The Ethereum Virtual Machine (EVM) is the computation engine that executes smart contract code on Ethereum and EVM-compatible chains like Polygon, Arbitrum, and BSC. Every node in the network runs an identical copy of the EVM, ensuring that all participants reach consensus on the state of smart contracts. Understanding EVM mechanics is essential for writing secure, gas-efficient smart contracts and for auditing potential vulnerabilities.

How the EVM Works

The EVM is a stack-based virtual machine that processes bytecode instructions called opcodes:

1Source Code (.sol)
2       │
3       ▼ Compiler (solc)
4Bytecode (hex)
5       │
6       ▼ Deployment
7EVM Execution
8       │
9       ▼
10State Changes (storage, balances)

When you deploy a contract, the compiled bytecode is stored on-chain. When someone calls a function, the EVM:

1. Loads the contract's bytecode
2. Executes opcodes sequentially
3. Reads/writes to storage as instructed
4. Deducts gas for each operation
5. Reverts all changes if execution fails

EVM Architecture

Stack

The EVM uses a 1024-element stack for computations. Each element is 256 bits (32 bytes). Operations push and pop values from the stack.

Memory

Temporary, byte-addressable storage that exists only during execution. Expands dynamically but costs gas.

Storage

Persistent key-value store (256-bit keys to 256-bit values). Extremely expensive to write (~20,000 gas for new slots).

Calldata

Read-only input data passed to a function. Cheaper than memory for external calls.

Common Opcodes

EVM Security Considerations

Reentrancy

The EVM allows external calls to execute arbitrary code before the calling function completes:

1// Vulnerable pattern
2function withdraw() external {
3    uint256 amount = balances[msg.sender];
4    (bool success,) = msg.sender.call{value: amount}(""); // External call
5    balances[msg.sender] = 0; // State update AFTER call
6}

Integer Overflow (Pre-0.8.0)

Before Solidity 0.8.0, arithmetic didn't check for overflow:

1// In Solidity < 0.8.0
2uint8 x = 255;
3x += 1; // x becomes 0, not 256!

Gas Limitations

Block gas limits constrain computation. Unbounded loops can make functions uncallable.

Storage Collisions

In proxy patterns, mismatched storage layouts between proxy and implementation cause corruption.

EVM Compatibility

"EVM-compatible" chains run the same bytecode:

Code deployed on Ethereum can typically run on EVM-compatible chains with minimal changes.

EVM Execution Context

Every transaction has access to:

1msg.sender    // Address that called this function
2msg.value     // ETH sent with the call
3msg.data      // Raw calldata
4tx.origin     // Original transaction sender (use carefully!)
5block.number  // Current block number
6block.timestamp // Current block timestamp
7gasleft()     // Remaining gas

EVM Limitations

Determinism requirement: No randomness, no external API calls—everything must be reproducible by all nodes.

Gas costs: Complex computation is expensive, limiting what's practical on-chain.

Storage model: 256-bit slots make small values inefficient; packing is essential.

No floating point: Only integer math; decimals must be handled manually.

Audit Relevance

Understanding EVM mechanics helps auditors identify:

• Gas optimization opportunities
• Reentrancy vectors via external calls
• Storage layout issues in upgradeable contracts
• Arithmetic edge cases
• Opcode-level vulnerabilities

The EVM is the foundation of Ethereum's smart contract ecosystem. Deep understanding of its mechanics is essential for both developing secure contracts and identifying vulnerabilities during audits.