merkle-lib
A performance conscious library for merkle root and tree calculations.
NOTE: As is, this implementation is vulnerable to a forgery attack (as a second pre-image attack), see these[1][2] crypto.stackexchange questions for an explanation.
To avoid this vulnerability, you should pre-hash your leaves using a different hash function than the function provided such that H(x) != H'(x)
.
Examples
Preamble
var crypto = require('crypto')function sha256 (data) {return crypto.createHash('sha256').update(data).digest()}var data = ['cafebeef','ffffffff','aaaaaaaa','bbbbbbbb','cccccccc'].map(x => new Buffer(x, 'hex'))// ... now, the examples
Tree
var merkle =var tree =console// => [// 'cafebeef',// 'ffffffff',// 'aaaaaaaa',// 'bbbbbbbb',// 'cccccccc',// 'bda5c39dec343da54ce91c57bf8e796c2ca16a1bd8cae6a2cefbdd16efc32578',// '8b722baf6775a313f1032ba9984c0dce32ff3c40d7a67b5df8de4dbaa43a3db0',// '3d2f424783df5853c8d7121b1371650c04241f318e1b0cd46bedbc805b9164c3',// 'bb232963fd0efdeacb0fd76e26cf69055fa5facc19a5f5c2f2f27a6925d1db2f',// '2256e70bea2c591190a0d4d6c1415acd7458fae84d8d85cdc68b851da27777d4',// 'c2692b0e127b3b774a92f6e1d8ff8c3a5ea9eef9a1d389fe294f0a7a2fec9be1'//]
Root only (equivalent to tree[tree.length - 1]
)
var fastRoot =var root =console// => 'c2692b0e127b3b774a92f6e1d8ff8c3a5ea9eef9a1d389fe294f0a7a2fec9be1'
Proof (with verify)
var merkleProof =var proof =if proof === nullconsoleconsole// => [// 'cafebeef',// 'ffffffff',// null,// '8b722baf6775a313f1032ba9984c0dce32ff3c40d7a67b5df8de4dbaa43a3db0',// null,// '2256e70bea2c591190a0d4d6c1415acd7458fae84d8d85cdc68b851da27777d4',// 'c2692b0e127b3b774a92f6e1d8ff8c3a5ea9eef9a1d389fe294f0a7a2fec9be1'// ]console// => true
Credits
Thanks to Meni Rosenfield on bitcointalk for the math.