Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
merkletreejs
Advanced tools
merkletreejs - npm Package Compare versions
Comparing version 0.3.2 to 0.3.3
@@ -465,3 +465,8 @@ "use strict"; | ||
| if (!Number.isInteger(index)) { | ||
| index = this._bufferIndexOf(this.leaves, leaf, this.sortLeaves); | ||
| index = -1; | ||
| for (let i = 0; i < this.leaves.length; i++) { | ||
| if (buffer_1.Buffer.compare(leaf, this.leaves[i]) === 0) { | ||
| index = i; | ||
| } | ||
| } | ||
| } | ||
@@ -468,0 +473,0 @@ if (index <= -1) { |
| { | ||
| "name": "merkletreejs", | ||
| "version": "0.3.2", | ||
| "version": "0.3.3", | ||
| "description": "Construct Merkle Trees and verify proofs", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
@@ -32,3 +32,2 @@ <h3 align="center"> | ||
| - [Contributing](#contributing) | ||
| - [Tip Jar](#tip-jar) | ||
| - [License](#license) | ||
@@ -139,2 +138,6 @@ | ||
| - Q: Is there a way to visualize the merkle trees in the browser? | ||
| - Yes, see [merkletree-viz](https://github.com/miguelmota/merkletree-viz). | ||
| ## Notes | ||
@@ -144,6 +147,10 @@ | ||
| Also, as is, this implementation is vulnerable to a forgery attack for an unbalanced tree, where the last leaf node can be duplicated to create an artificial balanced tree, resulting in the same Merkle root hash. Do not accept unbalanced tree to prevent this. | ||
| Also, as is, this implementation is vulnerable to a forgery attack for an unbalanced tree, where the last leaf node can be duplicated to create an artificial balanced tree, resulting in the same Merkle root hash. Do not accept unbalanced tree to prevent this. More info [here](https://bitcointalk.org/?topic=102395). | ||
| More info [here](https://bitcointalk.org/?topic=102395). | ||
| Please use the library [`@openzeppelin/merkle-tree`](https://github.com/OpenZeppelin/merkle-tree) if you're integrating with OpenZeppelin contracts or using multiproofs. There are known issues with the current multiproof implementation as pointed out in [issues](https://github.com/merkletreejs/merkletreejs/issues/63). | ||
| ### Disclaimer | ||
| This library was created for my own purposes and is provided as-is. Use at your own risk. | ||
| ## Resources | ||
@@ -183,10 +190,2 @@ | ||
| ## Tip Jar | ||
| [](https://www.blockchain.com/btc/address/3KdMW53vUMLPEC33xhHAUx4EFtvmXQF8Kf) `3KdMW53vUMLPEC33xhHAUx4EFtvmXQF8Kf` | ||
| [](https://etherscan.io/address/0x9ed3D6793a6b74d8c9A998f5C4b50a25947D53aF) `0x9ed3D6793a6b74d8c9A998f5C4b50a25947D53aF` | ||
| Thank you for tips! 🙏 | ||
| ## License | ||
@@ -193,0 +192,0 @@ |
Sorry, the diff of this file is too big to display
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.11%
283848
- Lines of code
- increased by0.14%
3553
Worsened metrics
- Number of lines in readme file
- decreased by-0.52%
192
No dependency changes