forked from ArgLab/writing_observer
-
Notifications
You must be signed in to change notification settings - Fork 2
Merkle tree packages
Bradley Erickson edited this page May 26, 2022
·
3 revisions
This page explores a few different Merkle tree implementations available in Python.
https://pymerkle.readthedocs.io/en/latest/
from pymerkle import MerkleTree
mt = MerkleTree()
# encrypt an entire file
mt.encryptFileContent(path_to_file)
# text based representation of the tree
print(mt)
# create a challenge using our computed checksum
challenge = {
'checksum': hex_string
}
proof = mt.merkleProof(challenge)
# Create a validator to check if a proof exists
validator = Validator(proof)
try:
validator.run()
print('Valid proof')
except merkle_exceptions.InvalidMerkleProof as e:
print(f'Invalid proof: {e}')
# import/export
mt.export(path_to_export)
mt = MerkleTree.loadFromFile(path_to_import)Pros:
- Directly encrypt files or logs entries within a file
- Easy to import/export
- Tree is automatically expanded when new nodes are added
- Text visualization
- Good documentation
Cons:
- TODO figure out how to compute hash properly
- Some security concerns exist https://github.com/fmerg/pymerkle/tree/master#security
https://github.com/Tierion/pymerkletools
from merkletools import MerkleTools
mt = MerkleTools()
mt.add_leaf(json_data, True) # add all the data to the tree, each item in json data becomes a leaf
mt.make_tree() # create the tree itself, adding more nodes will reset the tree (i.e. we will need to run this command again)
# grab various metrics from the tree
root = mt.get_merkle_root()
proof_0 = mt.get_proof(0)
leaf_0 = mt.get_leaf(0)
# manaually compute the hash of one of the elements
hash = hashlib.sha256(json_data[0].encode()).digest()
hex_string = hash.hex()
# validate the hash is present in the data
is_valid = mt.validate_proof(proof_0, hex_string, root)
print(f'Validating leaf 1: {is_valid}')
print(f'Leaf hex == manual hash: {leaf_0 == hex_string}')Pros:
- Easily able to validate hash and confirm it exists or not in the tree
- Easy to add leave
Cons:
- No visual representation of tree
- Required to run
mt.make_tree()whenever new nodes are added - No straightforward way to import/export, but the
picklepackage exists and can probably handle this - Had to read entire contents of file and then encrypt
https://github.com/vpaliy/merklelib
from merklelib import MerkleTree, beautify
# our own defined hash function, could easily sprinkle some salt in here
def hashfunc(value):
return hashlib.sha256(value).hexdigest()
mt = MerkleTree(data, hashfunc)
beautify(mt) # text based visualization of the tree
leaf_0 = mt.hexleaves[0]
proof_0 = mt.get_proof(leaf_0)
# check if leaf is in tree or not based on proof
if mt.verify_leaf_inclusion(mt.leaves[0], proof_0):
print('In tree')
else:
print('Not in tree')
# export Merkle tree, json or jpg
export(tree, filename='transactions', ext='jpg')Pros:
- Easy to export, both JSON or JPEG supported
- Able to define our own hash function, easy to include salt
- Text based visualization
- Proofs are straightforward
Cons:
- All data is passed into constructor instead of creating the tree and then adding. Include update, append, and extend method but does not state what they do.
- Lack of documentation