# Hash Conventions

Numex uses different hash functions across different layers. This document explains the boundaries and how they interact.

## On-Chain: keccak256

The Solidity contracts use `keccak256` for all on-chain operations:

```solidity
bytes32 proof = keccak256(abi.encodePacked(fingerprint, salt));
uint256 tokenId = uint256(proof);
```

This applies to:

* Integrity proof computation (fingerprint + salt)
* Token ID derivation
* Role identifiers (`MINTER_ROLE`, `OPERATOR_ROLE`)
* Merkle tree leaf and node hashing for on-chain pool inclusion verification

## Off-Chain Reveal Proofs: SHA-256

The reveal fairness proof system uses SHA-256 for off-chain operations:

* Server seed commitments: `SHA-256(serverSeed)`
* Reveal seed: `SHA-256(serverSeed:buyerNonce:packId)`
* Merkle tree leaf hashing: `SHA-256(itemId)`
* Merkle tree internal nodes: `SHA-256(left || right)`
* Selection index: `BigUInt64BE(SHA-256(revealSeed)) mod poolSize`

## On-Chain Merkle Trees: keccak256

The contracts include on-chain Merkle proof verification. The off-chain Merkle tree uses keccak256 to match the contract:

| Property            | Off-chain keccak256 tree                           |
| ------------------- | -------------------------------------------------- |
| Leaf hash           | `keccak256(abi.encodePacked(itemId))`              |
| Pair hash           | `keccak256(abi.encodePacked(sorted(left, right)))` |
| Root format         | `0x`-prefixed `bytes32`                            |
| On-chain verifiable | Yes                                                |

## Hash Boundary Summary

```mermaid
flowchart TD
  subgraph OffChain["Off-Chain (TypeScript)"]
    A["SHA-256 Merkle root (reveal fairness)"]
    B["keccak256 Merkle root (pool verification)"]
  end

  subgraph OnChain["On-Chain (Solidity)"]
    C["commitPool (opaque anchor)"]
    D["verifyPoolInclusion (keccak proof)"]
    E["Integrity proofs (keccak256)"]
    F["Settlement saleRef (keccak256)"]
  end

  A -->|"bytes32 anchor"| C
  B -->|"bytes32 root + keccak proof"| D
```

| Layer                        | Hash      | Reason                                        |
| ---------------------------- | --------- | --------------------------------------------- |
| Solidity contracts           | keccak256 | EVM native opcode, cheapest on-chain hash     |
| On-chain Merkle verification | keccak256 | Must match Solidity for on-chain verification |
| Off-chain reveal/Merkle      | SHA-256   | Standard for off-chain proof systems          |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://numex-greenfield.gitbook.io/numex-docs/technology/hash-conventions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.