Most receipts are small promises with a logo at the top.

The restaurant promises that this is what you bought. The bank promises that this transaction was posted. The package tracker promises that the scan happened at 3:14 p.m.

A Merkle receipt is colder and more useful:

This exact item is inside the exact set committed by this exact root hash.

It does not ask you to download the whole set. It does not ask you to trust the server’s memory. It gives you a path of sibling hashes. If the path recomputes the published root, the item is committed by that root. If one bit changes, the path breaks.

That can sound like a small data-structure trick. It is not. It is the reason systems like Certificate Transparency can ask the public internet to audit millions or billions of entries without making every client store the whole log.1

The trick is to separate three claims that people often blur together:

inclusion:     this leaf is in this root
append-only:   this newer root extends that older root
non-equivocal: everyone is being shown the same root

A Merkle tree gives you sharp tools for all three. It does not run the social machinery by itself.

One Hash for the Whole Argument

A binary Merkle tree hashes leaves first, then hashes pairs of child hashes until one root remains. Certificate Transparency specifies domain separation: leaves and internal nodes are hashed differently, using different prefixes, so a leaf cannot be confused with an internal subtree.2

In pseudocode:

leaf_hash(data)       = HASH(0x00 || data)
node_hash(left,right) = HASH(0x01 || left || right)

The root commits to the ordered list of leaves. Change one certificate, one package digest, one model artifact, or one log entry, and the root changes.

Ralph Merkle’s early public-key protocol work gave the core authentication-tree idea: many values can be authenticated by one short public value plus a path of hashes.3 Later tamper-evident logging systems refined the idea for append-only histories. Crosby and Wallach describe logs where an untrusted server can prove that an event is still present and that the current log is consistent with an earlier view, using logarithmic-size proofs.4

That word, “view”, is important. The tree root is not the whole truth. It is a checkpoint. Someone still has to remember which checkpoints were published.

Receipt Desk

The lab below uses a toy 64-bit hash so the browser can redraw instantly. Do not copy it for security. The structure mirrors real transparency logs: leaves have one hash domain, internal nodes have another, the proof is a list of sibling hashes, and the byte estimates use SHA-256-sized nodes.

The toy hash is for visualization only. Real transparency systems use collision-resistant hashes, signed checkpoints, monitors, and carefully specified inclusion and consistency proof algorithms.

At 32 entries, the inclusion proof has 5 sibling hashes. With SHA-256-sized nodes, that is 160 bytes of sibling hashes, plus framing and the leaf. The full toy log is already much larger. At internet scale, the difference is the whole point: an audit path grows with tree height, not linearly with the log.

Switch to Tamper with receipt leaf. The public root and proof path are still honest, but the claimed leaf has been edited. Verification fails. This is the simple promise Merkle trees are good at:

You cannot swap the item while keeping the same receipt.

Switch to Rewrite old prefix. The presented tree can give a valid inclusion path for its rewritten contents. Local inclusion is not enough. The old checkpoint root no longer matches the prefix of the new tree, so the append-only check fails.

Switch to Split-view root with the receipt leaf outside the old checkpoint. The presented root can have a valid inclusion proof and still differ from the public root. This is equivocation: two observers are being shown two histories. The cure is not a cleverer local Merkle path. The cure is shared checkpoints, gossip, monitors, witnesses, or some other mechanism that makes split views collide in public.

Web PKI, With Receipts

Certificate Transparency exists because the web PKI has many certificate authorities, and a bad or compromised authority can issue a certificate that a browser might otherwise accept. CT does not prevent every bad certificate from being issued. It changes the environment: certificates are publicly logged in append-only Merkle trees so domain owners, monitors, auditors, and clients can notice suspicious issuance.5

The objects have names:

SCT: a log's promise to include a certificate soon
STH: a signed tree head, containing tree size and root hash
inclusion proof: path from a leaf to an STH root
consistency proof: evidence that a newer STH extends an older STH

RFC 9162 defines the Merkle Tree Hash recursively and specifies both inclusion and consistency proof objects. It also notes that leaf and node hashes are different domains because otherwise the tree is vulnerable to structural confusion.2

There is a lovely engineering humility here. The log operator is not assumed to be angelic. The data structure is designed so the operator can answer audits cheaply, and so contradictory answers leave cryptographic evidence.

If the Directory Lies

The same pattern appears in end-to-end encrypted messaging. A messaging service often maintains a directory from users to public keys. If the service silently serves Alice a fake key for Bob, Alice can encrypt to the attacker while the UI still looks normal.

Key transparency systems ask the service to publish an auditable directory. CONIKS, for example, adapts transparency ideas to end-user key bindings and is designed so users can efficiently monitor their own bindings while the system preserves privacy about the directory’s contents.6

The Merkle root is not magic dust. It is a commitment point in a protocol:

  1. Users check that their own records are present and correct.
  2. Monitors or clients check that roots evolve consistently.
  3. Participants compare checkpoints enough to make equivocation risky.

Without the third piece, a malicious server can show each user a locally consistent little world.

What a Receipt Does Not Buy

Merkle proofs are easy to oversell.

They do not prove that the leaf is true. A logged certificate can still be misissued. A logged package can still be malicious. A logged model weight file can still be a bad model.

They prove commitment:

this exact byte string was included in this exact committed set

That is still powerful. It turns disputes about mutable server state into disputes about signed checkpoints and short proofs. It lets small clients audit large systems. It makes deletion, substitution, and equivocation harder to hide.

The engineering checklist is:

  1. What exactly is the leaf? Bytes, normalized JSON, certificate DER, package hash, model artifact digest?
  2. Is the tree ordered, and does the order matter?
  3. Are leaf and node hashes domain-separated?
  4. Who signs or otherwise anchors the root?
  5. How does a client get an inclusion proof?
  6. How does it check append-only evolution from old roots to new roots?
  7. How do different clients learn whether they saw different roots?
  8. What does the system do after detecting a bad proof?

A Merkle root is a receipt.

Transparency is the social and operational machinery that makes everyone bring their receipts to the same table.

  1. Ben Laurie, Adam Langley, and Emilia Kasper, “RFC 6962: Certificate Transparency”, IETF, 2013. 

  2. Ben Laurie, Adam Langley, Emilia Kasper, Eran Messeri, and Rob Stradling, “RFC 9162: Certificate Transparency Version 2.0”, IETF, 2021.  2

  3. Ralph C. Merkle, “Protocols for Public Key Cryptosystems”, IEEE Symposium on Security and Privacy, 1980. 

  4. Scott A. Crosby and Dan S. Wallach, “Efficient Data Structures for Tamper-Evident Logging”, USENIX Security, 2009. 

  5. Certificate Transparency project, “How CT Works”

  6. Marcela S. Melara, Aaron Blankstein, Joseph Bonneau, Edward W. Felten, and Michael J. Freedman, “CONIKS: Bringing Key Transparency to End Users”, USENIX Security, 2015.