Introduction

TRON uses an account model. An account's identity is its address; it needs a private key signature to operate an account. An account has many attributes, like TRX balance, tokens balance, bandwidth, etc. TRX and tokens can be transfered from account to account, and it costs bandwidth. An account can also issue a smart contract, apply to become a super representative candidate, vote, etc. All TRON's activities are based on accounts.

How to Create an Account

  1. Use a wallet to generate the address and private key. To active the account, you need to transfer TRX or transfer token to the newly-created account.

  2. Use an account that already exists in TRON network to create an account.

If you have enough frozen BandWidth Points, creating an account only consumes your frozen BandWidth Points; otherwise, it burns 0.1 TRX.

Key-pair Generation

Tron's signature algorithm is ECDSA, and the curve used is SECP256K1. A private key is a random bumber, and the corresponding public key is a point in the elliptic curve. The process is: first generate a random number d to be the private key, then caculate P = d * G as the public key, where G is the elliptic curve base point.

Address Format

Use the public key P as the input, and use SHA3 get the result H. The length of the public key is 64 bytes (SHA3 uses Keccak256). Use the last 20 bytes of H, and add a byte of 0x41 in front of it. Do a basecheck (see next paragraph), and the result will be the final address. All addresses start with 'T'.

Basecheck process: first run sha256 on the address to get h1, then run sha256 on h1 to get h2. Use the first 4 bytes as a checksum, add it to the end of the address (address||check). Finally, base58 encode address||check to get the final result.

Character map

ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"

Signature

Step

  1. Get the rawdata of the transaction, then transfer it to byte[].
  2. Run sha256 on the rawdata.
  3. Use the private key to sign the result from step 2.
  4. Add the signature back into the transaction.

Algorithm

ECDSA, SECP256K

Example

priKey:::8e812436a0e3323166e1f0e8ba79e19e217b2c4a53c970d4cca0cfb1078979df
       
pubKey::04a5bb3b28466f578e6e93fbfd5f75cee1ae86033aa4bbea690e3312c087181eb366f9a1d1d6a437a9bf9fc65ec853b9fd60fa322be3997c47144eb20da658b3d1
        
hash:::159817a085f113d099d3d93c051410e9bfe043cc5c20e43aa9a083bf73660145
        
r:::38b7dac5ee932ac1bf2bc62c05b792cd93c3b4af61dc02dbb4b93dacb758123f
        
s:::08bf123eabe77480787d664ca280dc1f20d9205725320658c39c6c143fd5642d
        
v:::0

Note: The size of the signature result is 65 bytes:

  • r = 32 bytes
  • s = 32 bytes
  • v = 1 byte
  1. Fullnode will verify the signature; it generates an address with the value of hash, r, s, and v, then it compares with the address in the transaction.

Demo

public static Transaction sign(Transaction transaction, ECKey myKey) {
    Transaction.Builder transactionBuilderSigned = transaction.toBuilder();
    byte[] hash = sha256(transaction.getRawData().toByteArray());
    List<Contract> listContract = transaction.getRawData().getContractList();

    for (int i = 0; i < listContract.size(); i++) {
      ECDSASignature signature = myKey.sign(hash);
      ByteString bsSign = ByteString.copyFrom(signature.toByteArray());

      //Each contract may be signed with a different private key in the future.
      transactionBuilderSigned.addSignature(bsSign);
    }
  }

What’s Next