|
|
- package merkle
-
- import (
- "bytes"
- "fmt"
- )
-
- type SimpleProof struct {
- Aunts [][]byte `json:"aunts"` // Hashes from leaf's sibling to a root's child.
- }
-
- // proofs[0] is the proof for items[0].
- func SimpleProofsFromHashables(items []Hashable) (rootHash []byte, proofs []*SimpleProof) {
- trails, rootSPN := trailsFromHashables(items)
- rootHash = rootSPN.Hash
- proofs = make([]*SimpleProof, len(items))
- for i, trail := range trails {
- proofs[i] = &SimpleProof{
- Aunts: trail.FlattenAunts(),
- }
- }
- return
- }
-
- // Verify that leafHash is a leaf hash of the simple-merkle-tree
- // which hashes to rootHash.
- func (sp *SimpleProof) Verify(index int, total int, leafHash []byte, rootHash []byte) bool {
- computedHash := computeHashFromAunts(index, total, leafHash, sp.Aunts)
- return computedHash != nil && bytes.Equal(computedHash, rootHash)
- }
-
- func (sp *SimpleProof) String() string {
- return sp.StringIndented("")
- }
-
- func (sp *SimpleProof) StringIndented(indent string) string {
- return fmt.Sprintf(`SimpleProof{
- %s Aunts: %X
- %s}`,
- indent, sp.Aunts,
- indent)
- }
-
- // Use the leafHash and innerHashes to get the root merkle hash.
- // If the length of the innerHashes slice isn't exactly correct, the result is nil.
- func computeHashFromAunts(index int, total int, leafHash []byte, innerHashes [][]byte) []byte {
- // Recursive impl.
- if index >= total {
- return nil
- }
- switch total {
- case 0:
- panic("Cannot call computeHashFromAunts() with 0 total")
- case 1:
- if len(innerHashes) != 0 {
- return nil
- }
- return leafHash
- default:
- if len(innerHashes) == 0 {
- return nil
- }
- numLeft := (total + 1) / 2
- if index < numLeft {
- leftHash := computeHashFromAunts(index, numLeft, leafHash, innerHashes[:len(innerHashes)-1])
- if leftHash == nil {
- return nil
- }
- return SimpleHashFromTwoHashes(leftHash, innerHashes[len(innerHashes)-1])
- } else {
- rightHash := computeHashFromAunts(index-numLeft, total-numLeft, leafHash, innerHashes[:len(innerHashes)-1])
- if rightHash == nil {
- return nil
- }
- return SimpleHashFromTwoHashes(innerHashes[len(innerHashes)-1], rightHash)
- }
- }
- }
-
- // Helper structure to construct merkle proof.
- // The node and the tree is thrown away afterwards.
- // Exactly one of node.Left and node.Right is nil, unless node is the root, in which case both are nil.
- // node.Parent.Hash = hash(node.Hash, node.Right.Hash) or
- // hash(node.Left.Hash, node.Hash), depending on whether node is a left/right child.
- type SimpleProofNode struct {
- Hash []byte
- Parent *SimpleProofNode
- Left *SimpleProofNode // Left sibling (only one of Left,Right is set)
- Right *SimpleProofNode // Right sibling (only one of Left,Right is set)
- }
-
- // Starting from a leaf SimpleProofNode, FlattenAunts() will return
- // the inner hashes for the item corresponding to the leaf.
- func (spn *SimpleProofNode) FlattenAunts() [][]byte {
- // Nonrecursive impl.
- innerHashes := [][]byte{}
- for spn != nil {
- if spn.Left != nil {
- innerHashes = append(innerHashes, spn.Left.Hash)
- } else if spn.Right != nil {
- innerHashes = append(innerHashes, spn.Right.Hash)
- } else {
- break
- }
- spn = spn.Parent
- }
- return innerHashes
- }
-
- // trails[0].Hash is the leaf hash for items[0].
- // trails[i].Parent.Parent....Parent == root for all i.
- func trailsFromHashables(items []Hashable) (trails []*SimpleProofNode, root *SimpleProofNode) {
- // Recursive impl.
- switch len(items) {
- case 0:
- return nil, nil
- case 1:
- trail := &SimpleProofNode{items[0].Hash(), nil, nil, nil}
- return []*SimpleProofNode{trail}, trail
- default:
- lefts, leftRoot := trailsFromHashables(items[:(len(items)+1)/2])
- rights, rightRoot := trailsFromHashables(items[(len(items)+1)/2:])
- rootHash := SimpleHashFromTwoHashes(leftRoot.Hash, rightRoot.Hash)
- root := &SimpleProofNode{rootHash, nil, nil, nil}
- leftRoot.Parent = root
- leftRoot.Right = rightRoot
- rightRoot.Parent = root
- rightRoot.Left = leftRoot
- return append(lefts, rights...), root
- }
- }
|