Alert Source Discuss
⚠️ Draft Standards Track: Core

EIP-3455: SUDO Opcode

A new opcode is introduced to allow calling from an arbitrary sender address.

Authors William Morriss (@wjmelements), Baptiste Vauthey (@thabaptiser)
Created 2021-04-01
Discussion Link


A new opcode, SUDO, is introduced with the same parameters as CALL, plus another parameter to specify the sender address.


There are many use cases for being able to set the sender.

Many tokens are stuck irretrievably because nobody has the key for the owner address. In particular, at address zero there is approximately 17 billion USD in tokens and ether, according to etherscan. With SUDO, anyone could free that value, leading to an economic boom that would end poverty and world hunger. Instead it is sitting there idle like the gold in Fort Knox. SUDO fixes this.

It is a common mistake to send ERC-20 tokens to the token address instead of the intended recipient. This happens because users paste the token address into the recipient fields. Currently there is no way to recover these tokens. SUDO fixes this.

Many scammers have fraudulently received tokens and ETH via trust-trading. Their victims currently have no way to recover their funds. SUDO fixes this.

Large amounts of users have accidentally locked up tokens and ether by losing their private keys. This is inefficient and provides a bad user experience. To accommodate new and inexperienced users, there needs to be a way to recover funds after the private key has been lost. SUDO fixes this.

Finally, there are many tokens and ether sitting in smart contracts locked due to a bug. We could finally close EIP issue #156. We cannot currently reclaim ether from stuck accounts. SUDO fixes this.


Adds a new opcode (SUDO) at 0xf8. SUDO pops 8 parameters from the stack. Besides the sender parameter, the parameters shall match CALL.

  1. Gas: Integer; Maximum gas allowance for message call, safely using current gas counter if the counter is lower
  2. Sender: Address, truncated to lower 40 bytes; Sets CALLER inside the call frame
  3. To: Address, truncated to lower 40 bytes; sets ADDRESS
  4. Value: Integer, raises exception amount specified is less than the value in Sender account; transferred with call to recipient balance, sets CALLVALUE
  5. InStart: Integer; beginning of memory to use for CALLDATA
  6. InSize: Integer; length of memory to use for CALLDATA
  7. OutStart: Integer; beginning of memory to replace with RETURNDATA
  8. OutSize: Integer; maximum RETURNDATA to place in memory

Following execution, SUDO pushes a result value to the stack, indicating success or failure. If the call ended with STOP, RETURN, or SELFDESTRUCT, 1 is pushed. If the call ended with REVERT, INVALID, or an EVM assertion, 0 is pushed.


The GAS parameter is first so that callers can tediously compute how much of their remaining gas to send at the last possible moment. The remaining parameters inherited from CALL are in the same order, with sender inserted between.

Security Considerations

It will be fine.

Copyright and related rights waived via CC0.


Please cite this document as:

William Morriss (@wjmelements), Baptiste Vauthey (@thabaptiser), "EIP-3455: SUDO Opcode [DRAFT]," Ethereum Improvement Proposals, no. 3455, April 2021. [Online serial]. Available: