Open in app

Sign in

Write

Sign in

Ethereum checksummed addresses, importance, and implementation

Jeremy Then
Coinmonks
5 min readMay 31, 2022

--

A checksummed address is an address that contains some data that validates its integrity.

A checksum is just a small piece of data derived from other data, used to detect errors on that data during its transmission through the network or due to user error while manipulating it.

In blockchains, it’s a common practice to calculate a checksum for an address and append, somehow, that checksum to the address itself. This way, when we use that address to send funds to it, the wallet, blockchain client, or the blockchain itself, has a way to check the integrity of that address, in order to detect errors and prevent loss of funds.

Ethereum

Ethereum now supports checksum addresses. Ethereum was not originally designed to support checksum addresses and raw hexadecimal addresses were used. This was a problem because Ethereum clients didn’t have a way to check the integrity of the address and users could lose funds if the address was not right.

An Ethereum Improvement Proposal (EIP) was submitted to have a way to add a checksum to Ethereum addresses in a backward-compatible way. See EIP-55.

Before EIP-55, Ethereum addresses use to look like this:

All characters of the hex address are in lowercase.

Now, with EIP-55, Ethereum addresses look like this:

A mix of lower and upper characters, encoding a checksum that Ethereum clients like Metamask and Web3js can detect and check for correctness.

We can still send funds to an address with all lowercase (an address without a checksum) and the Ethereum clients and the Ethereum protocol will accept it and lock funds to it without verifying for correctness (because there is no way to verify its integrity), potentially locking funds in an invalid address and losing funds forever.

Always make sure to use a checksum address before sending funds to that address.

How EIP-55 works

To create a checksum for an Ethereum address:

  1. We need to calculate the Keccack-256 hash of the address in lowercase, without the ‘0x’ prefix.
  2. Compare the ith character of both the address and the hash and if the ith character of the address is a letter and the ith character of the hash hex value is greater or equal to 8, set the ith character of the address to uppercase.

This would print something like this:

Let’s put the address and the hash one below the other:

We only need the first 20 bytes (40 characters) of the hash and ignore the rest, since the Ethereum address is 20 bytes.

If we compare each of the characters at the ith index of both the address and the hash and check the conditions mentioned above, we observe the following characters match the conditions, highlighted in red:

The address character at index 27 is c, which is a letter, and the hash character at index 27 is c, which is greater than 8 in hex value, so, we set the address letter at index 27 to upper case, as shown in the result row. We find matching characters at indices 29, 32, 33, 34, and 36, so only these characters are set to upper case.

When an Ethereum client gets a checksummed address and it wants to validate it, it makes a copy of it, set it to lower case and runs the same steps as above, and compares the result to the checksum address it received, and if they don’t match, then the address is invalid and an error is thrown.

Changing the address, even a little bit, would generate a totally different keccack256 hash and the checksum would be different.

New to trading? Try crypto trading bots or copy trading

Here is a tool to try out different hash algorithms online: emn178.github.io

Here’s a little code to show how it could be implemented:

This would print:

If you use Metamask, you will see that it shows the addresses checksummed by default. If you try modifying the checksummed address even a little, it will complain that the address is not valid. Let’s change the last digit of the example address from a 5 to a 6 and try to send funds to it using Metamask:

Also, if you go to etherscan.io and paste an address with no checksum in the search bar and hit enter, it will then show you the address with its checksum:

Easy way to add a checksum to an Ethereum address!

Conclusion

We have seen how Ethereum clients add checksums to the Ethereum addresses. Other blockchains also encode checksums to their addresses to reduce the chances of sending funds to an invalid address.

A different approach to standardizing Ethereum addresses with built-in checksum was also proposed, called the ICAP (Interexchange Client Address Protocol), which was based on the IBAN (International Bank Account Number) format. This is not used very often.

Ethereum addresses were not added checksums and encoding from the beginning because they were not supposed to be used directly, but from a domain name in the blockchain with the Ethereum Name Service (ENS), introduced in EIP-137. So users could, instead of using their address as raw hexadecimal, use a domain that internally points to their address. Something like: jeremythen.eth

The development of the Ethereum Name Service was not completed in the expected time and now using the raw hex address is the norm.

Ethereum
Checksum
Checksummed Address
Metamask
Implementation

--

--

Jeremy Then
Coinmonks

Written by Jeremy Then

132 Followers

I’m a full stack software developer and blockchain engineer, passionate about helping others learn software and achieve more.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams