{"id":1474,"library":"eth-account","title":"eth-account: Ethereum Account Management","description":"eth-account is a Python library for managing Ethereum private keys and signing transactions and messages locally, without requiring a connection to an Ethereum node. It provides functionality for creating accounts, signing raw transactions, and signing messages (EIP-191 and EIP-712). It is a core component of web3.py. The current stable version is 0.13.7, released on April 21, 2025. The library is actively maintained with frequent releases, often on a monthly or bi-monthly basis for bugfixes and features. [1, 8, 15]","status":"active","version":"0.13.7","language":"en","source_language":"en","source_url":"https://github.com/ethereum/eth-account","tags":["ethereum","cryptography","web3","accounts","signing","private-keys"],"install":[{"cmd":"pip install eth-account","lang":"bash","label":"Install latest stable version"}],"dependencies":[{"reason":"Requires Python 3.8 or newer, but not Python 4.","package":"python","optional":false},{"reason":"Core utility functions; latest versions required for compatibility.","package":"eth-utils","optional":false},{"reason":"Used for keystore management; specific version range required to avoid breaking changes to typing.","package":"eth-keyfile","optional":false}],"imports":[{"symbol":"Account","correct":"from eth_account import Account"},{"symbol":"messages","correct":"from eth_account.messages import encode_defunct, encode_structured_data, \n    encode_typed_data, SignableMessage"}],"quickstart":{"code":"from eth_account import Account\nfrom eth_account.messages import encode_defunct\nimport os\n\n# 1. Create a new account (generates a private key)\nprivate_key_bytes = Account.create()._private_key\naccount = Account.from_key(private_key_bytes)\n\nprint(f\"New Account Address: {account.address}\")\n\n# 2. Sign a message\nmsg_text = \"Hello, Ethereum!\"\nmessage = encode_defunct(text=msg_text.encode('utf-8'))\nsigned_message = account.sign_message(message)\n\nprint(f\"Signed Message Hash: {signed_message.messageHash.hex()}\")\nprint(f\"Signature: {signed_message.signature.hex()}\")\n\n# 3. Verify the signature\nrecovered_address = Account.recover_message(message, signature=signed_message.signature)\nprint(f\"Recovered Address: {recovered_address}\")\nassert recovered_address == account.address\nprint(\"Signature verification successful!\")","lang":"python","description":"This quickstart demonstrates how to create a new Ethereum account (generating a private key locally) and then sign a plain text message using that account. It also shows how to recover the signer's address from the signed message to verify the signature. [1, 3]"},"warnings":[{"fix":"Upgrade Python to 3.10+ or pin `eth-account` to `<0.14.0`.","message":"Support for Python 3.8 and 3.9 was dropped in version 0.14.0-beta.1. Users on these Python versions should remain on `eth-account <0.14.0` or upgrade their Python interpreter. [19]","severity":"breaking","affected_versions":">=0.14.0-beta.1"},{"fix":"Do not rely on the `entropy` parameter. Use `Account.create()` from `eth-account` directly for new key generation.","message":"When integrating with `web3.py`, note that `web3.eth.accounts.create` in `web3.py` v1.x had an `entropy` parameter which was removed in v4.x. `eth-account` relies on `ethereum-cryptography/secp256k1` for private key generation directly. [14]","severity":"breaking","affected_versions":"web3.py >=4.x"},{"fix":"Use `eth_account.messages.encode_defunct()` for simple text messages or `eth_account.messages.encode_structured_data()` / `encode_typed_data()` for EIP-712 structured data.","message":"The method `Account.unsafe_sign_hash()` is primarily for backwards compatibility. For all new implementations, it is strongly recommended to use `encode_defunct()` or `encode_structured_data()` for message signing. [1]","severity":"gotcha","affected_versions":"All versions"},{"fix":"Implement robust security practices for storing private keys (e.g., environment variables, secure key management systems) and never expose them in plaintext code or public repositories.","message":"Securely managing private keys and seed phrases is critical. Loss or compromise of these credentials will result in irreversible loss of funds. `eth-account` provides the tools, but responsibility for secure storage lies with the developer/user. [5, 21]","severity":"gotcha","affected_versions":"All versions"},{"fix":"Ensure proper nonce management, typically handled by `web3.py`'s transaction builders, but be aware of its importance in custom transaction logic.","message":"Incorrect handling of transaction nonces (e.g., skipping nonces or sending transactions with too low a gas price) can lead to stuck or failed transactions on the Ethereum network. [22]","severity":"gotcha","affected_versions":"All versions (when interacting with a blockchain)"},{"fix":"When resolving dependency conflicts, prioritize `eth-account`'s specified range for `eth-keyfile`. If a newer `eth-keyfile` is strictly needed by another library, ensure it's compatible or consider isolated environments.","message":"`eth-account` pins `eth-keyfile` to `<0.9.0` (and `>=0.7.0`) due to breaking changes to typing introduced in `eth-keyfile >=0.9.0`. This can lead to dependency conflicts if another library requires a newer `eth-keyfile` version. [19]","severity":"gotcha","affected_versions":">=0.13.4"}],"env_vars":null,"last_verified":"2026-04-09T00:00:00.000Z","next_check":"2026-07-08T00:00:00.000Z"}