An EIP-55 checksum address is an Ethereum address that uses a specific pattern of uppercase and lowercase letters to encode a built-in error check. The mixed case is not random or cosmetic. It is a keccak-256 hash mapped onto the hex characters so that wallets can catch a mistyped address before you send funds to the wrong place. If you have ever asked what is an EIP-55 checksum address, the short version is this: it is the same 40-character address you already know, with the casing acting as a free typo detector.
Ethereum addresses are case-insensitive at the protocol level, so the network treats 0xabc... and 0xABC... as the same account. EIP-55 adds a layer on top where the exact pattern of capitals carries information. Get one letter's case wrong and a compliant wallet refuses the address as invalid. That single safeguard has prevented countless irreversible mistakes.
What Is an EIP-55 Checksum Address?#
A raw Ethereum address is 20 bytes, shown as a 40-character hexadecimal string after the 0x prefix. Hex uses the digits 0 through 9 and the letters a through f. The digits have no case, but those six letters do, and that is the space EIP-55 exploits.
The proposal, authored by Vitalik Buterin in 2016, defined a rule: hash the lowercase address with keccak-256, then use that hash to decide which letters get capitalized. The result looks like this.
Lowercase: 0x52908400098527886e0f7030069857d2e4169ee7
EIP-55: 0x52908400098527886E0F7030069857D2E4169EE7
Both strings point to the identical account. The second one simply encodes a checksum in its capitalization. A wallet that understands EIP-55 can recompute the expected casing and confirm nothing was altered in transit.
Key point: the casing does not change the address. It is metadata baked into the characters. The blockchain ignores it; your wallet software uses it to catch errors.
Why Ethereum addresses are mixed case#
Before EIP-55, Ethereum addresses were all lowercase. A single mistyped character produced another perfectly valid-looking address, with no way to know. Bitcoin had checksums from the start through its base58check encoding, but Ethereum did not, so the community needed a backward-compatible fix that would not break the millions of existing lowercase addresses.
Mixed case was the elegant answer. Old lowercase addresses still work everywhere, and new checksummed addresses add protection without changing length, prefix, or the underlying bytes. Nothing about the protocol had to change, which is why EIP-55 was adopted almost universally by wallets and explorers.
How the keccak-256 Checksum Works#
This is the part most explanations skip or bury in code. The rule itself is simple: for each letter in the lowercase address, look at the matching character in the keccak-256 hash of that address. If the hash character is 8 or higher, capitalize the letter. If it is 7 or lower, leave it lowercase. Digits never change because they have no case.
Step by step, with a worked example#
- Strip the prefix and lowercase it. Start with the 40 hex characters after
0x, all lowercase. - Run keccak-256 on the ASCII text of that string. Important detail: you hash the address as text characters, not as raw bytes. This trips up developers who hash the wrong thing.
- Line up the hash digits with the address characters. The hash is also hex, so each address character has a matching hash character in the same position.
- Apply the casing rule. For every alphabetic character (a-f), if its matching hash digit is 8, 9, a, b, c, d, e, or f, write it uppercase. Otherwise keep it lowercase. Leave 0-9 untouched.
Walk through the first characters of an address whose lowercase form starts 0x5aaeb6.... Suppose the keccak-256 hash of the lowercase string begins with 38bf.... The first address character is 5, a digit, so it stays 5. The next is a, and the matching hash digit is 8, which is 8 or higher, so it becomes uppercase A. The following a lines up with hash digit 3, below 8, so it stays lowercase a. That is how you get the 5aA pattern at the start.
Repeat across all 40 characters and you have the checksummed address. To verify one, run the exact same process and check that the casing you computed matches the casing you were given.
Verify before you trust: you do not need to do this by hand. A crypto wallet validator recomputes the keccak-256 checksum for you and tells you instantly whether an address is valid, malformed, or has a bad checksum.
Why EIP-55 Catches Typos#
The clever bit is the probability. Because roughly half the hex letters in a typical address get capitalized based on the hash, any change to even one character cascades through the whole keccak-256 output and almost always produces a casing mismatch somewhere in the string.
The commonly cited figure is that EIP-55 catches a wrong address with about 99.986% probability for a single-character error. In plain terms, if you fat-finger one letter while copying an address, a checksummed wallet rejects it the overwhelming majority of the time. That is the difference between a caught mistake and funds gone forever.
What it does not protect against is worth stating plainly:
- It cannot catch a fully valid wrong address. If you paste someone else's correct, checksummed address by accident, EIP-55 sees nothing wrong. The checksum verifies integrity, not intent.
- It only helps if the address was checksummed. An all-lowercase address has no checksum to verify, so wallets accept it without the typo protection.
- It does not stop clipboard malware. Address-swapping malware replaces your copied address with a valid attacker address that has its own correct checksum.
EIP-55 vs EIP-1191: The Chain ID Upgrade#
EIP-55 has a successor worth knowing if you work across multiple networks. EIP-1191 extends the original idea by mixing the chain ID into the hash before computing the casing.
The motivation was cross-chain safety. The same address format is used on Ethereum mainnet, Polygon, BNB Smart Chain, and many other EVM chains, and a plain EIP-55 checksum is identical across all of them. It cannot tell you whether an address was checksummed for the chain you intend to use. EIP-1191 prepends the chain ID to the address text before hashing, producing a chain-specific casing.
| Feature | EIP-55 | EIP-1191 |
|---|---|---|
| Hash input | Lowercase address only | Chain ID + lowercase address |
| Chain awareness | None, same on every EVM chain | Casing differs per chain |
| Adoption | Near universal | Partial, mainly RSK and a few chains |
| Backward compatible | Yes | Mostly, but mainnet kept EIP-55 |
In practice, Ethereum mainnet stuck with classic EIP-55, which is why most tools you encounter use the original algorithm. EIP-1191 saw real adoption on networks like RSK. If a wallet ever flags a perfectly good mainnet address as failing checksum, a chain ID mismatch from an EIP-1191 implementation is one likely culprit.
Common "Invalid Checksum Address" Errors#
If you have hit a "bad address checksum" or "invalid checksum address" error, one of these is usually the cause.
- You edited the casing by hand. Manually changing a capital to lowercase (or vice versa) breaks the checksum even though the address still points to the same account. Copy and paste the full address rather than retyping it.
- A character got truncated or duplicated. A missing or extra character shifts everything and almost always fails the check. This is exactly the typo case EIP-55 is designed to catch.
- The tool expects checksummed input and you pasted lowercase. Some libraries reject all-lowercase addresses in strict mode because they cannot verify a checksum that is not there. Run the address through a checksummer to add the correct casing.
- A chain ID mismatch (EIP-1191). An address checksummed for one chain may fail validation on a tool expecting mainnet EIP-55 casing, and the reverse.
The safe move in every case is to never alter an address you received. Copy it whole, paste it whole, and let your wallet or a validator confirm the checksum. If you are also dealing with token addresses and want to confirm a contract is legitimate before interacting with it, a token contract checker inspects the contract itself, which is a separate safety layer from address formatting.
How to Verify an EIP-55 Address Yourself#
You have three practical options.
The fastest is a browser tool. Paste the address into a validator and it recomputes the keccak-256 hash, applies the casing rule, and tells you whether the checksum holds. This is the right choice for anyone not writing code, and it is the same logic a wallet runs internally before letting a transaction through.
For developers, libraries do this in one line. Ethers.js exposes getAddress(), which throws on a bad checksum and returns the correctly cased address otherwise. Web3.py offers to_checksum_address(), and viem provides getAddress() as well. If you are debugging the raw hex or encoding layer of an address, a base64 and hex encoder helps sanity-check the byte representation alongside the checksum.
The third option is to do it manually with any keccak-256 implementation, following the four steps in the worked example. It is rarely necessary, but it is the surest way to understand what the casing encodes.
EIP-55 Checksum Addresses, in Short#
So what is an EIP-55 checksum address: it is a normal Ethereum address whose mixed-case letters encode a keccak-256 checksum, turning the casing into a built-in typo detector. It costs nothing, breaks nothing, and catches the overwhelming majority of single-character mistakes before they cost you real money.
The practical takeaways:
- Treat the casing as load-bearing. Never retype or "tidy up" an address by hand. Copy and paste it whole.
- Prefer checksummed addresses. A mixed-case address carries protection an all-lowercase one does not.
- Verify before you send. Run any address you are about to fund through a crypto wallet validator, confirm the EIP-55 checksum passes, then send. A few seconds of verification is the cheapest insurance in crypto.
Frequently Asked Questions#
What is an EIP-55 checksum address? It is an Ethereum address that uses a specific pattern of uppercase and lowercase hex letters to encode a keccak-256 checksum. The casing does not change which account the address points to. It lets wallets detect a mistyped or altered address before you send funds, since any single-character error almost always breaks the expected capitalization.
Why are Ethereum addresses mixed case? The mixed case comes from EIP-55, introduced in 2016 to add typo protection to addresses that were previously all lowercase. Each hex letter is capitalized based on the keccak-256 hash of the address, so the casing pattern acts as a checksum. Old lowercase addresses still work, but the mixed-case version adds a free error check.
Is a lowercase Ethereum address still valid? Yes. The Ethereum protocol is case-insensitive, so an all-lowercase address points to the same account and works on the network. The only thing you lose is the EIP-55 typo protection, because there is no checksum casing to verify. Some strict tools reject lowercase input until you convert it to checksummed form.
What causes an "invalid checksum address" error? The error means the casing does not match what keccak-256 computes for the address. Common causes are manually editing the capitalization, a truncated or duplicated character, pasting a lowercase address into a tool that requires checksummed input, or a chain ID mismatch from an EIP-1191 implementation. Re-copy the original address and validate it rather than fixing the case by hand.
What is the difference between EIP-55 and EIP-1191? EIP-55 hashes only the lowercase address to decide the casing, so the same address looks identical on every EVM chain. EIP-1191 mixes the chain ID into the hash first, producing chain-specific casing that can flag when an address was checksummed for the wrong network. Ethereum mainnet uses classic EIP-55, while EIP-1191 saw adoption on chains like RSK.
Can EIP-55 protect me from sending to the wrong wallet? Only partially. It catches typos and altered characters with very high probability, around 99.986% for a single-character error. It cannot help if you paste a valid but unintended address, and it does not stop clipboard-swapping malware. Always verify the full address through a validator and double-check the recipient before sending.


