Using Merkle Proof for Whitelisting Your Token Mechanism

Posted By : Vishal

Feb 25, 2022

Introduction:

 

Cryptocurrency is one of the trending topics in recent times. People are moving toward blockchain technology and new project are continuously launching daily along with the utility token like ERC20, ERC721, and ERC1155 this gave the chances for users/investors to participate in projects at early stages but with these bad elements like hackers or whales get the chances to manipulate new tokens so whitelisting become one of the important features at the time of launch. If we store every user address at the smart contract level then it will take too many gas fees, especially for blockchain like Ethereum.

 

Merkle proof solves these problems by only needing to save one root key in the smart contract. It works by hashing the corresponding hash moving way up in the tree till the root hash is achieved. You can see more details for Merkle proof from the links in the reference section.

 

Merkle proof concept is not limited to whitelist only you can use this any way you want based on the requirement. Please see the below section to understand its works.

 

Step 1: Installing libraries and importing your files.

 

// Install Merkle proof js library. Run this command in the root folder of the project directory.

npm i merkletreejs

npm i keccak256

 

// Import in your javascript files using these codes.

const { MerkleTree } = require('merkletreejs')

const keccak256 = require('keccak256')

 

Step 2: Adding users' addresses and generating root keys.

 

// List of address that need to be whitelisted

const addresses = ['0x000000000000000000000000000000000000dEaD', '0x0000000000000000000000000000000000000000', '0x1234567890123456789012345678901234567890']

// Create an instance with Merkle proof.

const leaf nodes = addresses.map(addr =>keccak256(addr));

const tree = new MerkleTree(leafnodes, keccak256)

// This will generate the key that needs to be stored in smart contract

const root = tree.getRoot().toString('hex');

console.log("Root ",root);

 

Step 3: Generate leaf and proof 

 

// Generating proof with leaf that will be passed to smart contract during the transaction.

// During transaction smart will also generate leaf with root and msg.sender address and verify the same

 

const proof = tree.getHexProof(leafnodes[0]);

 

Step 4: Integrate with smart contract.

 

// Import from Merkle proof library from openzeppelin.

import { MerkleProof } from "@openzeppelin/contracts/utils/cryptography/MerkleProof.sol";


 

// Using inside contract function. merleRoot should be stored inside the contract either at deployment or later by the owner.

// Proof needs to be generated via frontend/backend and passed in the function parameter. The leaf will be generated by a smart contract to compare.

bytes32 leaf = keccak256(abi.encodePacked(msg.sender));

require(MerkleProof.verify(proof, merkleRoot, leaf), "INVALID PROOF");

 

Conclusion

 

Using this Merkle proof concept you can easily whitelist users without saving every user's details in the smart contract. This helps a lot in blockchain like Ethereum which charges too many fees for transactions.

 

Reference:
 

https://medium.com/crypto-0-nite/merkle-proofs-explained-6dd429623dc5

https://ethereum.org/en/developers/tutorials/merkle-proofs-for-offline-data-integrity/

https://docs.openzeppelin.com/contracts/3.x/api/cryptography

Leave a

Comment

Name is required

Invalid Name

Comment is required

Recaptcha is required.

blog-detail

November 23, 2024 at 01:35 am

Your comment is awaiting moderation.

By using this site, you allow our use of cookies. For more information on the cookies we use and how to delete or block them, please read our cookie notice.

Chat with Us
Telegram Button
Youtube Button

Contact Us

Oodles | Blockchain Development Company

Name is required

Please enter a valid Name

Please enter a valid Phone Number

Please remove URL from text