zkevm-rom 0.0.1-security → 6.0.1

package/main/opcodes/create-terminate-context.zkasm

@@ -0,0 +1,1011 @@
+/**
+ * @link [https://www.evm.codes/#00?fork=berlin]
+ * @zk-counters
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: none
+ *  - stack output: none
+ */
+opSTOP:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 20 :JMPN(outOfCountersStep)
+    ; check if first context
+    ; if origin ctx is 0, end tx
+    $ => B          :MLOAD(originCTX), JMPZ(handleGas)
+    ; else handle finish ctx
+    $ => A          :MLOAD(gasRefund)
+    ; check if is a create call
+    $ => C          :MLOAD(isCreate)
+    ; set 1 to D, default stack return in stop code
+    1 => D
+    C               :JMPZ(opSTOPend)
+    ; if is a create, return created contract address
+    $ => D          :MLOAD(createContractAddress)
+
+opSTOPend:
+    ; move to origin ctx
+    B => CTX
+    CTX             :MSTORE(currentCTX)
+    ; restore retDataCTX, no return data in stop
+    0               :MSTORE(retDataCTX)
+    ; handle gas refund
+    $ => B          :MLOAD(gasCTX)
+    A               :MSTORE(gasRefund)
+    GAS + B => GAS
+    ; restore SP and PC from origin CTX
+    $ => SP         :MLOAD(lastSP)
+    $ => PC         :MLOAD(lastPC)
+    ; store stack output
+    D               :MSTORE(SP++), JMP(readCode)
+
+/**
+ * @link [https://www.evm.codes/#f0?fork=berlin]
+ * @zk-counters
+ *  - 200 steps
+ *  - 2 binary
+ *  - %MAX_CNT_POSEIDON_SLOAD_SSTORE*3 poseidon
+ * @process-opcode
+ *  - stack input:  [value, offset, size]
+ *  - stack output: [address]
+ */
+opCREATE:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 200 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 4          :JMPN(outOfCountersBinary)
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE*3 :JMPN(outOfCountersPoseidon)
+
+    ; check out-of-gas
+    GAS - %CREATE_GAS => GAS  :JMPN(outOfGas)
+    GAS                 :MSTORE(gasCall)
+
+    ; check stack underflow
+    SP - 3              :JMPN(stackUnderflow)
+    ; check is static
+    $ => A              :MLOAD(isStaticCall), JMPNZ(invalidStaticTx)
+    SP - 1 => SP
+    $ => D              :MLOAD(SP--); [value => D]
+    D                   :MSTORE(valueCall)
+    $ => E              :MLOAD(SP--); [offset => E]
+    E                   :MSTORE(argsOffsetCall)
+    $ => C              :MLOAD(SP); [size => C]
+    C                   :MSTORE(argsLengthCall)
+
+    ; store lastMemOffset for memory expansion gas cost
+    E                   :MSTORE(lastMemOffset)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    C                   :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; store current CTX to auxiliary var for later usage
+    CTX                 :MSTORE(originAuxCTX)
+
+    ; check if source address has enough balance to send to the new account
+    $ => A              :MLOAD(storageAddr)
+    ; set key for smt balance query
+    %SMT_KEY_BALANCE => B
+    ; 3rd parameter does not apply to nonce or balance
+    0 => C
+    ; balance in A
+    $ => A              :SLOAD
+    D => B
+    $                   :LT,JMPC(opCreateFail)
+
+    ; check nonce overflow
+    $ => A             :MLOAD(storageAddr)
+    ; set key for smt nonce query
+    %SMT_KEY_NONCE => B
+    ; nonce in B
+    $ => B              :SLOAD
+    A => C
+    %MAX_NONCE => A
+    $                   :EQ,JMPC(opCreateFail)
+
+    ;change to a new CTX
+    SP                  :MSTORE(lastSP)
+    PC                  :MSTORE(lastPC)
+    ; increase used contexts counter
+    $ => A              :MLOAD(lastCtxUsed)
+    A+1 => CTX          :MSTORE(lastCtxUsed)
+    CTX                 :MSTORE(currentCTX)
+    1                   :MSTORE(isCreateContract)
+    1                   :MSTORE(isCreate)
+    ; set origin CTX to this new CTX
+    $ => A              :MLOAD(originAuxCTX)
+    A                   :MSTORE(originCTX)
+
+    ; get nonce and update SR
+    B                   :MSTORE(txNonce)
+    ; get nonce length bytes
+                        :CALL(getLenBytes); in: [B: value] out: [A: value bytes length]
+    A                   :MSTORE(lengthNonce)
+    ; increase nonce
+    1 => A
+    $ => D              :ADD
+    C => A
+    ; set key for smt nonce query
+    %SMT_KEY_NONCE => B
+    0 => C
+    $ => SR             :SSTORE
+    ; compute gas send in call
+    SR                  :MSTORE(initSR), CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    ; return to origin CTX to set storage addr, gasRefund and gasCTX
+    $ => CTX            :MLOAD(originCTX)
+    $ => B              :MLOAD(storageAddr)
+    $ => C              :MLOAD(gasRefund)
+    GAS - A             :MSTORE(gasCTX)
+    $ => CTX            :MLOAD(currentCTX)
+    ; update GAS to computed gas send call
+    A => GAS
+    B                   :MSTORE(txSrcAddr)
+    C                   :MSTORE(gasRefund)
+    ; set CTX var values
+    $ => A              :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A                   :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    $ => A              :MLOAD(valueCall), CALL(checkpointBlockInfoTree)
+    ; Save touched root when a new context is created
+    A                   :MSTORE(txValue), CALL(checkpointTouched)
+                        :JMP(txType)
+
+opCreateFail:
+    ; return 0 if create fails
+    0                   :MSTORE(retDataCTX)
+    0                   :MSTORE(SP++), JMP(readCode); [0 => SP]
+
+/**
+ * @link [https://www.evm.codes/#f1?fork=berlin]
+ * @zk-counters
+ *  - 200 steps
+ *  - 3 binary
+ * @process-opcode
+ *  - stack input: [gas, address, value, argsOffset, argsSize, retOffset, retSize]
+ *  - stack output: [success]
+ */
+opCALL:
+
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 200 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 3 :JMPN(outOfCountersBinary)
+    ; check stack underflow
+    SP - 7          :JMPN(stackUnderflow)
+    SP - 1 => SP
+    ; store current CTX to auxiliary var for later usage
+    CTX             :MSTORE(originAuxCTX)
+    ; store gas call
+    $ => A          :MLOAD(SP--); [gas => A]
+    A               :MSTORE(gasCall)
+    $ => A          :MLOAD(SP--), CALL(maskAddress); [address => A]; in: [A: address] out: [A: masked address]
+    ; store address call
+    ; Mask address to 20 bytes
+    A               :MSTORE(addrCall)
+    ; store value call
+    $ => A          :MLOAD(SP--); [value => A]
+    A               :MSTORE(valueCall)
+    ; if is static and value is not 0 -> revert
+    $ => B          :MLOAD(isStaticCall), JMPZ(opCALL2)
+    0 => B
+    $               :EQ,JMPC(opCALL2, invalidStaticTx)
+
+opCALL2:
+
+    ; store bytes offset int the memory, the calldata of the subcontext
+    $ => A          :MLOAD(SP--); [argsOffset => A]
+    A               :MSTORE(argsOffsetCall)
+    ; store lastMemOffset for memory expansion gas cost
+    A               :MSTORE(lastMemOffset)
+
+    ; byte size to copy, size of the calldata of the subcontext
+    $ => C          :MLOAD(SP--); [argsSize => C]
+    C               :MSTORE(argsLengthCall)
+    ; store lastMemLength for memory expansion gas cost
+    C               :MSTORE(lastMemLength)
+    ; compute memory expansion gas cost
+                    :CALL(saveMem); in: [lastMemOffset, lastMemLength]
+
+    ; store byte offset in the memory in bytes, where to store the return data of the sub context
+    $ => B          :MLOAD(SP--); [retOffset => B]
+    B               :MSTORE(lastMemOffset)
+
+    ; store byte size to copy (size of the return data)
+    $ => D          :MLOAD(SP); [retSize => D]
+    ; compute memory expansion gas cost of the return value
+    D               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    $ => B          :MLOAD(lastMemOffset)
+    ; check if an address is cold. If it is, add it to the touched tree
+    $ => A          :MLOAD(addrCall), CALL(isColdAddress); in: [A: address] out: [D: 0 if warm, 1 if cold]
+
+    ;gas_cost = memory_expansion_cost + code_execution_cost + address_access_cost + positive_value_cost + value_to_empty_account_cost
+    ; Calculate address_access_cost: 100 for warm account, 2600 for cold account
+    GAS - %WARM_STORAGE_READ_GAS - D * %COLD_ACCOUNT_ACCESS_COST_REDUCED => GAS :JMPN(outOfGas)
+    ; Calculate positive_value_cost, if value call > 0 -> 9000
+    $ => B          :MLOAD(valueCall)
+    0 => A
+    $               :EQ,JMPC(opCALLend)
+
+    GAS - %CALL_VALUE_TRANSFER_GAS => GAS :JMPN(outOfGas)
+    ; if destAddress is an empty account, we should add 25k of gas to base cost
+    $ => E          :MLOAD(addrCall), CALL(isEmptyAccount); in: [E: address] out: [E: 0 if is not empty, 1 if is empty]
+    GAS - %CALL_NEW_ACCOUNT_GAS*E => GAS :JMPN(outOfGas)
+
+opCALLend:
+    ; setup vars for next CTX
+    $ => B          :MLOAD(lastMemOffset)
+    $ => D          :MLOAD(lastMemLength)
+    $ => C          :MLOAD(storageAddr)
+    $ => E          :MLOAD(gasRefund)
+    SP              :MSTORE(lastSP)
+    PC              :MSTORE(lastPC)
+    ; increase CTX
+    $ => A          :MLOAD(lastCtxUsed)
+    A+1 => CTX      :MSTORE(lastCtxUsed)
+    CTX             :MSTORE(currentCTX)
+    $ => A          :MLOAD(originAuxCTX)
+    A               :MSTORE(originCTX)
+    C               :MSTORE(txSrcAddr)
+    E               :MSTORE(gasRefund)
+    SR              :MSTORE(initSR)
+    $ => A          :MLOAD(addrCall)
+    A               :MSTORE(txDestAddr)
+    A               :MSTORE(storageAddr)
+    B               :MSTORE(retCallOffset)
+    D               :MSTORE(retCallLength)
+    $ => B          :MLOAD(valueCall)
+    B               :MSTORE(txValue)
+    0 => A
+    ; compute gas send in call
+    $ => C          :LT, CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    $ => CTX            :MLOAD(originCTX)
+    GAS - A             :MSTORE(gasCTX)
+    ; add stipend (2300) in case of tx with value
+    A + %CALL_STIPEND*C => A
+    ; move is static bool value to following CTX
+    $ => D              :MLOAD(isStaticCall)
+    $ => CTX            :MLOAD(currentCTX)
+    D                   :MSTORE(isStaticCall)
+    ; update GAS to computed gas send call
+    A => GAS
+    $ => A              :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A                   :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    ; save touched root when a new context is created
+                        :CALL(checkpointTouched)
+                        :CALL(checkpointBlockInfoTree)
+                        :JMP(txType)
+
+/**
+ * @link [https://www.evm.codes/#f1?fork=berlin]
+ * @zk-counters
+ *  - 200 steps
+ *  - 2 binary
+ * @process-opcode
+ *  - stack input: [gas, address, value, argsOffset, argsSize, retOffset, retSize]
+ *  - stack output: [success]
+ */
+opCALLCODE:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 200 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 2 :JMPN(outOfCountersBinary)
+    ; check stack underflow
+    SP - 7          :JMPN(stackUnderflow)
+    SP - 1 => SP
+    ; store current CTX to auxiliary var for later usage
+    CTX             :MSTORE(originAuxCTX)
+    ; store gas call
+    $ => A          :MLOAD(SP--); [gas => A]
+    A               :MSTORE(gasCall)
+    ; store address call
+    ; Mask address to 20 bytes
+    $ => A          :MLOAD(SP--), CALL(maskAddress); [address => A]; in: [A: address] out: [A: masked address]
+    A               :MSTORE(addrCall)
+    ; store value call
+    $ => A          :MLOAD(SP--); [value => A]
+    A               :MSTORE(valueCall)
+
+    ; store bytes offset int the memory, the calldata of the subcontext
+    $ => A          :MLOAD(SP--); [argsOffset => A]
+    A               :MSTORE(argsOffsetCall)
+    ; store lastMemOffset for memory expansion gas cost
+    A               :MSTORE(lastMemOffset)
+    ; byte size to copy, size of the calldata of the subcontext
+    $ => C          :MLOAD(SP--); [argsSize => C]
+    C               :MSTORE(argsLengthCall)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    C               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+
+    ; Store byte offset in the memory in bytes, where to store the return data of the sub context.
+    $ => B          :MLOAD(SP--); [retOffset => B]
+    B               :MSTORE(lastMemOffset)
+    ; Store byte size to copy (size of the return data).
+    $ => D          :MLOAD(SP); [retSize => D]
+    ; compute memory expansion gas cost of the return value
+    D               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; check if an address is cold. If it is, add it to the touched tree
+    $ => A                   :MLOAD(addrCall), CALL(isColdAddress); in: [A: address] out: [D: 0 if warm, 1 if cold]
+
+    ;gas_cost = memory_expansion_cost + code_execution_cost + address_access_cost + positive_value_cost
+    ; Calculate address_access_cost: 100 for warm account, 2600 for cold account
+    GAS - %WARM_STORAGE_READ_GAS - D * %COLD_ACCOUNT_ACCESS_COST_REDUCED => GAS    :JMPN(outOfGas)
+    ; Calculate positive_value_cost, if value call > 0 -> 9000
+    $ => B                   :MLOAD(valueCall)
+    0 => A
+    $                        :EQ,JMPC(opCALLCODEend)
+    ; Subtract gas if the call has value
+    GAS - %CALL_VALUE_TRANSFER_GAS => GAS        :JMPN(outOfGas)
+
+opCALLCODEend:
+    ; setup vars for next CTX
+    $ => B          :MLOAD(lastMemOffset)
+    $ => D          :MLOAD(lastMemLength)
+    $ => E          :MLOAD(storageAddr)
+    $ => C          :MLOAD(gasRefund)
+    SP              :MSTORE(lastSP)
+    PC              :MSTORE(lastPC)
+    ; increase CTX
+    $ => A          :MLOAD(lastCtxUsed)
+    A+1 => CTX      :MSTORE(lastCtxUsed)
+    CTX             :MSTORE(currentCTX)
+    $ => A          :MLOAD(originAuxCTX)
+    A               :MSTORE(originCTX)
+    E               :MSTORE(txSrcAddr)
+    E               :MSTORE(storageAddr)
+    C               :MSTORE(gasRefund)
+    SR              :MSTORE(initSR)
+    $ => A          :MLOAD(addrCall)
+    A               :MSTORE(txDestAddr)
+    B               :MSTORE(retCallOffset)
+    D               :MSTORE(retCallLength)
+    $ => B          :MLOAD(valueCall)
+    B               :MSTORE(txValue)
+    0 => A
+    ; compute gas send in call
+    $ => C          :LT, CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    $ => CTX        :MLOAD(originCTX)
+    GAS - A         :MSTORE(gasCTX)
+    ; Add stipend (2300) in case of tx with value
+    A + %CALL_STIPEND*C => A
+    ; move is static bool value to following CTX
+    $ => D          :MLOAD(isStaticCall)
+    $ => CTX        :MLOAD(currentCTX)
+    ; update GAS to computed gas send call
+    A => GAS
+    D               :MSTORE(isStaticCall)
+    $ => A          :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A               :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    ; Save touched root when a new context is created
+                    :CALL(checkpointTouched)
+                    :CALL(checkpointBlockInfoTree)
+                    :JMP(txType)
+/**
+ * @link [https://www.evm.codes/#f3?fork=berlin]
+ * @zk-counters
+ *  - 400 steps
+ *  - 1 binary
+ * @process-opcode
+ *  - stack input:  [offset, size]
+ *  - stack output: none
+ */
+opRETURN:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    ; check stack underflow
+    SP - 2 => SP    :JMPN(stackUnderflow)
+    $ => E          :MLOAD(SP+1); [offset => E]
+    $ => C          :MLOAD(SP); [size => C]
+
+    ; store return data values
+    E               :MSTORE(retDataOffset)
+    C               :MSTORE(retDataLength)
+    ; store lastMemOffset for memory expansion gas cost
+    E               :MSTORE(lastMemOffset)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    C               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; check is a create
+    $ => D          :MLOAD(isCreateContract), JMPNZ(opRETURNdeploy)
+    ; reduce CTX
+    ; if origin ctx is 0, end tx
+    $ => B          :MLOAD(originCTX), JMPZ(handleGas)
+    ; handle gas refund
+    $ => B          :MLOAD(gasRefund)
+    $ => A          :MLOAD(currentCTX)
+    $ => CTX        :MLOAD(originCTX)
+    ; set return data context values to origin context
+    A               :MSTORE(retDataCTX)
+    B               :MSTORE(gasRefund)
+    $ => B          :MLOAD(gasCTX)
+    B + GAS => GAS
+    ; return to current CTX
+    $ => CTX        :MLOAD(currentCTX)
+    $ => D          :MLOAD(retCallLength)
+    C => A
+    D => B
+    ; set smallest return length between retCallLength and lastMemLength
+    $               :LT,JMPC(preRETURN32)
+    D => C
+
+preRETURN32:
+    $ => B          :MLOAD(retCallOffset)
+
+; Copy from memory current CTX to memory origin CTX
+opRETURNloop:
+    ; checks dynamic zk-counters
+    %MAX_CNT_STEPS - STEP - 200 :JMPN(outOfCountersStep)
+
+    C               :JMPZ(opRETURNend)
+    C - 32          :JMPN(opRETURNfinal)
+    ; load first 32 bytes from memory at current CTX
+                    :CALL(MLOAD32); in: [E: offset] out: [A: value, E: new offset]
+    E => D
+    ; load origin CTX
+    $ => CTX        :MLOAD(originCTX)
+    B => E
+     ; set bytesToStore with value to use in MSTORE
+    ; store 32 bytes at origin CTX
+    A               :MSTORE(bytesToStore), CALL(MSTORE32); in: [bytesToStore, E: offset] out: [E: new offset]
+    E => B
+    D => E
+    C - 32 => C
+    ; restore current TX
+    $ => CTX        :MLOAD(currentCTX), JMP(opRETURNloop)
+
+opRETURNfinal:
+    ; load last bytes
+                    :CALL(MLOADX); in: [E: offset, C: length] out: [A: value, E: new offset]
+    $ => CTX        :MLOAD(originCTX)
+    B => E
+    ; store last bytes
+    A               :MSTORE(bytesToStore), CALL(MSTOREX); in: [bytesToStore, E: offset, C: length] out: [E: new offset]
+    $ => CTX        :MLOAD(currentCTX)
+
+opRETURNend:
+    ; decrease CTX
+    $ => CTX        :MLOAD(originCTX)
+    CTX             :MSTORE(currentCTX)
+    ; restore origin CTX values
+    $ => SP         :MLOAD(lastSP)
+    $ => PC         :MLOAD(lastPC)
+    1               :MSTORE(SP++), JMP(readCode); [1 => SP]
+
+opRETURNdeploy:
+    ; code size limit = 0x6000
+    %CODE_SIZE_LIMIT - C      :JMPN(invalidCodeSize)
+    ;code_deposit_cost = 200 * returned_code_size
+    GAS - %RETURN_GAS_COST * C => GAS    :JMPN(outOfGas)
+    ; check if first context
+    $ => B          :MLOAD(originCTX), JMPNZ(opRETURNcreate, endDeploy)
+
+opRETURNcreate:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE*2 :JMPN(outOfCountersPoseidon)
+    %MAX_CNT_BINARY - CNT_BINARY - 2                                        :JMPN(outOfCountersBinary)
+    ; save offset memory and length to compute contract hash
+    E               :MSTORE(memOffsetLinearPoseidon)
+    C               :MSTORE(memSizeLinearPoseidon), CALL(checkBytecodeStartsEF) ; in: [memOffset], out: [startsWithEF]
+    ; check bytecode first byte != 0xEF
+    $               :MLOAD(startsWithEF), JMPNZ(invalidCodeStartsEF)
+    ; set bytecode length
+    ; set key for smt smart contract length query
+    $ => A          :MLOAD(createContractAddress)
+    %SMT_KEY_SC_LENGTH => B
+    C => D
+    0 => C
+    ; get bytecode and hash it
+    $ => SR             :SSTORE, CALL(hashPoseidonLinearFromMemory); in: [memOffsetLinearPoseidon, memSizeLinearPoseidon], out: [D: resulting linear poseidon]
+    ; set key for smt smart contract bytecode query
+    %SMT_KEY_SC_CODE => B
+    $ => SR                         :SSTORE
+
+opRETURNcreateEnd:
+
+    ; return to origin CTX
+    $ => B          :MLOAD(gasRefund)
+    $ => CTX        :MLOAD(originCTX)
+    ; Update gasRefund at origin CTX
+    B               :MSTORE(gasRefund)
+    $ => B          :MLOAD(gasCTX)
+    B + GAS => GAS
+    CTX             :MSTORE(currentCTX)
+    0               :MSTORE(retDataCTX)
+    ; set SP and PC
+    $ => SP         :MLOAD(lastSP)
+    $ => PC         :MLOAD(lastPC)
+    A               :MSTORE(SP++), JMP(readCode); [createContractAddress(A) => SP]
+
+/**
+ * @link [https://www.evm.codes/#f4?fork=berlin]
+ * @zk-counters
+ *  - 400 steps
+ * @process-opcode
+ *  - stack input: [gas, address, argsOffset, argsSize, retOffset, retSize]
+ *  - stack output: [success]
+ */
+opDELEGATECALL:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 6          :JMPN(stackUnderflow)
+    SP - 1 => SP
+    ; store current CTX to auxiliary var for later usage
+    CTX             :MSTORE(originAuxCTX)
+    ; store gas call
+    $ => A          :MLOAD(SP--); [gas => A]
+    A               :MSTORE(gasCall)
+    ; store address call
+    $ => A          :MLOAD(SP--); [address => A]
+    ; Mask address to 20 bytes
+                    :CALL(maskAddress); in: [A: address] out: [A: masked address]
+    A               :MSTORE(addrCall)
+    ; store bytes offset int the memory, the calldata of the subcontext
+    $ => A          :MLOAD(SP--)
+    A               :MSTORE(argsOffsetCall); [argsOffset => A]
+    ; store lastMemOffset for memory expansion gas cost
+    A               :MSTORE(lastMemOffset)
+
+    ; byte size to copy, size of the calldata of the subcontext
+    $ => C          :MLOAD(SP--); [argsSize => C]
+    C               :MSTORE(argsLengthCall)
+    ; store lastMemLength for memory expansion gas cost
+    ; mem expansion gas cost call args
+    C               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+
+    ; Store byte offset in the memory in bytes, where to store the return data of the sub context.
+    $ => B          :MLOAD(SP--); [retOffset => B]
+    B               :MSTORE(lastMemOffset)
+    ; Store byte size to copy (size of the return data).
+    $ => E          :MLOAD(SP); [retSize => D]
+    ;  Mem expansion gas cost return args
+    E               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    $ => B                   :MLOAD(lastMemOffset)
+    ; check if an address is cold. If it is, add it to the touched tree
+    $ => A                   :MLOAD(addrCall)
+                             :CALL(isColdAddress); in: [A: address] out: [D: 0 if warm, 1 if cold]
+    ;gas_cost = base_gas + gas_sent_with_call
+    GAS - %WARM_STORAGE_READ_GAS - D * %COLD_ACCOUNT_ACCESS_COST_REDUCED => GAS    :JMPN(outOfGas)
+
+    ; transition to new CTX
+    $ => C          :MLOAD(txSrcAddr)
+    $ => D          :MLOAD(storageAddr)
+    SP              :MSTORE(lastSP)
+    PC              :MSTORE(lastPC)
+    ; increase CTX
+    $ => A          :MLOAD(lastCtxUsed)
+    A+1 => CTX      :MSTORE(lastCtxUsed)
+    CTX             :MSTORE(currentCTX)
+    $ => A          :MLOAD(originAuxCTX)
+    A               :MSTORE(originCTX)
+    ; set vars for new CTX
+    C               :MSTORE(txSrcAddr)
+    D               :MSTORE(storageAddr)
+    1               :MSTORE(isDelegateCall)
+    SR              :MSTORE(initSR)
+    $ => A          :MLOAD(addrCall)
+    A               :MSTORE(txDestAddr)
+    B               :MSTORE(retCallOffset)
+    ; compute gas send in call
+    E               :MSTORE(retCallLength), CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    $ => CTX        :MLOAD(originCTX)
+    GAS - A         :MSTORE(gasCTX)
+    $ => B          :MLOAD(txValue)
+    $ => C          :MLOAD(gasRefund)
+    $ => D          :MLOAD(isStaticCall)
+    $ => CTX        :MLOAD(currentCTX)
+    D               :MSTORE(isStaticCall)
+    B               :MSTORE(txValue)
+    C               :MSTORE(gasRefund)
+    A => GAS
+
+opDELEGATECALLend:
+    $ => A          :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A               :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    ; Save touched root when a new context is created
+                    :CALL(checkpointTouched)
+                    :CALL(checkpointBlockInfoTree)
+                    :JMP(txType)
+
+/**
+ * @link [https://www.evm.codes/#f5?fork=berlin]
+ * @zk-counters
+ *  - 400 steps
+ *  - 3 binary
+ *  - %MAX_CNT_POSEIDON_SLOAD_SSTORE*2 poseidon
+ * @process-opcode
+ *  - stack input:  [value, offset, size, salt]
+ *  - stack output: [address]
+ */
+opCREATE2:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 5          :JMPN(outOfCountersBinary)
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE*2 :JMPN(outOfCountersPoseidon)
+    ; check out-of-gas
+    GAS - %CREATE_2_GAS => GAS  :JMPN(outOfGas)
+
+    ; check stack underflow
+    SP - 4              :JMPN(stackUnderflow)
+    ; check is static
+    $ => A              :MLOAD(isStaticCall), JMPNZ(invalidStaticTx)
+    SP - 1 => SP
+    $ => A              :MLOAD(SP--); [value => D]
+    A                   :MSTORE(valueCall)
+    $ => E              :MLOAD(SP--); [offset => E]
+    E                   :MSTORE(argsOffsetCall)
+    $ => C              :MLOAD(SP--); [size => C]
+    C                   :MSTORE(argsLengthCall)
+    $ => D              :MLOAD(SP); [salt => D]
+
+
+    ; store lastMemOffset for memory expansion gas cost
+    E                   :MSTORE(lastMemOffset)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    C                   :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; store current CTX to auxiliary var for later usage
+    CTX                 :MSTORE(originAuxCTX)
+
+    ; cost to hash the initialization code
+    C + 31              :MSTORE(arithA)
+    32                  :MSTORE(arithB), CALL(divARITH); in: [arithA, arithB] out: [arithRes1: arithA/arithB, arithRes2: arithA%arithB]
+    $ => C              :MLOAD(arithRes1)
+    GAS => A
+    6 * C => B
+    $                   :LT,JMPC(outOfGas)
+    A - B => GAS
+    GAS                 :MSTORE(gasCall)
+
+    ; check correctness of Create: depth, can transfer, nonce overflow,
+    ; can transfer
+    $ => A              :MLOAD(storageAddr)
+    ; set key for smt balance query
+    %SMT_KEY_BALANCE => B
+    ; 3rd parameter does not apply to nonce or balance
+    0 => C
+    ; balance in A
+    $ => A              :SLOAD
+    $ => B              :MLOAD(valueCall)
+    $                   :LT,JMPC(opCreateFail)
+
+    ; check nonce overflow
+    $ => A              :MLOAD(storageAddr)
+    ; set key for smt nonce query
+    %SMT_KEY_NONCE => B
+    ; nonce in B
+    $ => B              :SLOAD
+    A => C
+    %MAX_NONCE => A
+    $                   :EQ,JMPC(opCreateFail)
+
+    ;change to a new CTX
+    SP                  :MSTORE(lastSP)
+    PC                  :MSTORE(lastPC)
+    ; increase used contexts counter
+    $ => A              :MLOAD(lastCtxUsed)
+    A+1 => CTX          :MSTORE(lastCtxUsed)
+    CTX                 :MSTORE(currentCTX)
+    1                   :MSTORE(isCreateContract)
+    1                   :MSTORE(isCreate)
+    1                   :MSTORE(isCreate2)
+    D                   :MSTORE(salt)
+    ; set origin CTX to this new CTX
+    $ => A              :MLOAD(originAuxCTX)
+    A                   :MSTORE(originCTX)
+
+    ; get nonce & update SR
+    ; get nonce length bytes
+    B                   :MSTORE(txNonce), CALL(getLenBytes); in: [B: value] out: [A: value bytes length]
+    A                   :MSTORE(lengthNonce)
+    ; increase nonce
+    1 => A
+    $ => D                    :ADD
+
+    C => A
+    ; set key for smt nonce query
+    %SMT_KEY_NONCE => B
+    0 => C
+    $ => SR             :SSTORE
+    SR                  :MSTORE(initSR)
+    ; compute gas send in call
+    A                   :MSTORE(txSrcAddr), CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    $ => CTX            :MLOAD(originCTX)
+    $ => C              :MLOAD(gasRefund)
+    GAS - A             :MSTORE(gasCTX)
+    $ => CTX            :MLOAD(currentCTX)
+    C                   :MSTORE(gasRefund)
+    ; update GAS to computed gas send call
+    A => GAS
+    ; set CTX var values
+    $ => A              :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A                   :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    $ => A              :MLOAD(valueCall), CALL(checkpointBlockInfoTree)
+    ; Save touched root when a new context is created
+    A                   :MSTORE(txValue), CALL(checkpointTouched)
+                        :JMP(txType)
+
+/**
+ * @link [https://www.evm.codes/#fa?fork=berlin]
+ * @zk-counters
+ *  - 300 steps
+ * @process-opcode
+ *  - stack input: [gas, address, argsOffset, argsSize, retOffset, retSize]
+ *  - stack output: [success]
+ */
+opSTATICCALL:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 300 :JMPN(outOfCountersStep)
+    ; check stack underflow
+    SP - 6          :JMPN(stackUnderflow)
+    SP - 1 => SP
+    ; store current CTX to auxiliary var for later usage
+    CTX             :MSTORE(originAuxCTX)
+    ; store gas call
+    $ => A          :MLOAD(SP--); [gas => A]
+    A               :MSTORE(gasCall)
+    ; mask address to 20 bytes
+    $ => A          :MLOAD(SP--), CALL(maskAddress); [address => A]; in: [A: address] out: [A: masked address]
+    A               :MSTORE(addrCall)
+    ; store bytes offset int the memory, the calldata of the subcontext
+    $ => A          :MLOAD(SP--); [argsOffset => A]
+    A               :MSTORE(argsOffsetCall)
+    ; store lastMemOffset for memory expansion gas cost
+    A               :MSTORE(lastMemOffset)
+    ; byte size to copy, size of the calldata of the subcontext
+    $ => B          :MLOAD(SP--); [argsSize => B]
+    B               :MSTORE(argsLengthCall)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    B               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; store byte offset in the memory in bytes, where to store the return data of the sub context
+    $ => C          :MLOAD(SP--); [retOffset => C]
+    C               :MSTORE(lastMemOffset)
+    ; store byte size to copy (size of the return data)
+    $ => E          :MLOAD(SP); [retSize => E]
+    ; compute memory expansion gas cost of the return value
+    E               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; check if an address is cold. If it is, add it to the touched tree
+    $ => A          :MLOAD(addrCall), CALL(isColdAddress); in: [A: address] out: [D: 0 if warm, 1 if cold]
+    ;gas_cost = base_gas + gas_sent_with_call
+    GAS - %WARM_STORAGE_READ_GAS - D * %COLD_ACCOUNT_ACCESS_COST_REDUCED => GAS    :JMPN(outOfGas)
+
+    ; setup vars for next CTX
+    $ => D          :MLOAD(storageAddr)
+    $ => B          :MLOAD(gasRefund)
+    SP              :MSTORE(lastSP)
+    PC              :MSTORE(lastPC)
+    ; increase CTX
+    $ => A          :MLOAD(lastCtxUsed)
+    A+1 => CTX      :MSTORE(lastCtxUsed)
+    CTX             :MSTORE(currentCTX)
+    $ => A          :MLOAD(originAuxCTX)
+    A               :MSTORE(originCTX)
+    B               :MSTORE(gasRefund)
+    0               :MSTORE(txValue)
+    1               :MSTORE(isStaticCall)
+    D               :MSTORE(txSrcAddr)
+    SR              :MSTORE(initSR)
+    $ => A          :MLOAD(addrCall)
+    A               :MSTORE(txDestAddr)
+    A               :MSTORE(storageAddr)
+    C               :MSTORE(retCallOffset)
+    ; compute gas send in call
+    E               :MSTORE(retCallLength), CALL(computeGasSendCall); in: [gasCall: gas sent to call] out: [A: min( requested_gas , all_but_one_64th(63/64))]
+    $ => CTX        :MLOAD(originCTX)
+    GAS - A         :MSTORE(gasCTX)
+    $ => CTX        :MLOAD(currentCTX)
+    ; update GAS to computed gas send call
+    A => GAS
+    $ => A          :MLOAD(argsLengthCall)
+    ; set calldata pointers to current CTX
+    A               :MSTORE(txCalldataLen), CALL(saveCalldataPointer)
+    ; save touched root when a new context is created
+                    :CALL(checkpointTouched)
+                    :CALL(checkpointBlockInfoTree)
+                    :JMP(txType)
+/**
+ * @link [https://www.evm.codes/#fd?fork=berlin]
+ * @zk-counters
+ *  - 400 steps
+ * @process-opcode
+ *  - stack input: [offset, size]
+ *  - stack output: none
+ */
+opREVERT:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+    ; check stack underflow
+    SP - 2 => SP          :JMPN(stackUnderflow)
+    ; load initSR to revert all state changes
+    ; revert touched accounts
+    $ => SR         :MLOAD(initSR), CALL(revertTouched)
+
+    $ => E          :MLOAD(SP+1), CALL(revertBlockInfoTree); [offset => E]
+    $ => C          :MLOAD(SP); [size => C]
+    E               :MSTORE(retDataOffset)
+    C               :MSTORE(retDataLength)
+    ; store lastMemOffset for memory expansion gas cost
+    E               :MSTORE(lastMemOffset)
+    ; store lastMemLength for memory expansion gas cost
+    ; compute memory expansion gas cost
+    C               :MSTORE(lastMemLength), CALL(saveMem); in: [lastMemOffset, lastMemLength]
+    ; check if first context
+    $ => B          :MLOAD(originCTX)
+    $${eventLog(onError, revert)}
+    0               :MSTORE(gasRefund)
+    ; if origin ctx is 0, end tx
+    B               :JMPZ(handleGasFromError)
+    ; decrease CTX
+    $ => A          :MLOAD(currentCTX)
+    B => CTX
+    ; add return data context value to origin context
+    A               :MSTORE(retDataCTX)
+    ; return left gas to origin CTX
+    $ => B          :MLOAD(gasCTX)
+    GAS + B => GAS
+
+    A => CTX
+    $ => D          :MLOAD(retCallLength)
+    C => A
+    D => B
+    $               :LT,JMPC(preREVERT32)
+    D => C
+
+; copy from memory current CTX to memory origin CTX
+preREVERT32:
+    $ => B          :MLOAD(retCallOffset)
+
+opREVERTloop:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 200 :JMPN(outOfCountersStep)
+    C              :JMPZ(opREVERTend)
+    ; load first 32 bytes from memory at current CTX
+    C - 32          :JMPN(opREVERTfinal)
+                    :CALL(MLOAD32); in: [E: offset] out: [A: value, E: new offset]
+    E => D
+    $ => CTX        :MLOAD(originCTX)
+    B => E
+     ; set bytesToStore with value to use in MSTORE
+    ; store 32 bytes at origin CTX
+    A               :MSTORE(bytesToStore), CALL(MSTORE32); in: [bytesToStore, E: offset] out: [E: new offset]
+    E => B
+    D => E
+    C - 32 => C
+    ; restore current CTX
+    $ => CTX        :MLOAD(currentCTX), JMP(opREVERTloop)
+
+opREVERTfinal:
+    ; copy last bytes
+                    :CALL(MLOADX); in: [E: offset, C: length] out: [A: value, E: new offset]
+    $ => CTX        :MLOAD(originCTX)
+    B => E
+    A               :MSTORE(bytesToStore), CALL(MSTOREX); in: [bytesToStore, E: offset, C: length] out: [E: new offset]
+    $ => CTX        :MLOAD(currentCTX)
+
+opREVERTend:
+    ; decrease CTX and restore SP and PC
+    $ => CTX        :MLOAD(originCTX)
+    CTX             :MSTORE(currentCTX)
+    $ => SP         :MLOAD(lastSP)
+    $ => PC         :MLOAD(lastPC)
+    0               :MSTORE(SP++), JMP(readCode); [0 => SP]
+
+VAR GLOBAL sendAllAddress
+; SELFDESTRUCT is deprecated and EIP-4758 is implemented: https://eips.ethereum.org/EIPS/eip-4758
+; SELFDESTRUCT is now SENDALL
+/**
+ * @link [https://www.evm.codes/#ff?fork=berlin] (selfdestruct)
+ * @zk-counters
+ *  - 400 steps
+ *  - 2 binary
+ *  - %MAX_CNT_POSEIDON_SLOAD_SSTORE*4 poseidon
+ * @process-opcode
+ *  - stack input: [address]
+ *  - stack output: none
+ */
+opSENDALL:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 400 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 4 :JMPN(outOfCountersBinary)
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE*4 :JMPN(outOfCountersPoseidon)
+    ; check out-of-gas
+    GAS - %SENDALL_GAS => GAS   :JMPN(outOfGas)
+
+    ; check stack underflow
+    SP - 1 => SP        :JMPN(stackUnderflow)
+
+    ; check is static
+    $ => A              :MLOAD(isStaticCall), JMPNZ(invalidStaticTx)
+    $ => A              :MLOAD(storageAddr)
+    ; set key for smt balance query
+    %SMT_KEY_BALANCE => B
+    0 => C
+    ; balance in D
+    $ => D              :SLOAD
+
+    ; Address in A & Mask address to 20 bytes
+    $ => A              :MLOAD(SP), CALL(maskAddress); in: [A: address] out: [A: masked address]
+    A                   :MSTORE(sendAllAddress)
+
+    ; store address receiver in [C, E]
+    A => C, E
+
+    ; check balance to move is greater than 0
+    0 => A
+    D => B
+    $                           :EQ,JMPC(opSENDALLend) ; no balance to move
+
+    ; check receiver and storageAddr are not the same
+    $ => A                      :MLOAD(storageAddr)
+    C => B
+    $                           :EQ, JMPC(opSENDALLend)
+
+; move balances
+opSENDALL2:
+    ; check gas empty account
+                                                :CALL(isEmptyAccount); in: [E: address] out: [E: 0 if is not empty, 1 if is empty]
+    GAS - %CALL_NEW_ACCOUNT_GAS * E => GAS      :JMPN(outOfGas)
+
+    ; save balance storageAddr in arithA for later usage
+    D                           :MSTORE(arithA)
+    ; check is cold to compute gas cost
+    C => A                      :CALL(isColdAddress); in: [A: address] out: [D: 0 if warm, 1 if cold]
+    GAS - %COLD_ACCOUNT_ACCESS_COST * D => GAS     :JMPN(outOfGas)
+    ; read previous balance receiver
+    ; set key for smt balance query
+    %SMT_KEY_BALANCE => B
+    0 => C
+    ; balance in E
+    $ => E              :SLOAD
+
+    ; compute new receiver balance
+    ; Add operation with Arith
+    E               :MSTORE(arithB), CALL(addARITH); in: [arithA, arithB] out[arithRes1: arithA*arithB]
+    $ => D          :MLOAD(arithRes1)
+
+    ; transfer balance to receiver
+    $ => A                  :MLOAD(sendAllAddress); [address => A]
+    %SMT_KEY_BALANCE => B
+    0 => C
+    $ => SR                 :SSTORE
+
+    ; set contract balance to 0
+    $ => A                  :MLOAD(storageAddr)
+    0 => D
+    $ => SR                 :SSTORE
+
+opSENDALLend:
+    ; if origin ctx is 0, end tx
+    $ => A                  :MLOAD(originCTX), JMPZ(handleGas)
+
+    ; decrease CTX
+    $ => B                  :MLOAD(gasRefund)
+    1 => D
+    $ => C                  :MLOAD(isCreate), JMPZ(opSENDALLendContinue)
+    $ => D                  :MLOAD(createContractAddress)
+
+opSENDALLendContinue:
+    A => CTX
+    0                       :MSTORE(retDataCTX)
+    CTX                     :MSTORE(currentCTX)
+    B                       :MSTORE(gasRefund)
+    $ => C                  :MLOAD(gasCTX)
+    GAS + C => GAS
+    ; restore origin CTX values
+    $ => SP                 :MLOAD(lastSP)
+    $ => PC                 :MLOAD(lastPC)
+    D                       :MSTORE(SP++), JMP(readCode); [output => SP]
+
+/**
+ * @link [https://www.evm.codes/#fe?fork=berlin]
+ * @zk-counters
+ *  - 100 steps
+ * @process-opcode
+ *  - stack input: none
+ *  - stack output: none
+ */
+opINVALID:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 100 :JMPN(outOfCountersStep, invalidOpcode)