1

In a smart contract, I want to maintain a set of addresses independent of the order. Would the sum of the hashes for each of the addresses be a cryptographically secure approach?

If I do:

root = bytes32(uint256(keccak256(addr1))+uint256(keccak256(addr2))+....+uint256(keccak256(addrN)))

would the root hash be secure enough to verify that a given list of addresses is the original one or is that hash easy to collide with other sets of addresses?

Improve this question

1 Answer 1

Reset to default
1

Using the sum of hashes of addresses might not prevent collisions, as different sets of addresses could potentially result in the same root hash.

A more secure approach would be to use a data structure specifically designed for maintaining sets, such as a Merkle tree.

Merkle trees provide cryptographic security by ensuring that any change to the set of addresses will lead to a different root hash. This allows for efficient verification of the integrity of the address set.

Here's a simplified overview of how you could use a Merkle tree for this purpose:

  1. Construct a Merkle tree with the addresses as leaf nodes.
  2. Store the root hash of the Merkle tree in your smart contract.
  3. To verify the integrity of the address set, participants can provide the Merkle proof (a path from the leaf node to the root) along with their claimed address.
  4. The smart contract can then verify the Merkle proof to ensure that the claimed address is indeed part of the original set.

This approach provides both efficiency and cryptographic security, making it suitable for maintaining sets of addresses in a smart contract.

This medium article might be helpful.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.