SSTORE2 (EIP-3540) is a smart contract library that allows developers to store arbitrary data on-chain in a highly gas-efficient manner. Instead of using the standard SSTORE opcode to write data directly to a contract's storage slots, SSTORE2 stores the data as a single, immutable blob and returns a pointer to its location. This pointer is the keccak256 hash of the data, which can be used to retrieve it later. This method is particularly efficient for storing data that is written once and read many times, as the write cost is amortized over all future reads, which become significantly cheaper than reading from traditional contract storage.
LABS
Glossary
SSTORE2 / SSTORE3
SSTORE2 and SSTORE3 are gas-optimized smart contract patterns for storing and retrieving large, immutable data chunks on-chain by deploying minimal data contracts via CREATE2.
Chainscore © 2026
definition
SMART CONTRACT STORAGE OPTIMIZATION
What is SSTORE2 / SSTORE3?
SSTORE2 and SSTORE3 are Ethereum Improvement Proposals (EIPs) designed to optimize on-chain data storage by enabling the immutable, gas-efficient storage of large data blobs, such as contract bytecode or NFT metadata, via content-addressed pointers.
The primary use case for SSTORE2 is the on-chain storage of contract creation code or initialization bytecode. This enables the deployment of contracts using the CREATE2 opcode with deterministic addresses, where the runtime bytecode is stored separately via SSTORE2. It is also used for storing large, static datasets like NFT collection metadata, generative art scripts, or extensive configuration parameters. The pattern decouples expensive one-time storage costs from the contract's runtime logic, leading to substantial long-term gas savings for applications that frequently access this immutable data.
SSTORE3 (EIP-7496) is a proposed successor and extension of the SSTORE2 concept, aiming to further reduce gas costs and increase flexibility. While SSTORE2 stores data in the storage of a singleton factory contract, SSTORE3 proposes storing data directly within the contract code section itself, accessed via a new DATAHASH opcode. This approach leverages the fact that reading from code is cheaper than reading from storage. SSTORE3 would make the retrieval of stored data even more gas-efficient and could enable new patterns for on-chain libraries and modular smart contract systems by treating contract code as a generic data store.
etymology
STORAGE OPCODES
Etymology and Origin
The terms SSTORE2 and SSTORE3 derive from the original Ethereum Virtual Machine (EVM) opcode `SSTORE`, which is used to write persistent data to a smart contract's storage. These newer patterns represent a significant evolution in how data is stored on-chain, moving from direct contract storage to more efficient, pointer-based systems.
The SSTORE opcode, short for "Storage Store", is a fundamental EVM instruction that writes a 256-bit word to a contract's persistent key-value storage at a specified slot. It is notoriously gas-expensive, especially for initial writes (SSTORE from zero to non-zero) and for storing large amounts of data. The high cost stems from the requirement that every node in the Ethereum network must permanently replicate this data. The search for more economical storage methods directly led to the conceptual development of SSTORE2 and SSTORE3 as design patterns, not new opcodes.
SSTORE2 was pioneered as a community-driven standard to drastically reduce the cost of storing large, immutable data blobs (like contract bytecode or NFT metadata). Instead of using SSTORE repeatedly for each byte, SSTORE2 works by pushing the data into a separate contract creation transaction. The data becomes the runtime bytecode of a new, minimal contract. The original calling contract then stores only a pointer—the address of this newly created data contract—using a single, costly SSTORE. Subsequent reads are performed using the EXTCODECOPY opcode to retrieve the data from the code of the data contract, which is much cheaper than reading from storage.
SSTORE3, a further refinement, optimizes the pointer itself. While SSTORE2 uses a full 20-byte Ethereum address as a pointer, SSTORE3 leverages the fact that contract addresses are deterministically derived from the sender and a nonce. A common SSTORE3 implementation involves storing only a salt or a nonce (a much smaller 32-byte value) used in a CREATE2 operation. The actual data contract address can be recomputed on-chain using this salt and the factory contract's address. This can reduce the pointer storage cost by nearly 50%, as storing 32 bytes once is cheaper than storing 20 bytes.
The evolution from SSTORE to SSTORE2 and SSTORE3 highlights a core principle in blockchain optimization: trade computation for storage. The patterns accept the one-time cost of contract creation and the computational overhead of EXTCODECOPY or CREATE2 address derivation to achieve massive, recurring savings on storage gas. This makes them ideal for immutable data such as NFT art, document hashes, or configuration data that must be referenced frequently but never altered.
These patterns are not without trade-offs. Data stored via SSTORE2/SSTORE3 becomes truly immutable and cannot be altered by the parent contract, as it resides as code in a separate contract. Furthermore, access is slightly more complex and requires explicit logic for reading. Despite this, their adoption in gas-sensitive applications like on-chain generative art and efficient data layers demonstrates their practical utility, standing as a testament to developer ingenuity in working within the constraints of the EVM's economic model.
how-it-works
DATA STORAGE
How It Works: The Core Mechanism
SSTORE2 and SSTORE3 are Ethereum Improvement Proposals (EIPs) that define standardized, gas-efficient methods for storing immutable data on-chain, moving away from the expensive and state-bloating `SSTORE` opcode.
SSTORE2 (EIP-3448) is a meta-proposal that introduces a pattern for storing immutable data by deploying a contract whose creation code returns the data. Instead of writing data directly to storage, a contract is created with the data embedded in its initcode. The contract's address becomes a deterministic pointer to the data, which can be retrieved using the EXTCODECOPY opcode. This method is significantly cheaper for one-time storage as it avoids the high gas costs of SSTORE and reduces permanent state bloat, as contract code is stored differently in the Ethereum state trie.
SSTORE3 (EIP-7490) is a direct successor and improvement over SSTORE2. It proposes a new precompiled contract, DATASTORE, which provides a standardized, singleton interface for storing and retrieving immutable data blobs. Users call the precompile with their data, which returns a unique content identifier (a bytes32 pointer). This pointer can later be used with the same precompile to retrieve the original data. SSTORE3 offers several advantages over its predecessor: a unified contract address, reduced deployment overhead, and a simpler, more gas-efficient API for both storage and retrieval.
The core innovation of both standards is the shift from mutable contract storage to immutable contract code or a dedicated precompile for data. While SSTORE opcode writes are expensive because they modify the global state, storing data as code or via a precompile is a one-time cost with minimal ongoing state impact. This makes SSTORE2/SSTORE3 ideal for storing large, static assets like NFT metadata, contract configuration parameters, or script code for on-chain libraries, where the data does not need to be updated after creation.
From a developer's perspective, using SSTORE3 involves interacting with the precompile at a known address. To store data, you call DATASTORE.store(bytes memory data) and receive a bytes32 pointer. To read it, you call DATASTORE.read(bytes32 pointer). This abstracts away the complexity of contract creation and code hashing present in SSTORE2. The deterministic nature of the pointer—derived from the data's hash—ensures that the same data will always produce the same pointer, enabling efficient deduplication and content-addressable storage on-chain.
These mechanisms address critical pain points in Ethereum's economic model. By providing a low-cost alternative for immutable data, they enable new use cases that were previously prohibitively expensive, such as fully on-chain generative art, extensive on-chain documentation, or deploying large libraries of reusable code. As EIPs, their adoption requires network upgrades, but they represent a fundamental evolution in how developers conceptualize and pay for persistent data storage within the Ethereum ecosystem.
key-features
STORAGE OPTIMIZATION
Key Features and Characteristics
SSTORE2 and SSTORE3 are EVM opcode patterns designed to drastically reduce the cost of storing immutable data on-chain by separating the contract code from its data.
01
Immutable Data Storage
These patterns are designed exclusively for immutable data. Once written, the data cannot be modified, which is ideal for configuration data, NFT metadata URIs, or large datasets that are set at deployment and read many times. This immutability is the key trade-off that enables significant gas savings compared to traditional SSTORE.
02
Separation of Code and Data
The core innovation is decoupling the contract's executable logic from its data. Instead of storing data in the contract's own storage, a contract address is created that contains only the raw data bytes. The main contract then stores a pointer to this data contract, treating it as a read-only external data source. This is more gas-efficient than writing to the contract's own expensive storage slots.
03
Gas Efficiency via CREATE2
SSTORE3 leverages the CREATE2 opcode to deploy the data contract at a deterministic address computed from a salt and the data itself. This allows for:
- Gas-free reads: Knowing the salt, any contract can compute the data's address and read it without a state-changing transaction.
- Deduplication: Identical data deployed by different users will resolve to the same address, preventing redundant on-chain storage.
- No deployment needed for known data: If data already exists on-chain, it can be referenced immediately without paying to deploy it again.
04
Pointer-Based Architecture
The main contract does not store the data directly. Instead, it stores a compact pointer, which is often just a bytes32 salt used with CREATE2. To retrieve the data, the contract calls a static function (e.g., read) that uses the pointer to compute the data contract's address and perform a low-level EXTCODECOPY to return the raw bytes. This makes storage updates for the pointer itself very cheap.
05
Comparison: SSTORE2 vs. SSTORE3
While both optimize for immutable data, they use different underlying mechanisms:
- SSTORE2 (by 0xsequence): Uses the original
CREATEopcode. The data contract address is not predictable beforehand; the deployer must store the full address as the pointer. Less efficient for deduplication. - SSTORE3 (by Vectorized): Uses
CREATE2for deterministic addressing. The pointer is a salt, not a full address, enabling the advanced features of gas-free reads and automatic deduplication. It is generally considered the more optimized successor.
06
Primary Use Cases
These patterns are exceptionally useful for applications where large, fixed data is central:
- NFT Projects: Storing token metadata URIs or trait data for entire collections in a single, cheap transaction.
- DAO Configurations: Immutably storing governance parameters, proposal logic, or membership lists.
- On-Chain Art & Games: Storing the raw SVG code for generative art or level data for on-chain games.
- Contract Factories: Deploying multiple contract instances with identical initialization code or data.
code-example
STORAGE PATTERNS
Code Example: Conceptual Flow
This section illustrates the conceptual flow for storing and retrieving immutable data using the SSTORE2 and SSTORE3 patterns, contrasting them with traditional contract storage.
The core conceptual flow begins with a user or contract preparing a piece of immutable data, such as a large dataset or a contract's bytecode. In a traditional SSTORE operation, this data would be written directly to the contract's storage slots, incurring high gas costs proportional to the data size and making it permanently mutable. The SSTORE2 and SSTORE3 patterns fundamentally alter this flow by separating the data from the contract's primary storage logic.
Instead of storing the data itself, the flow involves first computing a cryptographic commitment to the data. For SSTORE2, this is the bytes32 keccak256 hash of the data. For SSTORE3, it is a contract address derived deterministically from a salt and the data's hash, which will later house the data. This commitment (a hash or a future address) is what is stored in the calling contract's storage using a single, relatively cheap SSTORE operation. The actual raw data is then stored elsewhere in a finalized transaction.
The retrieval flow reverses this process. To access the data, the contract reads the stored commitment. In SSTORE2, it uses this hash to locate the data within the historical transaction calldata via the pointer contract. In SSTORE3, it uses the pre-computed address to create a static call to the newly deployed data contract, which returns the data from its immutable constructor argument. This decouples the cost of frequent data reads (a cheap SLOAD and static call) from the expensive one-time cost of data writing.
A key conceptual difference in the flow is gas cost timing. With traditional storage, high costs are paid upfront and for every subsequent write. With SSTORE2/SSTORE3, the majority of the gas cost is paid during the initial data creation transaction (for the calldata or contract creation). The "owner" contract then holds only a minimal, persistent reference, optimizing the system for data that is written once and read many times, which is a common pattern for metadata, art assets, or library code.
ecosystem-usage
STORAGE OPTIMIZATION
Ecosystem Usage and Protocols
SSTORE2 and SSTORE3 are protocols for immutable, gas-efficient data storage on Ethereum, moving data off-chain while anchoring its integrity on-chain.
01
Core Mechanism: Pointer-Based Storage
SSTORE2 and SSTORE3 store data by writing it to a location determined by a CREATE2 contract address. The on-chain contract stores only a tiny pointer (the contract address) to the off-chain data, which is permanently verifiable via its hash. This replaces expensive, repeated SSTORE opcode usage with a single, upfront cost for immutable data.
02
Key Innovation: Deterministic Address
Data location is pre-computed using the CREATE2 opcode with the data's hash as salt. This creates a deterministic contract address where the data will live. Anyone can reconstruct this address and trustlessly verify the data's integrity by comparing the stored code hash with the original data hash, without needing a central registry.
03
SSTORE2 vs. SSTORE3: The Evolution
- SSTORE2 (by 0xsequence): The original standard. Data is stored as contract bytecode. Reading requires a low-level
.staticcall. - SSTORE3 (by Vectorized): An optimized successor. Data is stored in a contract's immutable storage variable, making it readable as a simple public variable (e.g.,
contractName.read()). This reduces gas costs for reads and improves developer ergonomics.
04
Primary Use Case: NFT Metadata & Art
These protocols are ideal for storing large, immutable data like NFT metadata (JSON) and art assets (SVG). Instead of storing a mutable HTTP link (tokenURI), projects can store an SSTORE2/3 pointer, guaranteeing permanent, decentralized availability of the core asset, mitigating link rot and enhancing provenance.
06
Economic & Security Trade-offs
- Gas Savings: Massive reduction vs. repeated
SSTORE. Cost is linear to data size once. - Immutability: Data cannot be changed or deleted after writing.
- Permanence: Relies on Ethereum's history and archive nodes. Data is not "on-chain" in the traditional sense but is cryptographically anchored to the chain.
- Read Cost: SSTORE3 reads are cheaper than SSTORE2, but both add overhead versus a simple state variable.
STORAGE PATTERNS
Comparison: SSTORE2/SSTORE3 vs. Traditional Storage
A technical comparison of immutable data pointer patterns versus direct contract storage for on-chain data persistence.
| Feature / Metric | SSTORE2 (Read-Only) | SSTORE3 (Read-Only) | Traditional Storage (SSTORE) |
|---|---|---|---|
Data Mutability | |||
Primary Use Case | Immutable data pointers | Immutable data pointers with CREATE2 | Mutable contract state |
Storage Location | Contract code (via CREATE) | Contract code (via CREATE2) | Contract storage slots |
Initial Write Cost | High (contract creation) | High (contract creation) | Standard (21k gas base) |
Subsequent Read Cost | Low (EXTCODECOPY) | Low (EXTCODECOPY) | Low (SLOAD) |
Subsequent Write Cost | High (SSTORE) | ||
Data Retrieval | Requires helper library | Requires helper library | Direct state variable access |
Address Determinism |
security-considerations
STORAGE OPTIMIZATION
Security and Design Considerations
SSTORE2 and SSTORE3 are gas-efficient patterns for storing immutable data on-chain by leveraging contract code storage. While powerful, they introduce unique security and design trade-offs.
01
Immutable Data Guarantee
The primary security benefit of SSTORE2/SSTORE3 is data immutability. Once data is written to a contract's bytecode via CREATE2, it cannot be altered. This is ideal for storing:
- Reference data like IPFS CIDs or merkle roots
- Permanent configuration parameters
- Historical snapshots or provenance records
This eliminates a major attack vector where mutable storage could be maliciously updated.
02
Gas Cost Analysis & Trade-offs
These patterns optimize for read-heavy, write-once data. The gas economics are inverted compared to standard SSTORE:
- High Initial Cost: Deploying the data contract is expensive (base creation cost + ~200 gas per byte).
- Very Low Read Cost: Reading via
EXTCODECOPYor a static call costs only ~100 gas, far cheaper than repeatedSLOADoperations.
Design for use cases where data is written once but accessed thousands of times to realize savings.
03
Address Determinism & Precomputation
SSTORE3 uses CREATE2 with a salt to generate a deterministic contract address before the data is stored. This allows:
- Off-chain reference: You can publish or commit to an address (e.g., in a merkle tree) before the data is on-chain.
- Permissionless writes: Anyone can later "fill" the precomputed address with the promised data.
Security Consideration: The system must ensure the eventually stored data matches the originally committed-to hash.
04
No Upgradeability or Deletion
A critical design constraint is the complete lack of mutability. This means:
- No Patches: If stored data contains an error, it is permanent. The system must reference a new SSTORE2/SSTORE3 contract address.
- No Deletion: Data persists forever in the blockchain history, contributing to state bloat, though it is stored in the code area.
- Versioning Required: Systems must be designed to point to new data pointers, managing a history of immutable references.
05
Integration with Access Control
While the stored data is immutable, control over who can write the initial data is crucial. Common patterns include:
- Using a factory contract with proper authorization (e.g.,
onlyOwner) to deploy the data contract. - In permissionless SSTORE3 patterns, using a commit-reveal scheme or cryptographic proof to validate the data writer.
Failure to gate the initial write can lead to data spoofing or front-running attacks.
06
Comparison to Alternatives
Choosing SSTORE2/SSTORE3 involves comparing trade-offs against other storage methods:
- vs. Standard
SSTORE: Cheaper reads, immutable, but far more expensive for single writes and non-upgradeable. - vs. Events (
LOGops): Events are cheaper to write but data is not directly readable by contracts. SSTORE2 enables on-chain contract consumption. - vs. External Storage (IPFS/Arweave): SSTORE2 provides on-chain availability guarantee without relying on external pinning services or oracle trust.
SSTORE2 / SSTORE3
Common Misconceptions
SSTORE2 and SSTORE3 are widely used libraries for on-chain data storage, but their underlying mechanics and trade-offs are often misunderstood. This section clarifies key points about how they work, their security model, and their relationship to the EVM's native storage.
SSTORE2 is a smart contract library that provides a gas-efficient method for storing and retrieving immutable data on-chain by using contract code as storage. It works by storing data in the code segment of a newly deployed, minimal proxy contract, rather than in the traditional contract storage slots. The process involves:
- Encoding: The data is prefixed with a
0x61(PUSH2) opcode and its length. - Deployment: This bytecode is used to deploy a new, tiny contract via
CREATE. - Pointer Storage: Only the address of this new contract is stored in the caller's storage.
- Retrieval: Data is read using
EXTCODECOPYto copy the contract's code, skipping the initial length prefix.
This method is highly efficient for immutable data because reading via EXTCODECOPY is much cheaper than reading from warm storage (SLOAD), and the one-time deployment cost can be amortized over many reads.
SSTORE2 / SSTORE3
Frequently Asked Questions (FAQ)
SSTORE2 and SSTORE3 are Ethereum Improvement Proposals (EIPs) designed to drastically reduce the gas cost of storing and retrieving immutable data on-chain. This FAQ addresses common developer questions about their mechanisms, use cases, and implementation.
SSTORE2 (EIP-3540) is a gas-efficient method for storing and retrieving immutable data on the Ethereum blockchain by using a CREATE2-like mechanism to store data in contract code. Instead of using the expensive SSTORE opcode to write data to storage slots, SSTORE2 creates a new contract where the data is the contract's runtime bytecode. To retrieve the data, you call the new contract's address, which returns its code via the EXTCODECOPY opcode. This approach is significantly cheaper for one-time storage because writing contract code is a one-time cost, and reading it is very inexpensive. The data is referenced by the address of the contract that contains it, which is deterministically computed from the data itself and a user-provided salt.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall