Autocorrected, not walkable*

So there is no actual control. There happen to be 8 manipulations for getting a grass mud tile, and one of them just happens to meet these ridiculous requirements. Note that I was not actively looking for this arrangement, I just tested all 8 results manually and found the spinner bug as a result.

Thing is, while we have 'tile manipulation' to get tiles in the void, this is really just a luck of the draw. You read uncontrollable texture data, and I just wrote a brute forcers that found all texture data/chunk allocations and returns a list of maps to reload in and get the desired tiles.

Now, after the mud tile you'd then need another tile with a collision value that makes it in walkable, so you stop spinning and stay in the mud tile.

The odds of that are 1/(265 * 2 * 256 * 2), or roughly double that depending on how the spinner tiles bug glitch operates.

Thing is, these do not allow you to enter them while you are on a bike. There is however a unique glitch that can get around this. A spinner tiles can force you into any tile. Not sure if this is because it always moves one tile, or because it only checks collision values and not unique properties.

The requirements for this setup are really tight. Usually all encounter tiles fail to function with the Pal Park menu, as they are checking for gen 3 Pokémon to migrate. One exception to this is the is mud grass tiles from Great Marsh. You can wiggle in them to get an encounter.

Cuts out getting cacturne, noctowl, machoke, link searcher (-3 gyms), silk scarf, watching the contest cutscene... Maybe even dot artist if we really want to go all out on speed. (Probably not outside of speedrunning).

Will require a specific playername and a longer void route (except for JP rev 5)

Couple weeks, on and off. Most time was spent writing brute forcers

The jumps finally reach somewhere I control, dot artist, and execute that at the end. So yes

I wrote a brute forcer to manipulate in-game trades with specific held items/levels and met dates to get their encrypted data to read a jump instruction, reading the next Pokemon's PID as a fully controllable jump.

To get around the ASLR issue, I spawn a new script process on top of the current one, and that one won't be affected by ASLR and its entry point can be controlled to some degree as you can give the script index to use. Then with some luck I can jump to box data, last 2 bytes of a pokemon.

The main difference is what data gets executed, it completely removes hall of fame entries in favor of item data allocated when you have a trainer battle in certain maps. This was already used for TAS, but could not be made consistent due to ASLR... Until now.

Had tried to get this to work: github.com/keystone-eng...

But I'm being bottlenecked by ref and ffi being impossible to compile on modern node. Probably need to update to ref-napi and whatever ffi alternative there is.

Give me a few days to iron out the details further, for now you can use the old setup if you want: www.craft.me/s/HTe6sst8Gf...

I sadly obsoleted Pokemon League :p RIP muted nurse Joy

It will also cut out RNG/external trades entirely, and no longer cause sequence breaks.

Due to how encryption works, as long as the checksum and input data at an offset is the same, the output is too. So I can create 1 setup, with the only difference being the trademon details for each language.

He has been traded back whilst holding a Protective Cloak, causing him to evolve into CyberCat. He seems to be doing okay, although his sister does not recognize his smell anymore and has been growling at him for hours... It seems he is not super pleased about his cloak.

Hope the alt texts are very useful.