tells the EVM exactly which function to execute and with what data.

  • Example: Calling transfer(0xabc..., 100) encodes the recipient address and amount after the selector.
02

Read-Only & Non-Persistent

Calldata is a read-only input area. A contract can read from it but cannot write to it. It is also non-persistent; it exists only for the duration of the external call and is not stored on-chain after execution. This makes it gas-efficient for passing data that doesn't need permanent storage.

03

Gas Cost Implications (Pre-EIP-4844)

Historically, calldata was expensive, costing 16 gas per zero byte and 68 gas per non-zero byte. This encouraged data compression techniques (using more zero bytes) and was a major cost driver for layer-2 rollups, which post transaction data as calldata to Ethereum.

04

The Blob Gas Revolution (Post-EIP-4844)

With EIP-4844 (Proto-Danksharding), rollups can post data in blobs, which are large, temporary data packets stored separately from main execution. Blob data is priced via a separate blob gas market, drastically reducing the cost of data availability for L2s compared to using legacy calldata.

05

`calldata` vs. `memory` vs. `storage`

In Solidity, these keywords specify data location and mutability:

  • calldata: Read-only, external function parameters.
  • memory: Mutable, temporary data within a function call.
  • storage: Persistent, mutable data written to the blockchain state. Using calldata for reference types (like arrays) in external functions is the most gas-efficient.
06

Essential for Contract Interactions

Every interaction with a contract's external function requires calldata. This includes:

  • Direct user transactions from an Externally Owned Account (EOA).
  • Cross-contract calls via delegatecall, staticcall, or call.
  • The foundational data for off-chain simulations and transaction decoding by block explorers and wallets.
how-it-works
BLOCKCHAIN DATA PRIMER

How Calldata Works

A technical breakdown of calldata, the immutable input data for smart contract functions, explaining its structure, purpose, and role in transaction execution and gas economics.

Calldata is the immutable, read-only input data passed to a smart contract during a transaction or message call, encoded according to the Ethereum Application Binary Interface (ABI). It is a key-value store containing the function signature and its arguments, which the Ethereum Virtual Machine (EVM) uses to execute the correct contract logic. Unlike contract storage, calldata is not persistent on-chain after execution but is permanently recorded as part of the transaction, making it a critical component for verifying transaction intent and enabling trustless interactions.

The structure of calldata is defined by a strict encoding scheme. The first four bytes are a function selector, a hash of the function's name and parameter types that uniquely identifies which function to execute. The remaining bytes contain the ABI-encoded arguments for that function. This binary format is highly efficient for the EVM to parse. When a contract is called, the EVM loads this data into memory, allowing the executing code to reference specific arguments using offsets like calldataload and calldatasize opcodes.

From a gas economics perspective, calldata is unique. On Ethereum, using calldata for non-zero bytes is expensive, but zero bytes are significantly cheaper, incentivizing efficient data packing. For Layer 2 solutions like Optimistic Rollups and zk-Rollups, calldata is often published to Ethereum Mainnet as the primary data availability layer, making its cost a major scaling consideration. This has led to compression techniques and alternative data availability solutions to reduce fees while maintaining security guarantees.

A common practical example is a token transfer. A call to a standard ERC-20 transfer(address to, uint256 amount) function generates calldata starting with the selector for transfer (e.g., 0xa9059cbb), followed by the 32-byte padded to address and the 32-byte padded amount. This exact byte sequence is what validators execute and what appears in transaction receipts, providing a verifiable record of the action initiated by the user.

code-example
CODE EXAMPLE

Calldata

A practical illustration of how calldata is structured and used in a smart contract interaction.

In an Ethereum Virtual Machine (EVM) transaction, calldata is the immutable, non-persistent input data passed to a smart contract function. It is a byte array located at a specific memory offset, accessible via the msg.data global variable. For example, a function call to transfer tokens, transfer(address recipient, uint256 amount), encodes the function selector and arguments into a raw hexadecimal string that constitutes the transaction's calldata. This data is read by the contract's bytecode to execute the intended logic.

The structure of calldata is critical for function dispatch. The first four bytes are the function selector, a hash of the function signature (e.g., keccak256("transfer(address,uint256)")). Subsequent bytes are the ABI-encoded arguments. In Solidity, you can declare function parameters with the calldata data location, which is gas-efficient for external functions as it prevents unnecessary copying to memory. For instance: function processData(bytes calldata _input) external { ... }. This tells the compiler the _input argument is read directly from the transaction's calldata.

Using calldata is a key optimization. Reading from calldata is cheaper than reading from memory or storage. It is also non-modifiable, enforcing data integrity for the call's duration. A common pattern is to use calldata for arrays and structs in external functions to minimize gas costs. However, calldata cannot be used for internal function calls or for variables that need to be modified; for those, you must copy the data into memory. Understanding this distinction is essential for writing gas-efficient smart contracts.

To inspect calldata in practice, consider a transaction on Etherscan. The 'Input Data' field shows the raw calldata. Decoding it reveals the function called and its arguments. Developers use tools like the Solidity ABI encoder/decoder or libraries such as ethers.js to programmatically encode function calls into the proper calldata format before submitting a transaction. This encoding ensures the contract interpreter can correctly parse and execute the request, making calldata the fundamental carrier of intent in EVM-based blockchain interactions.

ecosystem-usage
CALLDATA

Ecosystem Usage

Calldata is the primary mechanism for passing input data to smart contracts on Ethereum and EVM-compatible chains. Its usage is critical for transaction efficiency, cost, and data availability.

01

Smart Contract Function Execution

Calldata is the encoded input data sent with a transaction to specify which smart contract function to call and with what arguments. It is immutable and read-only for the contract. The first 4 bytes are the function selector, a hash of the function signature, followed by the ABI-encoded arguments.

02

Cost Optimization (EIP-4844 & Blobs)

With EIP-4844 (Proto-Danksharding), large data batches can be posted as blob-carrying transactions. This blob data is a new, low-cost location for data that was previously forced into expensive calldata, significantly reducing fees for Layer 2 rollups and other data-heavy applications.

03

Layer 2 Rollup Data Availability

Optimistic Rollups and ZK-Rollups publish transaction data, including user calldata, to Ethereum Mainnet to guarantee data availability. This allows anyone to reconstruct the rollup state and verify correctness or challenge fraud. The shift to blobs is a major scaling upgrade for this model.

04

Contract Deployment (Constructor Args)

When deploying a contract using CREATE or CREATE2, the contract creation transaction includes the initcode. Any constructor arguments are appended to this initcode as calldata, which the EVM passes to the constructor during the deployment process.

05

Static Calls & Gas Estimation

STATICCALL opcode and read-only RPC methods like eth_call use calldata to execute a function without modifying state. This is essential for gas estimation (eth_estimateGas), simulating transactions, and querying contract view/pure functions from wallets and dApp interfaces.

06

Event & Log Topic Filtering

While event data is stored in logs, not calldata, the principles of ABI encoding are similar. Indexed event parameters are stored as topics in the log, which are efficiently searchable by clients, analogous to how function selectors allow the EVM to route calldata to the correct function logic.

security-considerations
CALLDATA

Security Considerations

Calldata is the primary method for passing arguments to smart contract functions, but its use requires careful security analysis to prevent vulnerabilities.

01

Input Validation & Sanitization

Calldata is untrusted external input and must be rigorously validated. Failing to check for valid ranges, lengths, or expected formats can lead to critical vulnerabilities.

  • Integer Over/Underflows: Validate arithmetic operations on user-supplied numbers.
  • Array Bounds: Ensure array indices provided in calldata are within bounds.
  • Address Validity: Check that address parameters are not zero-address.
  • Signature Replay: For signed calldata, include nonces and chain IDs to prevent replay attacks.
02

Gas Optimization & Denial-of-Service

The gas cost of processing calldata can be exploited. While calldata is cheaper than storage, complex or unbounded data structures can make function calls prohibitively expensive or cause them to run out of gas.

  • Unbounded Arrays: Looping over user-provided arrays can exhaust gas limits.
  • External Calls: Calldata containing addresses for low-level call or delegatecall must be validated to prevent gas griefing or reentrancy.
  • Calldata vs. Memory: Understanding the cost difference is crucial for functions that may be called in loops or by other contracts.
03

Function Selector Clashing

The first 4 bytes of calldata are the function selector, a hash of the function signature. Malicious actors can craft calldata to call unexpected functions.

  • Collisions: Short or common function signatures increase collision risk.
  • Fallback/Receive: Unintended calldata can trigger the fallback function.
  • Proxy Patterns: In upgradeable proxies, calldata is forwarded to the implementation; a clashing selector could bypass intended logic.
  • Mitigation: Use specific, longer function names and explicit visibility (public/external).
04

ABI Encoding/Decoding Risks

Calldata must conform to the Application Binary Interface (ABI) specification. Improper encoding or decoding can lead to misinterpretation of data and loss of funds.

  • Packed Encoding: Manually packed arguments in assembly bypass Solidity's checks, requiring extreme care.
  • Dynamic Types: Offsets for dynamic types (like bytes, string) must be correctly calculated.
  • Vulnerable Libraries: Bugs in ABI decoding libraries (e.g., in Vyper) have led to major exploits.
  • Signature Verification: ecrecover expects precisely formatted calldata; malformed data can return a valid-looking but incorrect address.
05

Visibility & Access Control

The external visibility keyword means a function can only be called via calldata. Misconfigured visibility or missing access controls on external functions is a common flaw.

  • Public vs. External: Marking a function public allows internal calls, which may be safe, but external forces calldata, which should have stricter checks.
  • Open Functions: Any external function without private/internal modifiers is part of the contract's attack surface.
  • tx.origin Reliance: Using tx.origin for authentication in calldata processing is dangerous and can be phished.
06

Calldata in Layer 2 & Rollups

In Optimistic Rollups and ZK-Rollups, calldata has a unique security role as the primary data posted to Layer 1 for verification.

  • Data Availability: The security of an L2 depends on calldata (transaction data) being available on L1 for fraud or validity proofs.
  • Compression: L2s often use compressed calldata; developers must ensure their contract logic handles this encoded data correctly.
  • Bridge Vulnerabilities: Cross-chain messages are often sent as calldata; validation failures on the receiving chain can lead to fund loss.
EXPLORE
SOLIDITY DATA LOCATIONS

Calldata vs. Storage vs. Memory

A comparison of the three primary data location types in Solidity, defining where and how data is stored and accessed during contract execution.

FeatureCalldataStorageMemory

Primary Location

Transaction data (external)

Blockchain state (persistent)

Temporary RAM (function scope)

Mutability

Persistence

Transaction lifespan

Permanent

Function call lifespan

Gas Cost (Read)

Lowest

High (SLOAD)

Low

Gas Cost (Write)

N/A (immutable)

Highest (SSTORE)

Low (MSTORE)

Typical Use Case

External function parameters, immutable data

Contract state variables

Temporary variables, function arguments

Lifetime

Duration of the external call

Lifetime of the contract

Duration of the function execution

Access Scope

Read-only within function

Read/write across functions

Read/write within function

CALLDATA

Common Misconceptions

Clarifying widespread misunderstandings about calldata, a fundamental concept for Ethereum smart contract execution and gas cost optimization.

No, calldata and memory are distinct data location types in Solidity with different properties and costs. Calldata is a non-modifiable, read-only region containing the arguments passed to a function, and it is cheaper to read from than memory for external function calls. Memory is a modifiable, temporary data area that is more expensive to use. Using calldata for array and struct parameters in external functions is a key gas optimization technique, as it avoids an expensive copy operation into memory.

Key Differences:

  • Mutability: Calldata is immutable; memory is mutable.
  • Cost: Reading arguments directly from calldata is cheaper.
  • Usage: calldata is only valid for parameters of external functions; memory is used for internal functions and temporary variables.
CALDATA

Technical Details

Calldata is a critical, non-persistent data location in the Ethereum Virtual Machine (EVM) used for function calls and transaction input. It is the primary mechanism for passing immutable arguments to smart contracts and is a key factor in transaction cost calculation.

Calldata is a read-only, byte-addressable data area in the Ethereum Virtual Machine (EVM) that contains the input arguments for a function call or transaction. When a transaction is sent to a smart contract, the function selector and its encoded parameters are placed into calldata. The EVM then loads and decodes this data to execute the intended contract function. It is non-persistent, meaning it exists only for the duration of the transaction's execution and is not stored on-chain after completion. Accessing calldata is cheaper than accessing storage or memory, making it the preferred location for function input parameters.

CALLDATA

Frequently Asked Questions

Common questions about calldata, the mechanism for sending immutable data to smart contracts on the Ethereum Virtual Machine.

Calldata is a special, read-only data area in the Ethereum Virtual Machine (EVM) that contains the immutable arguments passed to a smart contract during a transaction or message call. It is the primary mechanism for sending input data to a contract's functions. When you call a function like transfer(address to, uint256 amount), the encoded function selector and its arguments (to and amount) are placed in the transaction's calldata. This data is persistent on-chain as part of the transaction but is distinct from contract storage, making it a gas-efficient location for data that does not need to be modified after the transaction executes.

ENQUIRY

Get In Touch
today.

Our experts will offer a free quote and a 30min call to discuss your project.

NDA Protected
24h Response
Directly to Engineering Team
10+
Protocols Shipped
$20M+
TVL Overall
NDA Protected Directly to Engineering Team