Skip to main content
This page is a placeholder. All examples on this page are currently AI-generated and are not correct. This documentation will be completed in the future with accurate, tested examples.

Overview

Opcode: 0x32 Introduced: Frontier (EVM genesis) ORIGIN pushes the address of the account that originated the transaction (tx.origin) onto the stack. This address never changes throughout the entire call chain, unlike CALLER which changes with each call.

Specification

Stack Input:
Stack Output:
Gas Cost: 2 (GasQuickStep) Operation:

Behavior

ORIGIN provides the address of the externally owned account (EOA) that signed and initiated the transaction. This value remains constant throughout the entire execution, regardless of how many contract calls are made. Key characteristics:
  • Always an EOA (never a contract address)
  • Immutable throughout transaction execution
  • Same value in all contracts called during transaction
  • Cannot be a contract (contracts cannot initiate transactions)

Examples

Basic Usage

Call Chain Comparison

Gas Cost

Cost: 2 gas (GasQuickStep) ORIGIN shares the lowest gas cost tier with other environment access opcodes:
  • ADDRESS (0x30)
  • CALLER (0x33)
  • CALLVALUE (0x34)
  • CALLDATASIZE (0x36)
  • CODESIZE (0x38)
  • GASPRICE (0x3a)
  • RETURNDATASIZE (0x3d)

Common Usage

Logging Transaction Source

Gas Refunds

Security

CRITICAL: Never Use for Authorization

VULNERABLE pattern:
Attack scenario:
SAFE pattern - use msg.sender:

tx.origin vs msg.sender

Critical distinction:
Propertytx.originmsg.sender
ValueOriginal EOAImmediate caller
Changes in call chainNoYes
Can be contractNeverYes
Safe for authNOYES
OpcodeORIGIN (0x32)CALLER (0x33)
Example:

Phishing Attack Vector

Limited Valid Use Cases

Valid (but rare) use case - gas payment:
Even better - explicit parameter:

Implementation

Edge Cases

Stack Overflow

Out of Gas

Zero Address Origin

Best Practices

❌ DON’T: Use for authorization

✅ DO: Use msg.sender for authorization

❌ DON’T: Trust tx.origin in access control

✅ DO: Use for logging/analytics only

⚠️ CAUTION: Meta-transactions

References