Skip to main content

Merkle Root | Bitcoin Glossary | Mapping Bitcoin

Merkle Root

Protocolo

A single hash at the top of a Merkle tree that cryptographically summarizes all transactions in a block. The Merkle root is included in the block header and allows efficient verification that a specific transaction is included in the block.

Overview

The Merkle root is a single 32-byte hash that sits at the apex of a Merkle tree and cryptographically commits to every transaction included in a block. It is stored in the block header, making it a compact fingerprint of the entire transaction set. Any change to any transaction in the block would produce a completely different Merkle root.

How It Is Computed

The Merkle root is constructed by recursively hashing pairs of transaction hashes (using double SHA-256) until only one hash remains:

            Merkle Root
           /           \
       Hash AB         Hash CD
      /      \        /      \
   Hash A   Hash B  Hash C   Hash D
     |        |       |        |
   Tx A     Tx B    Tx C     Tx D

If there is an odd number of elements at any level, the last element is duplicated before hashing.

Role in Block Headers

The block header contains six fields: version, previous block hash, Merkle root, timestamp, difficulty target (bits), and nonce. By including the Merkle root, the header commits to the full set of transactions without having to include them all directly. This is what enables lightweight clients to perform SPV verification.

Merkle Proofs

A Merkle proof allows verification that a specific transaction is included in a block by providing only the sibling hashes along the path from the transaction to the root. This requires only log2(N) hashes for a block with N transactions, making verification extremely efficient.

Edge Cases

If a block contains only the coinbase transaction (no other transactions), the Merkle root is simply the hash of that single transaction. The duplication of odd elements can also create a subtle vulnerability known as a Merkle tree malleability issue, which was addressed by BIP 98.

Términos Relacionados

Merkle TreeCriptografía

A binary tree of hashes where each leaf node represents a transaction hash and each non-leaf node is the hash of its two children. Merkle trees enable efficient and secure verification of transaction inclusion without downloading the entire block.

Block HeaderProtocolo

An 80-byte data structure at the beginning of each block containing the version number, previous block hash, Merkle root of all transactions, timestamp, difficulty target, and nonce. Miners hash the block header repeatedly to find a valid proof of work.

HashCriptografía

A fixed-length output produced by a hash function from an arbitrary input. In Bitcoin, hashes serve as unique identifiers for blocks and transactions, form the basis of proof of work, and link blocks together in the blockchain.

Simplified Payment Verification (SPV)Protocolo

A method described in the Bitcoin whitepaper that allows lightweight clients to verify transactions without downloading the full blockchain. SPV clients only download block headers and use Merkle proofs to confirm that a transaction is included in a block.