How Zelda fans changed the ending on a vanilla N64 in Ocarina of Time

Das... sollte in <em>Ocarina of Time</em> not happen.  Here’s the story of how some fans made it anyway – all on a standard N64 with an unmodded one <em>ocarina</em>-cartridge.”/><figcaption class=

Enlarge / That… shouldn’t be happening to him ocarina of time. Here’s the story of how some fans made it anyway – all on a stock N64 with an unmodified one ocarina Cartridge.

Summer games done quickly

Shortly after our guide to Summer Games Done Quick 2022 went live, the event hosted an amazing demonstration of a classic video game – one that has since crowded responses to this Ars article. If we’re going to split hairs, they run through the 1998 N64 classic Legend of Zelda: Ocarina of Time isn’t a “speedrun,” but it’s another example of the “TASBot” concept that’s changing games in ways we never dreamed of 24 years ago.

Meanwhile, the team of fans and programmers responsible for this week’s Triforce Percent demonstration have revealed how they achieved the feat using nothing more than a standard N64 and an original ocarina Retail cartridge – although the secret is that controller inputs are so fast and precise that nothing less than a computer can execute them.

Nothing out of date about this run

A video from early 2020 explaining how outdated reference manipulation works. You might want to check this out before watching the SGDQ 2022 video embedded below.

The 53-minute demonstration (embedded at the bottom of this article) begins with an exploit discovered back in late 2019 that the community dubbed “Stale Reference Manipulation.” This exploit takes advantage of a vulnerability in the original version 1.0 of the game that allowed players to manipulate numeric values ​​assigned to certain objects in the game’s memory. The most breezy explanation for this complicated technique can be found in an early 2020 YouTube video (embedded above) explaining the various numerical values ​​assigned to each object in the game, such as: B. their X, Y and Z axes and their rotation.

Skilled players can have values ​​overlap or overpower the game’s original code, allowing them to be manipulated at will. The tech we’re seeing this week requires Link to pick up a rock while walking through a “Loading Zone,” a corridor used to disguise pauses in loading on N64 hardware, in a way that allows for which the game is not designed .

Originally, this exploit was a speedrunning tool as it could trick the game into loading the credits sequence and technically counting as a “completion” within a few minutes. But the Triforce percentage run goes much further.

Ram new content into a classic game

Hey wait, this doesn't belong here... but as the TASBot demonstration team points out, an Arwing was made by <em>Star Fox 64</em> in the original <em>ocarina</em>-Leave cartridge as a reminder that this object was used in early development to test certain animation routines.” src=”https://cdn.arstechnica.net/wp-content/uploads/2022/07/Screenshot-103- 980×653.png” width=”980″ height=”653″/><figcaption class=
Enlarge / Hey wait, this doesn’t belong here… but as the TASBot demonstration team points out, an Arwing from Star fox 64 was left in the original ocarina Cartridge, as a reminder that this object was used to test certain animation routines in early development.

Summer games done quickly

By picking up and dropping specific items, and then getting the game’s hero, Link, to move and perform maneuvers in a specific order, the TASBot team opens a Pandora’s box of what is known as arbitrary code execution is – the type of vulnerability exploited by hackers around the world to allow a closed computer system to run desired code. In addition, the TASBot chain of moves and commands begins instructing the N64 to accept button input from all four N64 controllers as if it were a code.

This item manipulation menu was left in-game as a beta item that could easily be excavated for use in the SGDQ 2022 run.
Enlarge / This item manipulation menu was left in-game as a beta item that could easily be excavated for use in the SGDQ 2022 run.

Summer games done quickly

At this point, a computer will take over all four N64 controller ports and send out a rapid series of button presses like it’s a million-fingered superhero equivalent to The Flash. The glitched out ocarina Cartridge instructed the N64 to accept each keypress in a way that conformed to specific code strings. Once enough of that payload has been sent, the team can return normal control to the “Player One” port, allowing a real person to play through an entirely new sequence of content – all of which is dumped into the N64’s random access memory (RAM) through the incredible quick input of the other three controllers.

These on-the-fly patches can do many incredible things that, taken together, resemble a completely destroyed patch of a cartridge’s read-only memory (ROM), although the TASBot team is limited to changes specific to the console’s RAM apply: tiny changes to existing code, full file replacements, or commands to tell the game to ignore content it would normally load from ROM. As a result, this exploit may be buggy or crash when players go off the expected path for which this exploit is optimized.