Bypassing WeChat Mini‑Program JavaScript Interpreter Restrictions with a Bytecode VM Hidden in Images

Introduction

On June 23, the WeChat team announced that mini‑programs would no longer be allowed to use JavaScript interpreters (such as eval5, estime, evil‑eval) for dynamic code updates, prompting developers to seek workarounds.

Goals of This Article

How to break the restriction on JavaScript interpreters and achieve hot‑code updates in WeChat mini‑programs.

Why, in theory, it is impossible to completely forbid hot‑updates in mini‑programs.

Basic Steps & Expected Result

Demo repository: https://github.com/bramblex/jsjs-vm-demo

Write a JavaScript compiler that translates source code into binary bytecode.

Encode the bytecode and hide it inside an image.

Load the image in the mini‑program and decode the bytecode.

Implement a corresponding bytecode virtual machine and execute the extracted bytecode.

Implementing a Bytecode Virtual Machine

Compiling JavaScript to bytecode reduces the size of the runtime compared with embedding a full interpreter (≈10 KB vs. >100 KB). The demo VM, excluding try‑catch and with , implements all ES5 features in about 7 KB of source code.

The instruction set consists of just over 50 opcodes, for example:

export enum OpCode {
  NOP = 0x00,
  UNDEF = 0x01, NULL = 0x02, OBJ = 0x03, ARR = 0x04,
  TRUE = 0x05, FALSE = 0x06, NUM = 0x07, ADDR = 0x08, STR = 0x09,
  POP = 0x0A, TOP = 0x0D, VAR = 0x10, LOAD = 0x11, OUT = 0x12,
  JUMP = 0x20, JUMPIF = 0x21, JUMPNOT = 0x22, FUNC = 0x30, CALL = 0x31,
  NEW = 0x32, RET = 0x33, GET = 0x40, SET = 0x41, IN = 0x43,
  DELETE = 0x44, EQ = 0x50, NEQ = 0x51, SEQ = 0x52, SNEQ = 0x53,
  LT = 0x54, LTE = 0x55, GT = 0x56, GTE = 0x57, ADD = 0x60,
  SUB = 0x61, MUL = 0x62, EXP = 0x63, DIV = 0x64, MOD = 0x65,
  BNOT = 0x70, BOR = 0x71, BXOR = 0x72, BAND = 0x73, LSHIFT = 0x73,
  RSHIFT = 0x75, URSHIFT = 0x76, OR = 0x80, AND = 0x81, NOT = 0x82,
  INSOF = 0x90, TYPEOF = 0x91
}

A sample compilation of a simple script yields bytecode such as:

.main_1:
        STR(09) "wx"
        LOAD(11) TOP(0d)
        STR(09) "showModal"
        GET(40) ARR(04) TOP(0d) NUM(07) 0
        OBJ(03) TOP(0d) STR(09) "title"
        STR(09) "这是一段隐藏在图片中的代码"
        SET(41) POP(0a) ...
        CALL(31) POP(0a) RET(33)

Hiding Bytecode Inside an Image

To minimize visual impact, the bytecode is stored in the alpha channel of a PNG. Each pixel's alpha byte is treated as a single bit: values > 0xF8 represent a 1, otherwise 0. The encoding algorithm runs during compilation, while the mini‑program decodes the alpha channel on a Canvas, reconstructs the bytecode, and feeds it to the VM.

Why Hot‑Update Cannot Be Fundamentally Prevented

Two conditions make complete prohibition impossible:

The host language (JavaScript) is Turing‑complete, allowing developers to implement any other language, including custom interpreters or VMs.

The platform permits network access, so code or bytecode can be fetched remotely and executed.

Consequently, any rule that bans JavaScript interpreters can be circumvented by building a smaller, custom VM and hiding its payload.

Conclusion

The article pays tribute to Alan Turing and Claude Shannon for laying the theoretical foundations that make such techniques possible.