Author

Topic: Why do we need double hashing in a Merkle tree? (Read 818 times)

legendary
Activity: 1176
Merit: 1011
Not every kind of Sha256 vulnerability would also apply on Sha256d. So I guess it's for security.

Still, I would rather have seen something like Sha256(x+Sha256(x)) instead of just Sha256(Sha256(x)). But either way, it's fine.
newbie
Activity: 17
Merit: 10
Thanks for your answer. I was thinking along the same lines, that it's somewhat of a security measure.

But if there would be a flaw in SHA256, wouldn't that impact both SHA256d hashed transactions, pretty much the same as SHA256 hashed transactions? It would of course depend on the flaw found, but reasoning that Satoshi choose this as a security measure, we're talking delay here.

Just wondering if the choice for SHA256d is a functional decision, like speed improvement.
legendary
Activity: 1176
Merit: 1011
Any hash would do, and Sha256(Sha256(x)) can also be considered "just a hash".

I assume Satoshi chose this double Sha256 (also called "Sha256d") just in case a future possible vulnerability is discovered with Sha256. It would give us more time to switch to something else (like Sha3).
newbie
Activity: 17
Merit: 10
Hi,

In Bitcoin, the Merkle tree created from all transactions contains nodes that represent a double hash of each transaction: N = SHA256(SHA256(tx0)

What's the point of doing so? Can't we just do a N =  SHA256(tx0)?

Thanks.
Jump to: