Proxy forwarding: `0x40` pointer vs 0 pointer

In this article below, the proxy forwarding function uses the “free memory pointer” at position 0x40

But in the proxy.sol contract in the Github repo below, the pointer is at 0 which is the scratch pad.

Could you please explain why the article says to use 0x40, but the proxy contract uses 0 pointer? Which one should be used, and why? Is one more secure than the other?

Thank you

the area from 0x00 to 0x40 is used by the EVM to calculate hashes as described here: https://blog.openzeppelin.com/deconstructing-a-solidity-contract-part-ii-creation-vs-runtime-6b9d60ecb44c/

So if you were to use that area, there is a chance whatever you write to it might be overwritten by other instructions. now, since there is no code after the assembly block in the proxy implementation that you linked, this risk is eliminated and it does not make a difference where you start to write into memory. As the code comment says

We take full control of memory in this inline assembly block because it will not return to Solidity code.
We overwrite the Solidity scratch pad at memory position 0.

At least that is my current understanding of it. Makes sense to me but take it with a grain of salt :slight_smile:

2 Likes