Merkle Tree
Structure
- Depth: 20 levels
- Capacity: 2^20 = 1,048,576 deposits
- Hash function: Poseidon
- Root history: Last 100 roots stored (for withdrawal grace period)
Leaf Computation
leaf = Poseidon(commitment, token, amount)
commitment = Poseidon(secret, nullifier)Zero Values
Empty leaves use a deterministic zero value chain:
zero[0] = keccak256("offshore-cash") % p
zero[i] = Poseidon(zero[i-1], zero[i-1])Why Poseidon?
Poseidon is specifically designed for ZK-SNARK circuits. Compared to SHA-256:
- ~300x fewer constraints
- Native field arithmetic (no bit decomposition needed)
- Provably secure against known attacks