An opcode (operation code) is a low-level instruction that defines a single, atomic operation for a virtual machine's CPU to execute. In blockchain contexts, such as the Ethereum Virtual Machine (EVM), opcodes form the basic building blocks of smart contract bytecode, dictating actions like arithmetic (ADD, MUL), data storage (SLOAD, SSTORE), and control flow (JUMP, JUMPI). Each opcode is represented by a single byte, making the resulting bytecode compact and deterministic for global network execution.
LABS
Glossary
Opcode
An opcode (operation code) is a low-level machine instruction that defines a specific operation for a blockchain's virtual machine, such as arithmetic, logic, or state access.
Chainscore © 2026
definition
BLOCKCHAIN GLOSSARY
What is Opcode?
A fundamental concept in blockchain execution engines and smart contract programming.
The execution of opcodes is the mechanism by which smart contracts perform computations and modify state. When a transaction triggers a contract, the EVM fetches and interprets the contract's bytecode sequence opcode-by-opcode. This process consumes gas, with each opcode having a predefined gas cost that reflects its computational and storage complexity (e.g., SSTORE is more expensive than ADD). This design ensures network security by metering and limiting resource usage, preventing infinite loops and denial-of-service attacks.
Opcodes are typically generated by a compiler from higher-level languages like Solidity or Vyper. Developers write smart contract source code, which the compiler translates first into an intermediate representation and then into the final bytecode sequence of opcodes. Understanding common opcodes is crucial for advanced optimization (to reduce gas costs) and security auditing, as malicious patterns often manifest in specific low-level instruction sequences.
Beyond the EVM, opcodes are a universal computer science concept. Other blockchain virtual machines, such as those for Bitcoin Script (using opcodes like OP_CHECKSIG) or Solana's Berkeley Packet Filter runtime, implement their own unique sets. The specific repertoire of available opcodes defines the capabilities and limitations of a given smart contract platform, influencing what kinds of decentralized applications can be built upon it.
etymology
WORD ORIGIN
Etymology
The term **opcode** is a portmanteau with roots in computer architecture, describing the fundamental instruction set of a virtual machine.
An opcode (short for operation code) is the portion of a machine language instruction that specifies the operation to be performed. In the context of blockchain, it is the fundamental instruction for a virtual machine, most notably the Ethereum Virtual Machine (EVM). These low-level codes, such as ADD (0x01) or SSTORE (0x55), are the atomic building blocks from which all smart contract logic is constructed. The etymology directly links modern blockchain execution to classical computer science, where opcodes have long been the basic commands understood by a CPU.
The prefix "op-" derives from "operation," indicating an action, while "code" refers to a system of symbols for representation. In blockchain systems, opcodes are defined in a virtual machine's specification and are immutable and deterministic; their behavior is precisely defined in the protocol's consensus rules. This ensures that every node in the network executes the same PUSH, JUMP, or CALL instruction identically, which is critical for maintaining state consistency across a decentralized network.
The concept was adapted from traditional computing, where a CPU's instruction set architecture (ISA) defines its native opcodes. The EVM, as a stack-based virtual machine, uses a specialized set of opcodes designed for its unique environment, including operations for cryptographic functions, state storage, and inter-contract communication. Understanding opcodes is essential for developers writing low-level Yul or inline assembly, and for analysts auditing smart contract bytecode for gas optimization and security vulnerabilities.
how-it-works
BLOCKCHAIN EXECUTION
How Opcodes Work
An explanation of the fundamental instructions that define and power smart contract execution on the Ethereum Virtual Machine.
An opcode (short for operation code) is the most basic, atomic instruction that the Ethereum Virtual Machine (EVM) can understand and execute. Each opcode is a single byte that represents a specific operation, such as arithmetic (ADD, MUL), logical comparisons (LT, GT), control flow (JUMP, JUMPI), or blockchain state interaction (SLOAD, SSTORE). When a smart contract is compiled, its high-level Solidity or Vyper code is transformed into a sequence of these low-level bytecode opcodes, which the EVM interprets sequentially to carry out the contract's logic.
The execution of opcodes is deterministic and consumes gas, a unit of computational work. Each opcode has a predefined gas cost, which creates a fee market and prevents infinite loops or overly complex computations. For example, a simple ADD operation costs 3 gas, while writing to storage with SSTORE can cost 20,000 gas or more. This system ensures that every operation on the blockchain has a quantifiable cost, aligning network security with economic incentives. The EVM is a stack-based machine, meaning most opcodes pop their input values from and push their results onto a last-in, first-out (LIFO) data stack.
Opcodes are broadly categorized by function. Stack manipulation opcodes like PUSH1, POP, and SWAP1 manage the data stack. Arithmetic and logic opcodes (ADD, SUB, AND, OR) perform calculations. Control flow opcodes (JUMP, JUMPI, PC) direct execution to different parts of the bytecode. Blockchain context opcodes (CALLER, TIMESTAMP, NUMBER) retrieve information about the current transaction or block. Finally, state manipulation opcodes, such as SLOAD (read storage) and SSTORE (write storage), are the most gas-intensive as they directly interact with the blockchain's persistent state.
Understanding opcodes is crucial for developers writing gas-efficient smart contracts and for security auditors analyzing contract bytecode for vulnerabilities. By examining the opcode sequence, one can deconstruct exactly what a contract will do, independent of its original high-level source code. Tools like Ethereum disassemblers can translate contract bytecode back into human-readable opcode mnemonics, allowing for deep inspection. This low-level view is essential for optimizing gas usage, as choosing different high-level constructs can result in vastly different—and more expensive—opcode sequences upon compilation.
key-features
ARCHITECTURE
Key Features of Opcodes
Opcodes are the fundamental, low-level instructions that define a blockchain's virtual machine. They are the atomic operations that, when sequenced, form smart contracts and transactions.
01
Atomic Operations
An opcode is the smallest executable unit in a virtual machine (VM), like the Ethereum Virtual Machine (EVM). Each opcode performs a single, specific task, such as:
- Arithmetic:
ADD,MUL,SUB - Stack Manipulation:
PUSH1,POP,SWAP1 - Control Flow:
JUMP,JUMPI(jump if) - State Access:
SLOAD,SSTORESequences of these atomic instructions form complete smart contract logic.
02
Gas Cost & Pricing
Every opcode has a predefined gas cost, reflecting the computational and storage resources it consumes. This system prevents infinite loops and allocates network resources fairly. For example:
- Low-cost:
ADD(3 gas) - Medium-cost:
SLOAD(warm access: 100 gas) - High-cost:
SSTORE(setting non-zero to zero: up to a 19,800 gas refund) Gas costs are a core part of a blockchain's economic security model.
03
Stack-Based Execution
Most blockchain VMs use a stack-based architecture. Opcodes primarily operate on a Last-In-First-Out (LIFO) data stack. For instance, the ADD opcode:
- Pops the top two values from the stack.
- Computes their sum.
- Pushes the result back onto the stack. This design is simple, deterministic, and easy to validate, contrasting with register-based VMs.
04
Bytecode Representation
In compiled form, opcodes are represented as bytecode—a sequence of hexadecimal values. Each opcode corresponds to a specific byte (e.g., 0x01 for ADD, 0x60 for PUSH1). A smart contract's bytecode is essentially a long list of these opcode bytes and their associated data, which the VM interprets and executes sequentially.
05
Memory, Storage, & Calldata Context
Opcodes interact with different data environments:
- Memory (
MLOAD,MSTORE): Volatile, low-cost scratchpad for execution. - Storage (
SLOAD,SSTORE): Persistent, high-cost state written to the blockchain. - Calldata (
CALLDATALOAD): Immutable input data from a transaction. Understanding which opcode accesses which context is crucial for gas optimization and security.
06
Security-Critical Opcodes
Certain opcodes require careful handling due to their security implications:
DELEGATECALL: Preserves the caller's context, enabling upgradeable proxies but introducing major risks if misused.SELFDESTRUCT: Terminates a contract, sending its ether elsewhere. Can lead to fund loss if triggered unexpectedly.CALL&STATICCALL: Manage external interactions; incorrect use can lead to reentrancy attacks.
examples
OPCODE PRIMER
Common Opcode Examples
Opcode mnemonics translate directly to bytecode instructions. These examples illustrate fundamental operations for arithmetic, state management, and control flow within the EVM.
01
Arithmetic & Logic (0x01 - 0x20)
These opcodes perform basic computations on the stack.
- ADD (0x01): Pops two values, pushes their sum.
- MUL (0x02): Pops two values, pushes their product.
- LT (0x10): Pops two values, pushes
1if the first is less than the second, else0. - AND (0x16): Pops two 256-bit values, pushes their bitwise AND.
- ISZERO (0x15): Pops a value, pushes
1if it's zero, else0.
02
Stack & Memory (0x50 - 0x8F)
These opcodes manage the EVM's execution stack and memory.
- PUSH1 (0x60): Places the next byte of code onto the stack.
- POP (0x50): Removes the top item from the stack.
- DUP1 (0x80): Duplicates the 1st stack item.
- SWAP1 (0x90): Exchanges the 1st and 2nd stack items.
- MSTORE (0x52): Stores a word (32 bytes) to memory at a specified offset.
- MLOAD (0x51): Loads a word from memory onto the stack.
03
Storage & State (0x54 - 0x55)
These opcodes interact with persistent contract storage.
- SSTORE (0x55): Saves a word to storage at a specified key. This is a state-changing operation with high gas cost.
- SLOAD (0x54): Loads a word from storage onto the stack.
- Example:
SSTORE(0x00, 0x01)stores the value1at storage slot0. This data persists between transactions.
04
Control Flow (0x56 - 0x5F)
These opcodes direct program execution, enabling jumps and halts.
- JUMP (0x56): Sets the program counter to a value from the stack.
- JUMPI (0x57): Conditional jump; jumps only if the second stack value is non-zero.
- PC (0x58): Pushes the current program counter value onto the stack.
- STOP (0x00): Halts execution successfully.
- REVERT (0xFD): Halts execution, reverting state changes, but returns data (post-Byzantium fork).
05
Environmental & Call Data (0x30 - 0x3F)
These opcodes provide context about the transaction and execution environment.
- ADDRESS (0x30): Pushes the address of the currently executing contract.
- CALLER (0x33): Pushes the address of the entity that initiated this call (
msg.sender). - CALLVALUE (0x34): Pushes the amount of wei sent with the call (
msg.value). - CALLDATALOAD (0x35): Loads 32 bytes of calldata (function input) onto the stack.
06
System Operations (0xF0 - 0xFF)
High-level operations for creating contracts and making external calls.
- CREATE (0xF0): Creates a new contract with provided init code, deploying it to a new address.
- CALL (0xF1): Executes a message call to another contract/EOA, transferring value.
- STATICCALL (0xFA): A
CALLthat prohibits any state modifications to the current context. - DELEGATECALL (0xF4): Executes code of another contract, but within the storage context of the caller.
visual-explainer
FROM BYTECODE TO STATE CHANGE
Visual Explainer: The Execution Cycle
A step-by-step breakdown of how a blockchain's virtual machine processes a transaction, from fetching the initial instruction to committing the final state.
The execution cycle is the fundamental, step-by-step process by which a blockchain's Virtual Machine (VM) interprets and executes the bytecode of a smart contract. It begins when a transaction is submitted to the network, triggering the VM to load the contract's code and the current state of the blockchain. The core of this cycle is a continuous loop where the VM fetches an opcode from the bytecode, decodes it, executes the corresponding low-level operation, and then updates its internal state and program counter to prepare for the next instruction.
Each cycle iteration revolves around a single opcode. The Program Counter (PC) points to the current instruction in the bytecode. The VM fetches the opcode at that location, then decodes it to determine the required operation and any immediate arguments. The execution phase performs the actual computation, which could involve arithmetic, logic, accessing storage, or calling another contract. This phase consumes gas, and the VM's internal state—including memory, stack, and storage—is updated accordingly. Finally, the PC is incremented to point to the next opcode, unless the executed opcode was a jump.
The cycle's behavior is tightly governed by the gas meter. Before executing an opcode, the VM checks if sufficient gas remains to cover its cost. If gas runs out, execution halts with an "out of gas" error, and all state changes are reverted, though the gas is still consumed. This mechanism prevents infinite loops and ensures computational work is paid for. Other exceptional halts can occur due to invalid operations, such as a stack underflow or an invalid jump destination, which also trigger a full state reversion.
A critical feature of the cycle is its handling of nested execution via the CALL family of opcodes (e.g., CALL, DELEGATECALL, STATICCALL). When one of these opcodes is executed, the current cycle is suspended. A new, completely separate execution environment is created for the called contract, with its own fresh memory and stack. This child execution runs its own full cycle. Upon completion, its output is returned, and the parent execution resumes, integrating the result. This creates a tree of execution frames.
The cycle concludes when the VM encounters a STOP, RETURN, or REVERT opcode, or when execution finishes naturally. If successful, the final resulting state changes—modifications to account balances, contract storage, and newly created contracts—are committed to the blockchain. This deterministic cycle, executed identically by every node on the network, is what guarantees consensus on the outcome of smart contract transactions, transforming code into immutable, trustless agreements.
ecosystem-usage
OPCODE
Ecosystem Usage
Opcode (Operation Code) is the fundamental instruction that a blockchain's virtual machine executes. This section details its critical roles across development, security, and network operations.
02
Gas Cost & Optimization
Every opcode has a predefined gas cost, directly impacting transaction fees. Developers optimize contracts by choosing efficient opcode patterns.
- Expensive Ops:
SSTORE(writing storage) andCREATE(deploying contracts) are high-cost. - Cheap Ops: Stack operations like
ADDorMULare low-cost. Analyzing gas usage at the opcode level is essential for creating cost-effective and scalable decentralized applications (dApps).
03
Security & Auditing
Security auditors analyze opcode patterns to identify vulnerabilities. Malicious patterns, such as unchecked external calls or reentrancy enabled by specific opcode sequences, can lead to exploits. Understanding the opcode-level behavior of a contract is crucial for:
- Detecting reentrancy bugs.
- Identifying gas-griefing vectors.
- Verifying compiler output matches intended logic.
04
Fork & Upgrade Management
Network upgrades (hard forks) often introduce, modify, or deprecate opcodes. For instance, Ethereum's London Upgrade (EIP-1559) changed the behavior of the BASEFEE opcode. These changes require:
- Client implementations (Geth, Erigon) to update their EVM interpreters.
- Tooling (compilers, debuggers) to support new semantics.
- Auditors and developers to understand new security considerations.
05
Tooling & Debugging
Developer tools rely on opcode analysis for debugging and optimization. Key tools include:
- EVM Debuggers (Tenderly, Remix Debugger): Step through opcode execution.
- Disassemblers: Convert bytecode back to human-readable opcode mnemonics.
- Gas Profilers: Pinpoint which opcode sequences consume the most gas in a transaction trace.
06
Cross-VM Comparison
Different blockchain virtual machines use distinct opcode sets, influencing performance and capability.
- EVM: Stack-based, uses 256-bit words. Opcodes like
CALL,DELEGATECALL. - WASM (CosmWasm, Polkadot): Register-based, often enabling higher performance.
- Bitcoin Script: A simpler, intentionally limited set of opcodes for validating transactions. This diversity affects portability and the design of cross-chain tooling.
security-considerations
OPCODE
Security Considerations
Opcodes are the fundamental, low-level instructions executed by a blockchain's virtual machine. Their implementation and usage are critical attack surfaces for smart contracts and the underlying protocol.
01
Denial-of-Service (DoS) via Gas Exhaustion
Certain opcodes, like SSTORE (storage write) and SELFDESTRUCT, have variable gas costs that can be exploited. An attacker can craft a transaction that forces a contract to execute a loop of expensive operations, consuming the entire block gas limit and preventing other transactions from being processed. This is a primary reason for implementing gas metering and careful opcode cost analysis in the EVM.
02
Reentrancy Attacks
The CALL and DELEGATECALL opcodes are central to reentrancy vulnerabilities. They transfer execution control to an external contract before the calling contract's state is finalized. The infamous DAO hack exploited this by recursively calling back into a vulnerable function to drain funds. Mitigations include the checks-effects-interactions pattern and using reentrancy guards.
03
Unchecked Low-Level Calls
The low-level CALL, DELEGATECALL, STATICCALL, and CALLCODE opcodes return a boolean success flag. A critical security flaw occurs when a contract fails to check this return value. If a call to transfer funds fails (e.g., to a malicious contract that intentionally reverts), the caller's state changes may proceed under the false assumption the transfer succeeded, leading to logical errors and fund loss.
04
DelegateCall & Storage Collisions
The DELEGATECALL opcode executes code from another contract within the context (storage, msg.sender, msg.value) of the caller. This is extremely powerful but dangerous, as it can lead to storage layout collisions. If the calling and target contracts have mismatched storage variable declarations, DELEGATECALL can corrupt the caller's storage, a flaw exploited in the Parity Wallet multi-sig hack.
05
Opcodes Disabled for Precompiles
Some opcodes are restricted when interacting with precompiled contracts (e.g., cryptographic functions at fixed addresses). For instance, you cannot use CALLCODE or DELEGATECALL to a precompile. Attempting to do so will result in an exception. Understanding these restrictions is vital for developers building advanced protocols that integrate native cryptographic operations.
06
Protocol-Level Opcode Risks
At the consensus layer, introducing or modifying opcodes is a high-risk protocol upgrade. A new opcode could:
- Break existing tooling (wallets, explorers, indexers).
- Introduce unintended gas cost imbalances, making some operations too cheap or expensive.
- Create new denial-of-service vectors for validators/miners.
- Be exploited if its semantics are poorly defined, leading to chain splits. Rigorous audit and testnet deployment are mandatory.
OPCODE
Common Misconceptions
Opcodes are the fundamental instructions of the Ethereum Virtual Machine, but their role and behavior are often misunderstood. This section clarifies the most frequent points of confusion.
No, opcodes and smart contract functions exist at different abstraction levels. A smart contract function (like transfer()) is a high-level construct written in Solidity or Vyper. When compiled, it is broken down into a sequence of low-level opcodes (like CALL, SSTORE, ADD). The EVM executes these opcodes sequentially. Think of a function as a recipe and opcodes as the individual steps (chop, stir, bake) the computer must perform.
For example, a simple Solidity addition a + b compiles down to opcodes like PUSH1, MLOAD, ADD, and MSTORE. Developers interact with functions, but the blockchain processes opcodes, which directly determine gas cost and execution logic.
LOW-LEVEL EXECUTION
Comparison: Opcode, Bytecode, and Assembly
A comparison of the fundamental components that define smart contract execution on the Ethereum Virtual Machine (EVM).
| Feature | Opcode | Bytecode | Assembly (EVM Assembly) |
|---|---|---|---|
Definition | A single, mnemonic instruction for the EVM (e.g., ADD, PUSH1, SSTORE). | The compiled, hexadecimal machine code executed by the EVM. | A human-readable representation of bytecode using opcode mnemonics and labels. |
Abstraction Level | Lowest (machine instruction). | Lowest (raw machine code). | Low (human-readable machine code). |
Human Readability | Partially readable as isolated mnemonics. | Not readable (e.g., 0x60806040...). | Readable with structure and comments. |
Primary Use | Defining the EVM instruction set; the atomic operation. | Deployment and execution on the blockchain. | Manual optimization, debugging, and low-level contract analysis. |
Directly Executed By | EVM interpreter. | EVM interpreter. | Not directly executed; must be assembled to bytecode. |
Creation Process | Defined by the EVM specification. | Output from a compiler (e.g., Solidity's solc). | Written by developers or generated by a compiler. |
Relationship | The instruction set. | The encoded sequence of opcodes and data. | The textual representation of that sequence. |
Example | PUSH1 0x80 | 0x6080 | PUSH1 0x80 // place 0x80 on the stack |
OPCODE
Frequently Asked Questions (FAQ)
Answers to common technical questions about opcodes, the fundamental instructions that power smart contracts and blockchain execution.
An opcode (operation code) is the fundamental, low-level instruction that a blockchain's Virtual Machine (VM) executes. It works by being part of a bytecode sequence where each opcode is a single byte (or a byte with following data) that tells the VM to perform a specific atomic operation, such as adding two numbers (ADD), storing data (SSTORE), or checking a cryptographic signature (ECRECOVER). The VM reads these codes sequentially from the contract bytecode stored on-chain, executing the corresponding micro-operation, which collectively forms the logic of a smart contract.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall