Most active commenters

    ←back to thread

    Our modular, high-performance Merkle Tree library for Rust

    (github.com)
    141 points bibiver | 11 comments | 21 Oct 25 12:58 UTC | HN request time: 0.475s | source | bottom
    Show context
    bibiver ◴[21 Oct 25 12:58 UTC] No.45655191[source]
    We've just released rs-merkle-tree, a Merkle tree crate designed with performance and modularity in mind. It comes with the following key features:

    * Fixed depth: All proofs have a constant size equal to the depth of the tree. The depth can be configured via a const generic.

    * Append-only: Leaves are added sequentially starting from index 0. Once added, a leaf cannot be modified.

    * Optimized for Merkle proof retrieval: Intermediate nodes are stored so that proofs can be fetched directly from storage without recomputation, resulting in very fast retrieval times.

    * Configurable storage and hash functions: Currently supports Keccak and Poseidon hashers, and in-memory, Sled, RocksDB, and SQLite stores.

    The Rust ecosystem already offers several Merkle tree implementations, but rs-merkle-tree is built for a specific use case: append-only data structures such as blockchains, distributed ledgers, audit logs, or certificate transparency logs. It’s particularly optimized for proof retrieval, storing intermediate nodes in a configurable and extensible storage backend so they don’t need to be recomputed when requested.

    replies(3): >>45656124 #>>45657554 #>>45657562 #
    1. xpe ◴[21 Oct 25 14:16 UTC] No.45656124[source]
    For those in the know... Do you have any recommended reading for Merkle-curious people that may have some scars from blockchain-related hype? It would be nice to find a nice introductory resource that covers some interesting use-cases that may not be well-known. Perhaps with nice graphics, interactivity, etc.?

    For example, here is a slick web site that shows how certificate transparency uses Merkle trees: https://certificate.transparency.dev/howctworks/

    replies(4): >>45656589 #>>45657564 #>>45658018 #>>45660006 #
    2. 6r17 ◴[21 Oct 25 14:54 UTC] No.45656589[source]
    There are use-cases outside of "crypto" for blockchain - notably for security related use-cases such as historization ; tough I concede that use-case can be handled with more standard technologies it is very fun to get into it and study such use as it may have properties that could be interesting. One has to have some time for this but to be frank it's not really something super hard to pull-off (Bc itself conceptually)
    replies(1): >>45657025 #
    3. tialaramex ◴[21 Oct 25 15:29 UTC] No.45657025[source]
    I think the question, certainly the question I have - is, what are some use cases outside of "crypto" and the CT log ?
    replies(3): >>45657080 #>>45657202 #>>45657601 #
    4. kevinastone ◴[21 Oct 25 15:33 UTC] No.45657080{3}[source]
    Git and other vcs are generally built on merkle-trees for consistent hashing.

    There's a list of other common hashing cases on the Wikipedia entry: https://en.wikipedia.org/wiki/Merkle_tree#Uses

    5. trn217 ◴[21 Oct 25 15:44 UTC] No.45657202{3}[source]
    You can make use of merkle-trees when ever you want to proof the data integrity of large amounts of individually independent data (distributed FS etc). After playing arround with SMTs for a bit, possible use-cases came to mind quite frequently.
    replies(1): >>45657642 #
    6. sunshowers ◴[21 Oct 25 16:12 UTC] No.45657564[source]
    The joke is there are two kinds of distributed systems: Spanner and Bitcoin.
    7. vlovich123 ◴[21 Oct 25 16:18 UTC] No.45657642{4}[source]
    The challenge to me is that the ability to prove the data integrity is quite hard once you store the data elsewhere, particularly on a single disk - I don’t know that people are regularly reading and reevalidating the stored data and likely not on every I/o operation.
    8. xpe ◴[21 Oct 25 16:47 UTC] No.45658018[source]
    I'm currently exploring how different APIs compute ETags [1]. I'm inclined to think the overhead of Merkle-trees make them relatively less useful for ETags for paginated APIs where responses are small and flat hashing is fast. One rule of thumb would be: the overhead isn't justified unless you need either (a) efficient updates on very large collections, or (b) collection-level state tracking across pagination boundaries. Sound about right?

    [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/...

    Also, ETags can use weak validators:

    > W/ (case-sensitive) indicates that a weak validator is used. Weak ETags are easy to generate, but are far less useful for comparisons. Strong validators are ideal for comparisons but can be very difficult to generate efficiently. Weak ETag values of two representations of the same resources might be semantically equivalent, but not byte-for-byte identical. This means weak ETags prevent caching when byte range requests are used, but strong ETags mean range requests can still be cached.

    9. raphinou ◴[21 Oct 25 18:54 UTC] No.45660006[source]
    I'm working on a project where I need to prove that a file in a git repo is append only, ie all changes to the file only added lines. The only way I can think of is looking at the git history of the file, but would there be a faster way using Merkel trees somehow?
    replies(1): >>45661360 #
    10. jmount ◴[21 Oct 25 20:36 UTC] No.45661360[source]
    Is this trying to deal with that git history can be replaced?
    replies(1): >>45665367 #
    11. raphinou ◴[22 Oct 25 06:01 UTC] No.45665367{3}[source]
    We handle the case to prevent git history rewrites, but an alternative solution could be adopted if less cumbersome.