Solidity CheckSum Overview

Jeremiah SamuelJeremiah Samuel
3 min read

As a newcomer to Solidity and smart contract development, I often encountered terms and concepts that seemed daunting at first. One such term was "checksum." It wasn’t until I was deep into developing a multisig wallet contract that I truly understood the significance of this concept. In this article, I'll share my journey with checksums, how they impacted my work, and provide a clear walkthrough of what checksums are in the context of Solidity.

The Checksum problem

While working on a multi-sig wallet contract, I was performing various manipulations involving an array of addresses. To test my contract thoroughly, I needed to generate some random Ethereum addresses. However, I encountered a frustrating "Checksum error" and that was took me further into the concept of checksums.

At that moment, I checked up on various resources and I learnt that Ethereum addresses aren’t just a sequence of hexadecimal characters. They include a checksum that helps prevent errors in address entry and ensures that addresses are valid and correctly formatted. I eventually bypassed that by simply generating new addresses from my wallet. But this experience made me curious about how checksums work and why they are essential.

What is a Checksum?

Generally, a checksum is a value used to verify the integrity of data and in the context of Ethereum addresses, a checksum helps to catch errors that might occur during manual entry or transmission. It acts as a validation mechanism to ensure that an address is valid and has not been mistyped.

Ethereum addresses are 42 characters long, starting with "0x" followed by 40 hexadecimal characters. The checksum is integrated into these addresses to enhance security and accuracy. It’s based on the Keccak-256 hash function, which converts the address into a unique string.

How Ethereum Address Checksum Work?

  1. Convert Address to Lowercase: First, the Ethereum address is converted to all lowercase letters.

  2. Generate a Hash: The lowercase address is hashed using the Keccak-256 algorithm.

  3. Determine the Checksum: Each character in the original address is then compared against the corresponding character in the hash. If the hash character is between 8 and f (inclusive), the original address character is capitalized. If it’s less, the character remains lowercase.

  4. Construct the Checksum Address: The resulting address, with a mix of uppercase and lowercase letters, is the checksum address.

Why Checksum Addresses Are Important?

  1. Error Detection: The primary benefit of using checksums is error detection. They help identify mistyped addresses, reducing the risk of sending funds to the wrong address.

  2. Enhanced Security: Checksums add an extra layer of security, ensuring that addresses are valid and minimizing the chances of fraudulent transactions.

  3. Standard Practice: Using checksum addresses is a best practice in Ethereum development, ensuring consistency and reliability in address handling.

Practical Example

Here’s a simple example to illustrate how checksums work in Solidity. Suppose you have an Ethereum address: 0x5FfC014343cd971B7EB70732021E26C35B744cc4.

  1. Convert to lowercase: 0x5ffc014343cd971b7eb70732021e26c35b744cc4

  2. Hash using Keccak-256.

  3. Capitalize certain characters based on the hash.

The final address might look something like 0x5FfC014343CD971B7EB70732021E26C35B744CC4. This address with the checksum ensures that the address entered or used is valid.

Fixing Checksum Errors

When I first encountered a checksum error, it was a sign that my generated addresses didn’t conform to the checksum standard. In practice, this means you need to ensure that any address you use or generate follows the checksum format. Tools and libraries are available in various programming languages that can help you generate and validate checksum addresses. For instance, in JavaScript, the web3.js library provides utility functions to handle address checksums, making it easier to manage and verify Ethereum addresses in your projects.

Conclusion

The prying into checksums started with a bug but led to a deeper understanding of address integrity and security. Checksum addresses are a crucial part of Ethereum's security framework, ensuring that transactions are safe and addresses are correctly formatted.

0
Subscribe to my newsletter

Read articles from Jeremiah Samuel directly inside your inbox. Subscribe to the newsletter, and don't miss out.

hash functions, MD5, SHA-1, SHA-2, checksumSolidityethereum smart contractsSmart Contractsmultisig walletmultisig crypto wallet

Written by

Jeremiah Samuel
Jeremiah Samuel