TRON uses an account model. The address is the unique identifier of an account, and a private key signature is required to operate an account. An account has many attributes, including TRX & token balances, bandwidth, energy, Etc. TRX's and tokens' transferring cost bandwidth, smart contract related operations cost energy. An account can apply to become a super representative candidate and accept votes from other accounts.
The account is the basis of all the TRON's activities.

Account creation

  1. Generate the address and private key using a wallet or explorer. Transfer TRX/TRC10 token to this address to activate the account.

  2. Call the CreateAccount contract from an existing account.

Account creation costs only bandwidth. It burns TRX if bandwidth is insufficient.

Key-pair Generation

Tron's signature algorithm is ECDSA, and the curve used is SECP256K1. A private key is a random number, and the corresponding public key is a point on the elliptic curve.
Generating process:

  1. Make a random number d as the private key.

  2. Calculate P = d * G as the public key. (G is the elliptic curve base point)

Address Format

Use the public key P as the input, and use SHA3 get the result H. The length of the public key is 64 bytes (SHA3 uses Keccak256). Use the last 20 bytes of H, and add a byte of 0x41 in front of it. Do a basecheck (see next paragraph), and the result will be the final address. All addresses start with 'T'.

Basecheck process: first run SHA256 on the address to get h1, then run SHA256 on h1 to get h2. Use the first 4 bytes as a checksum, add it to the end of the address (address||check). Finally, base58 encode address||check to get the final result.

  1. Calculate SHA3 result H with the public key.

  2. Take the last 20 bytes of H and fill a 0x41 byte in front to get the address. (the public key is 64-bytes long. SHA3 uses Keccak256)

  3. Do a basecheck to get the final result. Addresses start with a 'T'. (Basecheck process: calculate SHA256 with the address to get h1; calculate SHA256 with h1 to get h2; add the first 4 bytes of h2 as a checksum to the tail of the address to get address||check, and encode it in base58 to get the final result)

Character map

ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"



  1. Transfer the rawdata of the transaction to byte[].
  2. Run SHA256 on the rawdata.
  3. Use the private key to sign the result of step 2.
  4. Add the signature to the transaction.





Note: The size of the signature result is 65 bytes:

  • r = 32 bytes
  • s = 32 bytes
  • v = 1 byte
  1. Fullnode will verify the signature; it generates an address with the value of hash, r, s, and v, then it compares with the address in the transaction.


public static Transaction sign(Transaction transaction, ECKey myKey) {
    Transaction.Builder transactionBuilderSigned = transaction.toBuilder();
    byte[] hash = sha256(transaction.getRawData().toByteArray());
    List<Contract> listContract = transaction.getRawData().getContractList();

    for (int i = 0; i < listContract.size(); i++) {
      ECDSASignature signature = myKey.sign(hash);
      ByteString bsSign = ByteString.copyFrom(signature.toByteArray());

      //Each contract may be signed with a different private key in the future.

What’s Next