• Our software update is now concluded. You will need to reset your password to log in. In order to do this, you will have to click "Log in" in the top right corner and then "Forgot your password?".
  • Forum moderator applications are now open! Click here for details.
  • Welcome to PokéCommunity! Register now and join one of the best places on the 'net to talk Pokémon and more! Community members will not see the bottom screen advertisements.
  • Want to share your adventures playing Pokémon?
    Check out our new Travel Journals forum for sharing playthroughs of ROM Hacks, Fan Games, and other Pokémon content!
  • IMPORTANT: Following a takedown request, the following hacks have been delisted from PokéCommunity:

    • Pokémon Glazed
    • Pokémon: Giratina Strikes Back
    • Pokémon Flora Sky
    • Pokémon Stranded
    The downloads and discussion threads for these hacks will no longer be accessible, and staff will be unable to return questions regarding accessing this content.

Research: Pokemon data decrypting (asm code)

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
mod edit: just for your information, ingame routines that do exactly this already exist within the code

NOTE: all the code posted here was made with the US fire red version in mind. If you are interested in using this code in any other verison, it should still work as long as you change the values for the variable adress and party adress with those from your respective version. To find them, see the end of this post.


I have made an algorithm to decrypt the encripted data and place it somewhere in the RAM where we can look at and modify it acording to our needs. First, a brief explanation on how it works.





The GBA pokemon data is composed of 80 bytes (or 100, for party pokemon). On those 80 bytes, we can divide it in two:
  • The first 32 bytes of unencrypted information, like the nickname, original trainer name and IDs and a 32 bit word usually called Personality/Pokemon ID, that determines if it's shiny, gender, nature, amongst other things;
  • The remaining 48 bytes, encrypted information that contains almost everything important about our pokemon, like species, IV's, EV's, contest and regular status, happiness, experience, level...
Now, to access the first information, one can easily read it just by fetcing it. the second block, however, can only be read if one has the key. That key is found by performing an exclusive OR on the Personality value and OTids, both as 32bit words.



Applying that key to the data, one word at the time will decrypt it, and passing it on decrypted information will encrypt it.

On that second block, the information is compacted in four sub-blocks that store pieces of information of the same nature. Those sub-blocks change position depending on the Personality value. The remainder of Personality\24 indicates it position.

To make it harder to modify, there is also a checksum for this second block on the first block, and if the second block, adding all data as 16bit words is not equal to that checksum, the pokemon becomes a BadEgg.

This algorithm works by having a party pokemon number stored at 0x8004 (where the special 9f stores it)








So, what this algorithm does:
  • Finds the encryption key and stores it at the first memory position (first)
  • Stores the checksum at another memory position (first + 0x6)
  • decrypts and copies all the data from the selected pokemon (first+ 0x18)
  • trough a large algorytm of compares, stores all four sub-blocks starting positions (growth = first +0x8; attack = first + 0xc; effort = first +0x10; miscelaneous info = first + 0x14)
Here's the code
Edit: the portions in bold on the code is the part you need to change in order for it to work. Goes for all valid posts.

Spoiler:

But this code is pretty much useless if you don't know how to access its information. I will post further ahead some code examples on how to change and read this information.

This code has a second part to it, that must be called upon to save changes on the selected pokemon. It's pretty much the reverse, but much shorter because it doesn't need to know what was changed or the position where it must put the data. It just corrects the checksum and copies the information after encrypting it.
Spoiler:

With these two algoritms, many new commands manipulating and checking pokemon caracteristics are possible. I hope this code will be helpful on your rom-hacking.

Edit:
For easy insertion, The two main codes are now available in a small hex file, at this post.
http://www.pokecommunity.com/showthread.php?p=4914212#post4914212

Now, some asm examples on how to use this new found information.
Identifying a pokemon species
I know there is a combination of commands to identify a pokemon, but it only works on pokemon that are not eggs. This code allows you to identify a pokemon egg as well. Only one problem. You must manually set the variable 0x8004 to the egg's position as it cannot be selected by special 0x9f. I would recommend setting it to 0x0, and asking the player to put the egg in the first party slot.
Spoiler:

Or in ROM-ready version
Spoiler:


Increasing a pokemon happiness by any value
If you wish to make some ways for a pokemon to gain happiness, or to make a pokemon love his trainer after an event, this code will allow it.
Spoiler:

ROM-ready version
Spoiler:


See a Pokemon's pokeball
If you wish to have a place to release pokemon but keep their ball, or for a script that
bars entrance to any trainer who doesn't keep all pokemons in a special kind of ball, we have this code
Spoiler:

ROM ready version
Spoiler:


And that's it for now. I shall post more examples later on. For now, you may post requests on this thread.

For more information on the data stored, I recommend the place where I learned about it, bulbapedia (search there for Pokémon data substructures in the GBA).

To find the addresses for your version:
Spoiler:


To find the variables 0x8000:
Spoiler:
 
Last edited by a moderator:

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
To 0m3GA ARS3NAL

While it is possible to make code that changes the amount of experience on a pokemon, I have no way of reproducing the level up routine without messing up some of the status gains, at the moment. As such, I give here a code that will allow you to give a pokemon experience, but for it to level up, it is necessary to fight a battle. Also, this code has several limits. First, you can only add up to 32767 exp points (0x7fff). Any bigger and the pokemon will crash your game. Also, if the experience surpasses that of the needed to gain a level, the pokemon will present, on the status screen, a full blue experience bar with a transparent middle, and the numbers will be mixed with question marks.

If you still want it, here it is.
Spoiler:


And in the compiled version
Spoiler:


Edit: As promissed, some more examples of what to do with this code

Catch the pokerus
This code here allows you to cure, immunize and catch the pokemon virus. To make it work, put in var 0x8005 a number between 0x1 and 0xf to give it, 0x0 to cure but not immunize and 0x10 or higher to immunize the pokemon, preventing him to ever catch the virus again (even with this code)
Spoiler:

Compiled and ready
Spoiler:


EV related material
Several codes that allow you to manipulate Contest stats and Effort values. This following "Stat table" is used in all the following examples
Value -> Stat
Spoiler:

Any of the following EV codes only work correctly if the value is present on the table. Using others results in the unexpected.

Reading EV's/Contest stats
This one code reads the values of the stat placed on variable 0x8005, and places the result on that variable, a number from 0x0 - 0xff.
Spoiler:


Ready to use version
Spoiler:


Adding to EV/Contest stats
This code allows you to change the values of both EV's and Contest Stats, but it works differently on both situations. Place the value to add, between 0x0 - 0xff on var 0x8006 and a table value on 0x8007.
Adding EV obeys the 512 limit, so only values up to a total of 512 will be accepted. On both the Contest and EV, adding a value that is bigger than the allowed will cause the code to add only up to that limit, meaning that adding efforts that surpass 512 after adding will add only up to 512, and adding values that exceed 0xff will make the value 0xff.
Spoiler:

Ready version
Spoiler:


Erasing all EV's
This last code receives nothing and returns nothing, changing only all EV's to 0.
Spoiler:

Ready version
Spoiler:


And that is all for now. Feel free to ask for any other codes. Next time I post here I will bring a "teaching Attacks" code, a dumbed down "move tutor".
 
Last edited:

0m3GA ARS3NAL

Im comin' home...
1,816
Posts
16
Years
Wow, this is great, I did not need to level the Pokemon up, but this is insane, you really should make a tutorial, and add to the super cool ASM saga that is about to hit PC.
(PC went is stages, Hex, ScriptED, Pokescript PKSV, XSE... I can see more people are going to start using ASM now...)

Okay, I have a toughie, how about changing Pokemon from shiny to normal and vice/versa while they are in your party/activated with a script? (also having it activate like leveling up would be cool, for instance if you battle for bunch of battles, the Pokemon becomes shiny, or vice versa, cause I also need that, hehe.
 
Last edited:

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
To make a pokemon shiny, as explained in Mastermind_X shiny hack, the encryption key on a pokemon must be lower than 8. For that to be acomplished one of two things must be sacrificed: either we make Personality = OTID or OTID = Personality. The main question here is when do you wish to use that script. One will sacrifice nature, gender and all that is determined by personality. The other will make the pokemon not to be yours. If at a higher level, a pokemon will not obey a trainer if he doesn't have the right badge.
So, the first method (nature-changing) is recomended for short periods of time, at the beggining of the game. But the second (OTID) is the best way as all the stat-changing nature, gender, etc will be maintained and the location for all the data will remain the same. Personality editing, for the reasons mentioned in the first post, would mess things up. So will write the code for OT changing.
Suggestions for keeping pokemon obeying you: Set a flag with the current eight badge flag value. set the flag before the battle start and clear it if both flags aren't identical.
As all other code in this page, you should keep var 0x8004 as the pokemon slot.
Place variable 0x8005 to 0x0 to return the pokemon to normal.
Spoiler:

Compiled rom code
Spoiler:


Also, as promissed, a dumbed down move tutor. It will always teach your pokemon a move, replacing one move if no empty slots are available.
Free attack slot finder
This piece of code is to be used before the teaching code, and will check the pokemon for empty attack slots, returning 0 if none are found(corresponding to the first slot). This code will place its result on variable 0x8007.
Spoiler:

Compiled and ready
Spoiler:


Teaching the attack
This code will place any attack you placed on 0x8006 on the slot indicated by 0x8007,
placing its corresponding pp to the fullest and erasing any pp bonus from the previous attack. This code will check for range, not working it 0x8007 is equal to or bigger than 0x4, but it will not check for a pokemon's capability to learn such attack.
Spoiler:

Ready to use version
Spoiler:


That is all for now.
 

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
So, if I want a pokemon to be shiny, I have 0x8005 set to 1, and if not, set it to 0?
And what if I need multiple pokemon de-shinnied, up to 6 at a time?

Yes, to make a pokemon shiny, set 0x8005 to a value that is not 0x0.
While it would be possible to make 6 pokemon shiny at a time, it would be very hard to keep track of what pokemon was changed when with this code. Also, all these codes were made to alter one pokemon at a time.
 

0m3GA ARS3NAL

Im comin' home...
1,816
Posts
16
Years
That would be cool to do 6 at a time... important for a hack actually...
Am I able to change 0x8004 to change a 2nd pokemon, or 3rd, or 4th etc.. Shiny/Normal?
if not, would you be able to do that?
 
Last edited:

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
By editing the previous shiny code, and placing a small value in one of the pokemon unused stats to keep track of which variables hold the corresponding ID, I managed to modify the code to allow for up to six pokemon to be "Shinied" at a time. But, as the code only works in between a Decrypt-encrypt function, to use it correctly your script should look like this:

Code:
setvar 0x8004 0x0
#org @loop
compare 0x8004 0x6
if 0x1 goto @next
callasm @decript
callasm @shine
callasm @encript
add 0x8004 0x1
jump @loop
#org @next
This will make all party pokemon shiny. Next, I'll post the code. This time, I'll post it compilable on the devkitARM assembler, and indicate only where the values should be changed to allow a new shiny limit.
Spoiler:

The compiled version
Spoiler:


The stat I used was the two bytes next to the checksum, right before the encripted data.
 

Grinner

Smiley Face
18
Posts
15
Years
  • Age 34
  • Seen Aug 27, 2009
Heh I dont know if I should be exasperated or gratefull (leaning towards gratefull) becuse I have been trying to learn ASM to do simmiler things to this for a while thinking that ASM would never become mainstream enough to have this complecated stuff posted on a forum. Now I need to work out if I will struggle on and write inferior code so I can feel I have earned it or...

Anyway thanks for posting this.
 

0m3GA ARS3NAL

Im comin' home...
1,816
Posts
16
Years
Heh I dont know if I should be exasperated or gratefull (leaning towards gratefull) becuse I have been trying to learn ASM to do simmiler things to this for a while thinking that ASM would never become mainstream enough to have this complecated stuff posted on a forum. Now I need to work out if I will struggle on and write inferior code so I can feel I have earned it or...

Anyway thanks for posting this.

I agree 100% I am extremly greatful for the ASM hackers coming out of seclusion and ASMing... heheh.
May I recomend HackMew's tutorial on ASM, and ZodiacDaGreat... his site has 2 ASM tutorials...
or even maybe JPAN could try his hand at one? you never know!

~0A :t282:
 

HentaiHentai

Banned
53
Posts
15
Years
Ok, Admitted looking at this and my eyes are telling me Im insane.
Lol, I understand this is ASM, and I do see that you have converted I have no clue what into hex so.
What Im most curious about is that Pokerus virus. How would I use that. heres an example of what I want to do.
EX: Player goes somewhere umm...toxic, touches something infecting the lead pokemon with pokerus what steps would i have to use to get the asm/hex stuff into a script?
Thank You
 

JPAN

pokemon rom researcher
104
Posts
15
Years
  • Seen Jul 2, 2016
EX: Player goes somewhere umm...toxic, touches something infecting the lead pokemon with pokerus what steps would i have to use to get the asm/hex stuff into a script?

After inserting the ASM code in the ROM, and being (for example) 0x800000 the offset of the pokemon loading script (first posted) , 0x800500 the give-pokerus code offset and 0x801000 the pokemon storing/encryption code offset, nomething like this would work

Code:
(other preceding code)
setvar 0x8004 0x0
callasm 0x08800001
setvar 0x8005 0xf (for maximum time, any other value below is fine)
callasm 0x08800501
callasm 0x08801001
(code after event)

Basically the structure is always
choose pokemon (either fixed through setvar, or variable with special 0x9f)
callasm Decript_function
set variable needed
callasm modifying_function1
set variable needed
callasm modifying_function2
...
callasm encryption_code
 

destinedjagold

You can contact me in PC's discord server...
8,593
Posts
16
Years
  • Age 33
  • Seen Dec 23, 2023
sophidius, please don't revive month-old threads~

edit...
nevermind...
new rule applied. :P
 
Last edited:

Gamer2020

Accept no Imitations!
1,062
Posts
15
Years
EV related material
Several codes that allow you to manipulate Contest stats and Effort values. This following "Stat table" is used in all the following examples
Value -> Stat
Spoiler:

Any of the following EV codes only work correctly if the value is present on the table. Using others results in the unexpected.

Reading EV's/Contest stats
This one code reads the values of the stat placed on variable 0x8005, and places the result on that variable, a number from 0x0 - 0xff.
Spoiler:


Ready to use version
Spoiler:


Adding to EV/Contest stats
This code allows you to change the values of both EV's and Contest Stats, but it works differently on both situations. Place the value to add, between 0x0 - 0xff on var 0x8006 and a table value on 0x8007.
Adding EV obeys the 512 limit, so only values up to a total of 512 will be accepted. On both the Contest and EV, adding a value that is bigger than the allowed will cause the code to add only up to that limit, meaning that adding efforts that surpass 512 after adding will add only up to 512, and adding values that exceed 0xff will make the value 0xff.
Spoiler:

Ready version
Spoiler:


Erasing all EV's
This last code receives nothing and returns nothing, changing only all EV's to 0.
Spoiler:

Ready version
Spoiler:


And that is all for now. Feel free to ask for any other codes. Next time I post here I will bring a "teaching Attacks" code, a dumbed down "move tutor".

Could you please explain a little on more on this?
Like How would I include this in a script?
(I know I have to use callasm but is that all?)
 

0m3GA ARS3NAL

Im comin' home...
1,816
Posts
16
Years
I just read through the first ASM code, and I must ask, am I Able to edit a pokemon's hold item using the first 2 ASM routines in this thread?
If so, I thank thee for your ASM skills, and will learn from them if you don't mind...
 

HackMew

Mewtwo Strikes Back
1,314
Posts
17
Years
  • Seen Oct 26, 2011
I just read through the first ASM code, and I must ask, am I Able to edit a pokemon's hold item using the first 2 ASM routines in this thread?
If so, I thank thee for your ASM skills, and will learn from them if you don't mind...

Acrutally those just decrypt the data into RAM.
 
Back
Top