LNPBP-81: Tagged Merkle trees
Last updated
Last updated
Problems with modern merkle trees:
Depth extension attack: no commitment to the tree depth
Based on bitcoin merklization with following modifications:
Tagged hashing for source data
Tagged hashing of each tree object
Commitments to depth, width and height of the tree
Custom placeholders for empty objects
Restricting tree source to 2^16 elements (height is always <=16)
This document is licensed under the Creative Commons CC0 1.0 Universal license.