Bitcoin Forum
December 07, 2016, 08:26:30 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Why are transactions stored in a hash/merkle tree ?  (Read 3599 times)
Skybuck
Full Member
***
Offline Offline

Activity: 185


View Profile
November 29, 2011, 01:09:45 PM
 #1

Hello,

There is something I don't understand about bitcoin:

Why are the transactions stored in a hash/merkle tree ?

Why simply not store them sequential and calculate a single hash over all of them ?

Only reason I can think of is "more security" because of hash tree, more hashes to calculate...

Seems kind of cheesy.

One possible reason could be "quantum computers" merkle hash tree might protect a bit more against it.

Bye,
  Skybuck.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481142390
Hero Member
*
Offline Offline

Posts: 1481142390

View Profile Personal Message (Offline)

Ignore
1481142390
Reply with quote  #2

1481142390
Report to moderator
Stefan Thomas
Full Member
***
Offline Offline

Activity: 235


AKA: Justmoon


View Profile WWW
November 29, 2011, 01:49:57 PM
 #2

If they were stored sequentially, you'd need all transactions to verify that any single one belongs to a given block. With a merkle tree, you only need to provide the transaction and the merkle branch to prove that this transaction in fact appears in this block.

Twitter: @justmoon
PGP: D16E 7B04 42B9 F02E 0660  C094 C947 3700 A4B0 8BF3
deepceleron
Legendary
*
Offline Offline

Activity: 1470



View Profile WWW
November 29, 2011, 02:13:56 PM
 #3

Transactions are not "stored" in a hash tree, but rather the proof-of-work that says a block is authentic is based on hashing the Merkle tree input of all the transactions. The Merkle root and a nonce (salt) is what miners are hashing to find a high-difficulty solution. Since the final Merkle root hash is always a 32 byte word size, this gives several desirable properties:

1. The Merkle root input is always the same small size, making it a consistent amount of work, easily transmittable for pooled mining, and simplifying writing hashing algorithms and the dataset size used in hardware.

2. The "shape" of the input data looks nothing like transactions, so if there was a preimage attack for SHA256, the obfuscating layers of hashing make it more impenetrable.

3. The Merkle tree gives several layers of checksumming that could be used to validate individual transactions, verify the tree, or verify the block.

4. Transactions are broken into blocks, and the previous block's hash is included in the current block, making a long strong blockchain of valid transactions.

It's not really much hashing, considering that you only need recalculate it once per new transaction a miner receives, and generating a block typically takes 5000 trillion hashes anyway.

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
November 29, 2011, 03:57:59 PM
 #4

The largest advantage is it can lead to lite clients which don't need full blocks and instead can request block headers and merkle branch from other nodes.  This isn't implemented yet and I believe one of the developers indicated it may require a seperate protocol.

The use of merkle tree can also allow blockchain pruning by removing older transactions once a newer transaction for a particular address is deep enough in the block chain.  With a single hash for all transactions this wouldn't be possible not without some mechanism to re-sign the pruned block and that would require some sort of alternate proof-of-work to ensure decentralized consensus.

More generally speaking using a merkle tree allows more granularity in transaction validation.  You can validate an entire block, a group of transactions, or just a single transaction.  Using a merkle tree allows options to deal w/ future issues that the network may need to deal with.



Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!