Transaction structure

StarkNet supports the following types of transactions:

  • deploy transaction

  • invoke transaction

  • declare transaction

This topic describes the available fields for these transaction types and how each transaction hash is calculated.

Transaction versioning

StarkNet supports the transaction versions described here.

When the fields that comprise a transaction change, either with the addition of a new field or the removal of an existing field, then the transaction version increases.

Do not submit a transaction that uses an unsupported transaction type, because it cannot be included in a proof, and so cannot become part of a StarkNet block.

Deploy transaction

The deploy transaction is deprecated and will be removed in a future release of StarkNet. To deploy new contract instances, you can use the deploy syscall. For more information, see contract classes.

A deploy transaction is a transaction type used to deploy contracts to StarkNet.

A deploy transaction has the following fields:

Name Type Description

contract_address_salt

FieldElement

A random number used to distinguish between different instances of the contract.

contract_definition

ContractClass

The object that defines the contract’s functionality.

constructor_calldata

List<FieldElement>

The arguments passed to the constructor during deployment.

caller_address

FieldElement

Who invoked the deployment. Set to 0 (in future: the deploying account contract).

version

FieldElement

The transaction’s version. Possible values are 1 or 0.

When the fields that comprise a transaction change, either with the addition of a new field or the removal of an existing field, then the transaction version increases. Transaction version 0 is deprecated and will be removed in a future version of StarkNet.

Calculating the hash of a deploy transaction

In order to calculate the transaction hash, we first need to obtain the deployed contract address. The Deploy transaction’s hash is calculated as follows:

\[\begin{aligned} \text{deploy_tx_hash} = h( & ``\text{deploy"}, \text{version}, \text{ contract_address}, \text{sn_keccak}(``\text{constructor"}), \\ & h(\text{constructor_calldata}), 0, \text{chain_id}) \end{aligned}\]

Where:

  • The placeholder zero is used to align the hash computation for the different types of transactions.

  • “deploy” and “constructor” are constant strings encoded in ASCII.

  • \(h\) is the Pedersen hash and \(sn\_keccak\) is StarkNet Keccak

  • chain_id is a constant value that specifies the network to which this transaction is sent. See Chain-Id.

  • contract_address is calculated as described here.

Invoke Transaction

The invoke transaction is the main transaction type used to invoke contract functions in StarkNet.

Transaction version 0 is deprecated and will be removed in a future release of StarkNet.

Invoke transaction version 1

Table 1. Transaction fields
Name Type Description

sender_address

FieldElement

The address of the sender of this transaction.

calldata

List<FieldElement>

The arguments that are passed to the validate and execute functions.

signature

List<FieldElement>

Additional information given by the sender, used to validate the transaction.

max_fee

FieldElement

The maximum fee that the sender is willing to pay for the transaction

nonce

FieldElement

The transaction nonce.

version

FieldElement

The transaction’s version. The value is 1.
When the fields that comprise a transaction change, either with the addition of a new field or the removal of an existing field, then the transaction version increases.

Invoke transaction version 0

Table 2. Transaction fields
Name Type Description

contract_address

FieldElement

The address of the contract invoked by this transaction.

entry_point_selector

FieldElement

The encoding of the selector for the function invoked (the entry point in the contract)

calldata

List<FieldElement>

The arguments that are passed to the invoked function

signature

List<FieldElement>

Additional information given by the sender, used to validate the transaction.

max_fee

FieldElement

The maximum fee that the sender is willing to pay for the transaction

version

FieldElement

The transaction’s version. The value is 0.
Transaction version 0 is deprecated and will be removed in a future version of StarkNet.
When the fields that comprise a transaction change, either with the addition of a new field or the removal of an existing field, then the transaction version increases.

Calculating the hash of a v1 invoke transaction

The invoke transaction hash is calculated as a hash over the given transaction elements, specifically:

\[\begin{aligned} \text{invoke_v1_tx_hash} = h( & ``\text{invoke"}, \text{version}, \text{sender_address}, 0, h(\text{calldata}), \\ & \text{max_fee}, \text{chain_id}, \text{nonce}) \end{aligned}\]

Where:

  • \(\text{invoke}\) is a constant prefix string, encoded in ASCII.

  • The placeholder zero is used to align the hash computation for the different types of transactions.

  • \(\text{chain_id}\) is a constant value that specifies the network to which this transaction is sent. See Chain-Id.

  • \(h\) is the Pedersen hash

Calculating the hash of a v0 invoke transaction

The hash of a v0 invoke transaction is computed as follows:

\[\begin{aligned} \text{invoke_v0_tx_hash} = h( & ``\text{invoke"}, \text{version}, \text{contract_address}, \text{entry_point_selector}, \\ & h(\text{calldata}), \text{max_fee}, \text{chain_id}) \end{aligned}\]

Where:

  • \(\text{invoke}\) is a constant prefix string, encoded in (ASCII).

  • \(\text{chain_id}\) is a constant value that specifies the network to which this transaction is sent. See Chain-Id.

  • \(h\) is the Pedersen hash

Declare transaction

The declare transaction is used to introduce new classes into the state of StarkNet, enabling other contracts to deploy instances of those classes or using them in a library call. For more information, see contract classes.

A declare transaction has the following fields:

Name Type Description

contract_class

ContractClass

The class object.

sender_address

FieldElement

The address of the account initiating the transaction.

max_fee

FieldElement

The maximum fee that the sender is willing to pay for the transaction.

signature

List<FieldElement>

Additional information given by the sender, used to validate the transaction.

nonce

FieldElement

The transaction nonce.

version

FieldElement

The transaction’s version. Possible values are 1 or 0.
When the fields that comprise a transaction change, either with the addition of a new field or the removal of an existing field, then the transaction version increases. Transaction version 0 is deprecated and will be removed in a future version of StarkNet.

Calculating the hash of a v1 declare transaction

The hash of a v1 declare transaction is computed as follows:

\[\begin{aligned} \text{declare_v1_tx_hash} = h( & ``\text{declare"}, \text{version}, \text{sender_address}, 0, \text{class_hash}, \text{max_fee}, \text{chain_id}, \text{nonce}) \end{aligned}\]

Where:

  • \(\text{declare}\) is a constant prefix string, encoded in ASCII.

  • \(\text{class_hash}\) is the hash of the contract class. See Contract Hash for details about how the hash is computed.

  • The placeholder zero is used to align the hash computation for the different types of transactions.

  • \(\text{chain_id}\) is a constant value that specifies the network to which this transaction is sent. See Chain-Id.

  • \(h\) is the Pedersen hash

Calculating the hash of a v0 declare transaction

The hash of a v0 declare transaction is computed as follows:

\[\begin{aligned} \text{declare_v0_tx_hash} = h( & ``\text{declare"}, \text{version}, \text{sender_address}, 0, 0, \text{max_fee}, \text{chain_id}, \text{class_hash}) \end{aligned}\]

Where:

  • \(\text{declare}\) is a constant prefix string, encoded in ASCII.

  • The placeholder zeros are used to align the hash computation for the different types of transactions.

  • \(\text{class_hash}\) is the hash of the contract class. See Contract Hash for details about how the hash is computed.

  • \(\text{chain_id}\) is a constant value that specifies the network to which this transaction is sent. See Chain-Id.

  • \(h\) is the Pedersen hash

Signature

While StarkNet does not have a specific signature scheme built into the protocol, the Cairo language, in which smart contracts are written, does have an efficient implementation for ECDSA signature with respect to a STARK-friendly curve.

The generator used in the ECDSA algorithm is \(G=\left(g_x, g_y\right)\) where:

\(g_x=874739451078007766457464989774322083649278607533249481151382481072868806602\) \(g_y=152666792071518830868575557812948353041420400780739481342941381225525861407\)

Chain-Id

StarkNet currently supports two chain IDs. Chain IDs are given as numbers, representing the ASCII encoding of specific constant strings, as illustrated by the following Python snippet:

chain_id = int.from_bytes(value, byteorder="big", signed=False)

Two constants are currently used:

  • SN_MAIN for StarkNet’s main network.

  • SN_GOERLI for StarkNet’s testnet.