LTO Network
  • Getting started
  • What is LTO Network?
  • Tutorials
    • Buying and staking LTO
      • Exchanges
        • Binance
        • AscendEX (Bitmax)
        • Uniswap
        • PancakeSwap
        • Other exchanges
      • Creating your LTO web wallet
      • Using the LTO token bridge
      • Staking LTO tokens
    • Mining
      • Setup your node wallets
      • Node management
      • Public community nodes
    • Anchoring
      • Hashing
    • LetsFlow
  • Wallets
    • LTO Web Wallet
      • Using Ledger
    • Universal Wallet
    • LTO CLI
    • Third-Party Wallets
      • Stakely.io wallet
        • Web wallet
        • Commandline
    • ERC20 Token Swap
  • Running a node
    • Public node
      • Installation Guide
        • Mainnet & Testnet
        • Requirements
        • Configuration
        • (Virtual) Machine
        • Nginx reverse proxy (optional)
        • Troubleshooting FAQ
      • Cloud installation
        • Alibaba Cloud
        • AWS Elastic Beanstalk
        • Google Cloud
        • IBM Cloud
        • Microsoft Azure
        • OKD (OpenShift)
        • Raspberry Pi (Expert)
        • Ubuntu Linux with Container
        • Windows with Container
      • REST API
        • Address
        • Wallet
        • Lease Transactions
        • Peers
        • Blocks
        • Utils
        • FAQ
      • Security Notes
      • FAQ
      • Exchange integration guide
    • Anchor node
      • Installation Guide
        • Linux
        • MacOS
        • Windows
      • REST API
    • Identity node
      • Installation guide
        • Linux
        • MacOs
        • Windows
      • Configuration
        • Trust network
      • REST API
    • Workflow node
      • Installation Guide
        • MacOS
        • Windows
        • Ubuntu Linux
      • REST API
  • Ownables
    • What are Ownables?
    • Making your first ownable
    • Ownables SDK
      • Prerequisites
      • Setup
    • Ownables Architecture
      • Smart Contract
      • Widget
    • Ownables Bridge
  • Templates Overview
  • Libraries
    • JavaScript
      • Accounts
      • Transactions
      • Event chain
      • Messages
      • Identities
      • HTTP Authentication
    • Python
      • Accounts
      • Public layer
    • PHP
      • Accounts
      • Identities
      • Public layer
      • Private layer
      • HTTP Authentication
      • Commandline scripts
    • Java
  • Protocol
    • Cryptography
    • Accounts
      • ED25519
      • secp256k1
      • secp256r1
    • Identities
      • Decentralized identifiers (DID)
      • Trust network
      • Verifiable credentials
    • Public layer
      • Transactions
        • Transfer
        • Lease
        • Cancel Lease
        • Mass Transfer
        • Set Script
        • Data
        • Anchor
        • Association
        • Revoke Association
        • Sponsorship
        • Cancel Sponsorship
        • Register
        • Burn
        • Mapped Anchor
        • Statement
        • Certificate
      • Transaction fees
      • Consensus protocol
      • Activation Protocol
      • Data Structures
    • Private layer
      • Event chain
        • Event
      • Messaging
        • Sending messages
Powered by GitBook
On this page
  • JSON
  • Fields
  1. Protocol
  2. Public layer
  3. Transactions

Certificate

On-chain X.509 certificates

The certificate transaction is part of the Palladium release.

A Certificate transaction allows an identity on the LTO Network to anchor an X.509 certificate on-chain, typically an organizational or Extended Validation (EV) certificate. This enables trusted identification of legal entities, such as companies, within decentralized workflows.

By registering the certificate on-chain, the organization’s identity can be cryptographically verified and linked to its LTO account. This serves as a foundation for verifiable credentials, cross-chain identity proofs, and secure interactions in regulated environments.

The Subject Public Key Info (SPKI) in the X.509 certificate must match the sender’s public key and key type in the transaction.

If they differ, the transaction is considered invalid and will be rejected by the network.

JSON

{
  "type": 24,
  "version": 3,
  "id": "2GqzNqFvxRQh7DQENecUj6kQMsA6JPXjvS7p1yx7PePx",
  "sender": "3Jq8mnhRquuXCiFUwTLZFVSzmQt3Fu6F7HQ",
  "senderKeyType": "secp256r1",
  "senderPublicKey": "AJQn2L4EhJhQh2NX5NvyDDB5BUPuiZBiNRmqRcSmj3g7",
  "fee": 500000000,
  "timestamp": 1326499200000,
  "certificate": "-----BEGIN CERTIFICATE-----\nMIIBmjCCAUGgAwIBAgIUBTg9WprxEdpxu8cLV2CKyGJ7bVQwCgYIKoZIzj0EAwIw\nIzEhMB8GA1UEAwwYQWxpY2UsTz1FeGFtcGxlIEx0ZCxDPU5MMB4XDTI1MDYwMjEy\nNTYzMloXDTI2MDYwMjEyNTYzMlowIzEhMB8GA1UEAwwYQWxpY2UsTz1FeGFtcGxl\nIEx0ZCxDPU5MMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2/WATtZvChbb3xrQ\nEXzszXz3IgpUyA7jbLVQ9B2ibL/SZtvhjU84S8fI1HhzyE5eAqKvkh/pdArBjyXL\naqw0Q6NTMFEwHQYDVR0OBBYEFEb3OV2UesAgnXz8VOieyXgEilyHMB8GA1UdIwQY\nMBaAFEb3OV2UesAgnXz8VOieyXgEilyHMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZI\nzj0EAwIDRwAwRAIgVo0OBEFkXDgJGuIrOl15UKdkvrhe0THS8MO64Jw2F7cCIBpC\nNLnbu23KWkzoIdACHRTGc3MqZrWh53lGq/+tK13P\n-----END CERTIFICATE-----",
  "proofs": [
    "2omugkAQdrm9P7YPx6WZbXMBTifRS6ptaTT8rPRRvKFr1EPFafHSosq6HzkuuLv78gR6vaXLA9WtMsTSBgi3H1qe"
  ],
  "height": 1070000
}
  • id and height should be omitted when broadcasting. These fields are set by the node.

  • recipient andsubject are optional.

  • Binary strings are base58 encoded.

  • timestamp is in microseconds since epoch.

  • fee includes 8 digits, so LTO * 10^8

  • certificate is PEM encoded

  • certificate can be null to clear the certificate of the address

Fields

#
Field Name
Type
Length

1

Transaction type

Byte (constant, value=16)

1

2

Version

Byte (constant, value=3)

1

3

Network id

Byte

1

4

Timestamp

Long

8

5

Sender's key type

KeyType (Byte)

1

6

Sender's public key

PublicKey (Array[Byte])

32 | 33

7

Fee

Long

8

8

Certificate length (N)

Short

1

9

Certificate

Array[Byte]

N

  • Network id can be obtained by taking the 2nd byte from the sender address.

  • Integers (short, int, long) have a big endian byte order.

  • Certificate is DER encoded

PreviousStatementNextTransaction fees

Last updated 1 day ago

Each has a numeric id in addition to the reference from the JSON.

key type