Merkle Tree Generator & Visualizer
指导
Merkle Tree Generator & Visualizer
Paste a list of values, choose a hash function, and instantly see a visual Merkle tree with every intermediate node hash and the final Merkle root. Pick SHA-256, SHA-1, or Keccak-256 (the hash Ethereum uses), tune the Bitcoin-style odd-leaf rule or the OpenZeppelin sorted-pair convention, and export the full tree as JSON. Click any node in the diagram to copy its hash to the clipboard.
如何使用
- Enter your leaves in the textarea, one value per line. Try the example button for a quick sample set.
- Pick a hash function: SHA-256 for general use, SHA-1 for legacy systems, or Keccak-256 for Ethereum-compatible roots.
- Choose how each line should be interpreted: as UTF-8 text (default) or as an already-hashed hex string.
- Select an odd-leaf rule and a pair-concatenation mode that matches the protocol you are targeting.
- Read the Merkle root, scroll the SVG diagram, and download the JSON export for downstream tooling.
特征
- Three hash functions – SHA-256, SHA-1, and Keccak-256 cover the common Bitcoin, legacy, and Ethereum use cases.
- Interactive SVG diagram – Every node is click-to-copy; duplicated phantom siblings are drawn with a dashed border so the structure is honest.
- Odd-leaf strategies – Toggle between duplicate-last (Bitcoin convention) and promote-last (carry the unpaired node up untouched) to match your target protocol.
- Sorted-pair mode – Switch on the OpenZeppelin-style sorted concatenation when you need roots that are compatible with the popular Solidity MerkleProof library.
- Pre-hashed hex input – Skip leaf hashing entirely by pasting hex digests directly, useful when the underlying leaves are large or already canonicalised.
- JSON export – Download a full snapshot of every level, every node hash, and the chosen parameters for reproducibility.
常问问题
-
What is a Merkle tree?
A Merkle tree is a binary tree of cryptographic hashes. The leaves are hashes of the input data, and every parent node is the hash of the concatenation of its two children. The single hash at the top — the Merkle root — fingerprints the entire data set: change any leaf and the root changes. Merkle trees let you prove that a specific value belongs to a set by sharing only a logarithmic number of sibling hashes (the Merkle proof), which is why they power Bitcoin block headers, Ethereum state, Git commits, and Certificate Transparency logs.
-
Why does Bitcoin duplicate the last hash when a level has an odd number of nodes?
To keep the construction strictly binary, Bitcoin pads odd-numbered levels by duplicating the rightmost hash so it can be paired with itself. This is simple to implement but introduces a well-known second-preimage quirk (CVE-2012-2459) where an attacker can sometimes craft a different leaf list that produces the same root. Newer designs prefer a 'promote' rule — carrying the unpaired hash up unchanged — or domain-separation tags on internal vs. leaf hashes to close the gap.
-
How is Keccak-256 different from SHA-256 and SHA3-256?
Keccak-256 is the original sponge construction that won the NIST SHA-3 competition. Before standardisation, NIST changed the padding rule, producing SHA3-256, which is incompatible byte-for-byte with the pre-standardisation Keccak-256. Ethereum locked in the original Keccak-256 before the change, so 'keccak256' in Solidity is not the same function as SHA3-256. SHA-256 is part of the unrelated SHA-2 family and uses a Merkle–Damgård construction; it shares only the name pattern.
-
Why do some Merkle libraries sort the pair before hashing?
Sorting the left and right hashes before concatenation makes the parent hash independent of which child is 'left' and which is 'right.' This means a Merkle proof only needs to include sibling hashes, not directional bits, which makes proofs about 30% smaller on chain and the verifier contract much simpler. OpenZeppelin's MerkleProof.sol uses this convention; classic Bitcoin and Ethereum block headers do not. The sorted variant is mostly seen in airdrop allowlists, governance snapshots, and other off-chain commitments.
