What if Merkle trees were left out of the blockchain?

15 replies 442 views
ape2009Member
Posts: 3 · Reputation: 81
#1Oct 10, 2020, 04:30 AM
I've been digging into Merkle trees lately and got to say, they play a big role in blockchains. They're like this clever way of organizing data, making sure all the transactions on the bitcoin network are securely stored. From what I've learned, they help miners check if transactions have been messed with, clear out any duplicates, and there's no lag when data is sent around the network. Plus, they sum up and keep track of all transactions in a block, creating a digital fingerprint for validation so users can easily verify if a transaction's part of a block. It seems pretty clear to me that Merkle trees are essential in blockchain tech. But I'm curious about what would happen if they weren't part of the blockchain. What kind of issues would we run into without them? Any feedback would be awesome, as I’m trying to get a better grasp of bitcoin's technical side.
2 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#2Oct 10, 2020, 07:39 AM
1. Bitcoin itself doesn't use encryption cryptography. 2. I'm not sure what do you mean by data identification, since Bitcoin is pseudonymous. What would happen? SPV mechanism would be more difficult and less efficient, since it needs to download whole block which contain relevant TX.
4 Reply Quote Share
SwiftMinerSenior Member
Posts: 259 · Reputation: 1036
#3Oct 10, 2020, 01:59 PM
Lack of usage of the Merkel tree would actually have a lot of negative effects on the network. One of them is that every transaction would need to be stored individually, leading to more space occupied in the blockchain. Also, without Merkle trees, verifying transactions would require checking every single transaction, making the process slower. To a very large extent, merkle trees actually provide a way to efficiently verify transaction inclusion without revealing sensitive information. Without them, the blockchain would be more vulnerable to attacks, congestion and a less efficient proof of work system. Infact block propagation will be much slower. Node prunning would not be possible since there would be no link to most data needed if everything is stored individually. Many things will be affected from congestion to high fee as a result of the fact that more computational power will be needed.
0 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#4Oct 10, 2020, 04:01 PM
I have several thought and question, 1. Full node (excluding pruned ones) actually verify/check and store all transaction. So what exactly do you mean by "Also, without Merkle trees, verifying transactions would require checking every single transaction, making the process slower." ? 2. I don't understand how it makes node pruning impossible. After all, pruned node just need to store recent block and UTXO in order to verify new block. 3. How exactly lack of merkle tree would lead to high fee when transaction size and block size limit remain not changed? Do you mind explain it more clearly?
3 Reply Quote Share
ape2009Member
Posts: 3 · Reputation: 81
#5Oct 10, 2020, 10:01 PM
Because it easier to identify and verify a large body of information that are store in blockchain and help miners identify easily when any transaction have been tempered with.
1 Reply Quote Share
SwiftMinerSenior Member
Posts: 259 · Reputation: 1036
#6Oct 11, 2020, 12:34 AM
You're right about  the aspect of full nodes storing and verifying all transactions. However without Merkle trees, verifying a transaction would require checking the entire block, not just the transaction itself. And that's because in a Merkle tree, transactions are hashed and combined in pairs, forming a tree-like structure and this actually allows nodes to efficiently verify a transaction by checking only the relevant branches of the tree. Now, without Merkle trees, nodes would need to verify the entire block by checking every transaction's signature, scripts, and other data. Just to verify it's POW stamp and origin. Think of it like searching for a specific book in a library, with Merkle trees, you can quickly locate the book by checking the catalog (Merkle root) and then verifying the book's existence by checking only the relevant shelf (Merkle branch). And this kinda means that without Merkle trees, you'd need to search the entire library, checking every book individually. As for the pruned nodes aspect,yes they actually store recent blocks and UTXOs. However, without Merkle trees, pruned nodes would struggle to efficiently verify new blocks, as they'll need to check every transaction in the block, not just the relevant ones. Meaning you will not only waste computational power but also if there is no Merkel tree some branches of data may be missing causing difficulties in a prunned node from getting the origin and POW data of a transaction since there is no branch like link and some data isn't present.
3 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#7Oct 11, 2020, 02:46 AM
It's either i don't understand your statement or you didn't double check what you write, but 1. You admit that full node verify all transaction, but you also say that without merkle tree full node need to check whole block / every transaction in the block. That means it's not disadvantage of lack of merkle root. 2. Pruned node (at least for Bitcoin Core) doesn't even keep old merkle tree according to https://bitcoin.stackexchange.com/a/36101.
2 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#8Oct 11, 2020, 08:46 AM
I think you need to explain further why lack of merkle trees leads to congestion, centralization and lower rates adaption. After all, 1. Merkle tree doesn't determine block size limit, which means total transaction which can fit in a block doesn't change. 2. Full nodes verify whole block, where lack of merkle tree wouldn't have such major impact on verification time. 3. Average user doesn't know or care about how Bitcoin works in details. CMIIW.
3 Reply Quote Share
LuckyCoinLegendary
Posts: 832 · Reputation: 4795
#9Oct 11, 2020, 02:44 PM
Merkle trees are for the transactions, and they are included in each block for its own transactions. They allow the Core client to verify that all of the transactions in the block are valid and intended to be there. There's one for TXIDs and another for WTXIDs (to validate both legacy transactions and their segwit versions, if applicable). There's a specific process described in a BIP somewhere that dictates how the transactions are supposed to be ordered before hashing them as leaves. That is because they are combined two at a time, unless the number of transactions is odd, in which case I think the last transaction skips a branch or something.
4 Reply Quote Share
SwiftMinerSenior Member
Posts: 259 · Reputation: 1036
#10Oct 13, 2020, 07:09 AM
Well it seems you haven't fully gotten my point. I don't know why but my telegram bot didn't display this mention if not I would have replied earlier I decided to check the thread while I was surfing and found you quoted me with some questions again. Firstly I think the problem is you are actually viewing the whole situation as if full nodes don't make use of the Merkel tree and that's not the case here. Computers or rather ASIC mining wares are actually designed to carry out one particular task efficiently and that simply means that they would need to make use of Merkel trees to validate transactions so even in the case of a full node, for a faster and more efficient validation it would use the Merkel tree instead of individual scattered data. Yes but it still keeps the newest ones to show how important the Merkel tree is. You can't risk having ungrouped data (data without the Merkel tree) for a node without all the data since you could risk missing out some important data.
1 Reply Quote Share
vector777Member
Posts: 63 · Reputation: 232
#11Oct 13, 2020, 08:24 AM
Every transaction is stored individually. Bitcoin does not use the Merkle tree to delete transactions   Every single transaction is verified
0 Reply Quote Share
DYOR
vector777Member
Posts: 63 · Reputation: 232
#12Oct 13, 2020, 01:15 PM
They're not crucial. Are you sure you did any research? It is crucial to have a commitment in the block header which represents all the transactions in a way that allows proof that the transactions have not been modified after the block was created. A hash (SHA2-256 is used) serves as a proof because it is not forgeable  It is crucial to minimize the size of the block header, so that block-level chain proofs can be very fast. A hash is only 32 bytes. It serves as an efficient compression of several thousand transactions  The hash commitment which represents the transactions could be calculated by serializing all the transactions in order and making a single hash calculation The hash commitment which represents the transactions could be calculated by concatenating all the transactions' ID hashes in order and making a single hash calculation Merkle trees have benefits for coders - a clearer separation between the function of a transaction and the hashing functions used to implement immutability in the chain. This benefit persists over the long term, reducing the possibility of bugs being created by future software maintenance Not crucial, but very useful
1 Reply Quote Share
DYOR
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#13Oct 13, 2020, 05:05 PM
I still don't get your point. 1. I'm sure ASIC miner doesn't perform verification at all, since it's only designed to perform SHA-256. 2. Computer generally designed to perform general or all kinds of tasks. 3. Full node already verify all TX. In fact, it already verify most/all of them when it reached their mempool, before added in a block. That makes sense. Without merkle tree, there's no information on block header which can be used to know about whether you receive complete block data from other node.
1 Reply Quote Share
SwiftMinerSenior Member
Posts: 259 · Reputation: 1036
#14Oct 13, 2020, 11:02 PM
Exactly now you get my point. This was the main reason why I said earlier on that without the implementation of Merkel trees , there would pretty much be no group data in an organised format to be able to select key ones to form a prunned node. It's like saying you want to confirm is a couple of books are not fake and available in a library when you don't even have the whole library and a catalogue (which is a Merkel tree in this case). In simple terms I'll just say the Merkel tree makes it possible for prunned nodes to summarise the block chain and save space. As for this, ASIC mining wares carryout hashing, and if you agree to that then you will also recall that hashing is carried out multiple times on the block header during hashing and validation meaning without Merkel trees there wouldn't be data grouped so that you can have a head to hash on.
0 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#15Oct 14, 2020, 02:18 AM
I see. It seems your definition of verification is far more broad than mine, which caused some confusion.
2 Reply Quote Share
coin777Senior Member
Posts: 143 · Reputation: 970
#16Oct 14, 2020, 02:25 AM
Then, instead of a single 256-bit number, you would have only the transaction counter in the block message, and all transactions after that. If you use a hash function like SHA-256, which is based on Merkle–Damgård construction, then things can be optimized, and then done in SPV way. For example: you can give someone the initialization vector, just before the latest SHA-256 internal block, and the last 512-bit chunk. It would be sufficient to verify, that the hash of the whole block was mined correctly. The same about proving transaction inclusion: even if you hash all data, as a single SHA-256 call, then still: you can prove, that a chunk "X" is included, by giving the initialization vector, some chunks in-between, and a final SHA-256 result, for that specific chunk. So, SPV would be of course harder, but still possible, because SHA-256 splits data into 512-bit chunks by definition. Edit: With Merkle tree: What is hashed, and how: And without Merkle tree, it would be still possible to prove data inclusion. For example: if you share with anyone, that there is a chunk of data, which starts from "bc909a33 6358bff0 90ccac7d 1e59caa8 c3c8d8e9 4f0103c8 96b18736 4719f91b", and ends with "af42031e 805ff493 a07341e2 f74ff581 49d22ab9 ba19f613 43e2c86c 71c5d66d", then, the only matching in-between data, is equal to this "second chunk". And: the size of in-between data can be arbitrarily large, you will just share the starting 256-bit value, and the ending 256-bit value, and then, you can prove, that as long as SHA-256 is safe, nobody changed anything here.
2 Reply Quote Share
?Reply
Sign in to reply to this topic

Related topics