CALL and CALLCODE take the same number of operands (in the execution stack). For the exception flag being pushed on top of the stack: 0 means exception, 1 means successful execution. CALL is easy to understand, but I could not digest the subtle difference between CALL & CALLCODE. It is stated in the yellow paper that for
CALLCODE: This means that the recipient is
in fact the same account as at present, simply that the code is
overwritten.
What does it mean by the code is overwritten? Does that mean I can ask the contract to execute some external code? It would be helpful if anyone can provide me an example to differentiate between the two.
EDIT: DELEGATECALL was added in Homestead what is the difference?
Best Answer
DELEGATECALL
basically says that I'm a contract and I'm allowing (delegating) you to do whatever you want to my storage.DELEGATECALL
is a security risk for the sending contract which needs to trust that the receiving contract will treat the storage well.DELEGATECALL
was a new opcode that was a bug fix forCALLCODE
which did not preservemsg.sender
andmsg.value
. If Alice invokes Bob who doesDELEGATECALL
to Charlie, themsg.sender
in theDELEGATECALL
is Alice (whereas ifCALLCODE
was used themsg.sender
would be Bob).Details
When D does CALL on E, the code runs in the context of E: the storage of E is used.
When D does CALLCODE on E, the code runs in the context of D. So imagine that the code of E is in D. Whenever the code writes to storage, it writes to the storage of account D, instead of E.
When D does CALLCODE on E,
msg.sender
inside E is D as commented in the code above.When an account C invokes D, and D does DELEGATECALL on E,
msg.sender
inside E is C. That is, E has the samemsg.sender
andmsg.value
as D.You can quickly test above in Solidity Browser.