What Is a Checksum in a Cryptocurrency Wallet Address?
A single mistyped character in a crypto address can send funds somewhere unrecoverable. That’s exactly the failure mode a checksum was built to catch before it happens, quietly working in the background every time an address gets typed, pasted, or scanned.
The short answer
A checksum is a short string of extra characters built into a wallet address, generated by running the rest of the address through a mathematical formula. Wallet software recalculates that same formula whenever an address is entered, and if the result doesn’t match what’s embedded in the address, the software flags it as invalid rather than letting a corrupted or mistyped address quietly go through.
How a checksum actually gets built into an address
When a wallet address is created, the underlying software runs the core address data through a defined mathematical function, and the output — or a piece of it — gets appended to, or woven into, the address itself. This isn’t a separate add-on step; it’s built into how the address is formatted from the start, which is part of why different cryptocurrency networks use address checksums in somewhat different ways depending on their address format.
What a checksum actually catches
- Single-character typos. Mistyping one character when copying an address by hand is one of the most common errors a checksum is designed to catch.
- Dropped or transposed characters. Missing a character entirely, or swapping the order of two characters, changes the calculation enough that the checksum won’t match.
- Errors from scanning or OCR. Addresses read from a QR code or photograph, then manually re-typed, are prone to misreads that a checksum can catch before funds move.
- Certain clipboard corruption. If copy-and-paste software mangles part of an address, the resulting mismatch gets caught the same way a manual typo would.
What a checksum does not catch
A checksum only verifies that an address is internally valid — it says nothing about whether that address is the one the sender actually intended to use. This is exactly why it offers no protection against clipboard hijacking malware, which works by silently swapping a copied address for a different, fully valid address controlled by an attacker. Since the substituted address passes its own checksum check, the wallet has no way to know the address changed. A checksum confirms an address is well-formed; it can’t confirm it’s the right one.
Why this matters more in crypto than elsewhere
Transactions confirmed on a blockchain are generally irreversible, unlike a bank transfer that can sometimes be recalled or disputed. There’s no central authority to appeal to if funds are sent to the wrong address, whether because of a typo or something more deliberate. That irreversibility is part of the broader system built on public key cryptography securing transactions — the same properties that make the system secure also make mistakes permanent, which is why a low-friction safeguard like a checksum carries outsized value.
A habit worth building
Beyond relying on the checksum built into the address format itself, many people double-check a portion of the address visually before confirming a transaction, and some verify a new or unfamiliar address using a blockchain explorer to confirm it looks legitimate and has an expected transaction history, rather than trusting a copied string blindly.
The bottom line
A checksum is a small piece of built-in math doing quiet, constant work to catch typos and corruption before they become permanent losses. It’s a meaningful safeguard, but not a complete one — it protects against error, not against a correctly formatted address that was never the right one to begin with.