What to provide in the proof parameter of the verify function for the MerkleProof library

Support Contracts
1

Hey,
I am not able to figure out what all hashes do I have to provide in the proof parameter of the verify function. I know how to use the merkleTree.js to get the value of the proof parameter but I am not able to figure out what's inside the value. So, could you please explain me with a simple example. I am a noob on openZepplin.
I tried to understand from the comments on the .sol file but couldn't understand this properly

For this, a proof must be provided, containing sibling hashes on the branch from the leaf to the root of the tree. Each pair of leaves and each pair of pre-images are assumed to be sorted.

Thanks

1 Like
2

Hi @destroyersrt,

Welcome to the community :wave:

I am fairly new to explicitly using Merkle Trees.

Thanks to @DericEcourcy’s Hash Functions we have an ELI5: https://www.reddit.com/r/explainlikeimfive/comments/7whzrn/eli5_how_does_a_merkle_tree_work/

I have created a simple example using Truffle, OpenZeppelin Contracts and OpenZeppelin Test Helpers and a copy of merkleProof.js. (This was from helping @naszam in MerkleProof.sol claim() Error: VM Exception while processing transaction)

The test creates a MerkleTree using accounts and verifies in the smart contract that the proof shows that an account is in the MerkleTree and fails to verify when an account isn’t in the MerkleTree.

You could play around with this example. Please ask all the questions that you need.

MerkleProofVerify.sol

// contracts/MerkleProofVerify.sol
// SPDX-License-Identifier: MIT
// based upon https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v3.0.1/contracts/mocks/MerkleProofWrapper.sol

pragma solidity ^0.6.0;

import "@openzeppelin/contracts/cryptography/MerkleProof.sol";

contract MerkleProofVerify {
    function verify(bytes32[] memory proof, bytes32 root)
        public
        view
        returns (bool)
    {
        bytes32 leaf = keccak256(abi.encodePacked(msg.sender));

        return MerkleProof.verify(proof, root, leaf);
    }
}

test/MerkleProofVerify.test.js

// test/MerkleProofVerify.test.js
// SPDX-License-Identifier: MIT
// based upon https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v3.0.1/test/cryptography/MerkleProof.test.js

require('@openzeppelin/test-helpers');

const { MerkleTree } = require('./helpers/merkleTree.js');

const MerkleProofVerify = artifacts.require('MerkleProofVerify');

contract('MerkleProofVerify', function (accounts) {
    beforeEach(async function () {
        this.merkleProofVerify = await MerkleProofVerify.new();
    });

    it('should return true for a valid leaf', async function () {
        const elements = [accounts[0], accounts[1], accounts[2], accounts[3]];
        const merkleTree = new MerkleTree(elements);

       const root = merkleTree.getHexRoot();

       const proof = merkleTree.getHexProof(elements[0]);

       expect(await this.merkleProofVerify.verify(proof, root, {from: accounts[0]})).to.equal(true);
    });


    it('should return false for an invalid leaf', async function () {
        const elements = [accounts[0], accounts[1], accounts[2], accounts[3]];
        const merkleTree = new MerkleTree(elements);

       const root = merkleTree.getHexRoot();

       const proof = merkleTree.getHexProof(elements[0]);

       expect(await this.merkleProofVerify.verify(proof, root, {from: accounts[4]})).to.equal(false);
    });
});

merkleTree.js

// test/helpers/merkleTree.js
// SPDX-License-Identifier: MIT
// copied from https://github.com/OpenZeppelin/openzeppelin-contracts/blob/v3.0.1/test/helpers/merkleTree.js

const { keccak256, bufferToHex } = require('ethereumjs-util');

class MerkleTree {
  constructor (elements) {
    // Filter empty strings and hash elements
    this.elements = elements.filter(el => el).map(el => keccak256(el));

    // Sort elements
    this.elements.sort(Buffer.compare);
    // Deduplicate elements
    this.elements = this.bufDedup(this.elements);

    // Create layers
    this.layers = this.getLayers(this.elements);
  }

  getLayers (elements) {
    if (elements.length === 0) {
      return [['']];
    }

    const layers = [];
    layers.push(elements);

    // Get next layer until we reach the root
    while (layers[layers.length - 1].length > 1) {
      layers.push(this.getNextLayer(layers[layers.length - 1]));
    }

    return layers;
  }

  getNextLayer (elements) {
    return elements.reduce((layer, el, idx, arr) => {
      if (idx % 2 === 0) {
        // Hash the current element with its pair element
        layer.push(this.combinedHash(el, arr[idx + 1]));
      }

      return layer;
    }, []);
  }

  combinedHash (first, second) {
    if (!first) { return second; }
    if (!second) { return first; }

    return keccak256(this.sortAndConcat(first, second));
  }

  getRoot () {
    return this.layers[this.layers.length - 1][0];
  }

  getHexRoot () {
    return bufferToHex(this.getRoot());
  }

  getProof (el) {
    let idx = this.bufIndexOf(el, this.elements);

    if (idx === -1) {
      throw new Error('Element does not exist in Merkle tree');
    }

    return this.layers.reduce((proof, layer) => {
      const pairElement = this.getPairElement(idx, layer);

      if (pairElement) {
        proof.push(pairElement);
      }

      idx = Math.floor(idx / 2);

      return proof;
    }, []);
  }

  getHexProof (el) {
    const proof = this.getProof(el);

    return this.bufArrToHexArr(proof);
  }

  getPairElement (idx, layer) {
    const pairIdx = idx % 2 === 0 ? idx + 1 : idx - 1;

    if (pairIdx < layer.length) {
      return layer[pairIdx];
    } else {
      return null;
    }
  }

  bufIndexOf (el, arr) {
    let hash;

    // Convert element to 32 byte hash if it is not one already
    if (el.length !== 32 || !Buffer.isBuffer(el)) {
      hash = keccak256(el);
    } else {
      hash = el;
    }

    for (let i = 0; i < arr.length; i++) {
      if (hash.equals(arr[i])) {
        return i;
      }
    }

    return -1;
  }

  bufDedup (elements) {
    return elements.filter((el, idx) => {
      return idx === 0 || !elements[idx - 1].equals(el);
    });
  }

  bufArrToHexArr (arr) {
    if (arr.some(el => !Buffer.isBuffer(el))) {
      throw new Error('Array is not an array of buffers');
    }

    return arr.map(el => '0x' + el.toString('hex'));
  }

  sortAndConcat (...args) {
    return Buffer.concat([...args].sort(Buffer.compare));
  }
}

module.exports = {
  MerkleTree,
};
1 Like
3

Hi @destroyersrt,

Were you able to work out what was required?

4

Hi, and how do i obtain the sibling hashes on the branch from the leaf to the root?

@destroyersrt @abcoathup

5

Hi,

I believe this can only be done from outside the blockchain. However, when you create the merkle tree using merkletreejs, you can simple log the entire hashtree by:

someMerkleTree.toString()

for example, you can see the siblings, in fact the entire tree, like this: (I tried the merklejs dependency directly on nodejs):

Welcome to Node.js v14.17.1.      
Type ".help" for more information.
> const { MerkleTree } = require('merkletreejs');
undefined
> const keccak256 = require('keccak256');
undefined
> const elements = 'ABCDEF'.split('');
undefined
> elements
[ 'A', 'B', 'C', 'D', 'E', 'F' ]
> const merkletree = new MerkleTree(elements, keccak256, { hashLeaves: true, sortPairs: true });
undefined
> merkletree.toString()
'└─ 045e239a399187c0f36f84a4ce6b50ec3d3589539eb04daae2cc5a0d0b83866d\n' +
  '   β”œβ”€ 4e2b32e9c7b10ee15f38192ed65b95656a84e32531157b9384ef0d3cabe95956\n' +      
  '   β”‚  β”œβ”€ 69de756fea16daddbbdccf85c849315f51c0b50d111e3d2063cab451803324a0\n' +   
  '   β”‚  β”‚  β”œβ”€ 03783fac2efed8fbc9ad443e592ee30e61d65f471140c10ca155e937b435b760\n' +
  '   β”‚  β”‚  └─ 1f675bff07515f5df96737194ea945c36c41e7b4fcef307b7cd4d0e602a69111\n' +
  '   β”‚  └─ e62e1dfc08d58fd144947903447473a090c958fe34e2425d578237fcdf1ab5a4\n' +   
  '   β”‚     β”œβ”€ 017e667f4b8c174291d1543c466717566e206df1bfd6f30271055ddafdb18f72\n' +
  '   β”‚     └─ 6c3fd336b49dcb1c57dd4fbeaf5f898320b0da06a5ef64e798c6497600bb79f2\n' +
  '   └─ 660a63d98fc5eba694a91f37c0cebe5097bb07226524eb026ea414073036bedd\n' +      
  '      └─ 660a63d98fc5eba694a91f37c0cebe5097bb07226524eb026ea414073036bedd\n' +   
  '         β”œβ”€ 434b529473163ef4ed9c9341d9b7250ab9183c27e7add004c3bba38c56274e24\n' +
  '         └─ e61d9a3d3848fb2cdd9a2ab61e2f21a10ea431275aed628a0557f9dee697c37a\n'
>
6

Is there a CDN available for the Merkletree JS, that I can import in HTML?

7

yes, that would be helpful!..