What is the difference between an inclusion proof and a consistency proof?

An inclusion proof shows that a specific entry is present in a Merkle tree with a given root. A consistency proof shows that a newer tree is an append-only extension of an older one — that nothing previously logged was edited or removed.

Is there a dependency-free way to build transparency logs in TypeScript?

Yes. RFC 6962 needs only SHA-256 and a domain-separated hashing scheme, both available in the standard runtime. A small library can provide inclusion proofs, consistency proofs, Ed25519-signed checkpoints, and a sparse-Merkle verifiable map without any third-party packages.

When should you not use an in-memory transparency log?

At billions of entries. In-memory or single-file logs suit small-to-moderate volumes such as release transparency, compliance audit trails, and verifiable agent action logs. Web-scale certificate-transparency workloads need server infrastructure like Trillian.

Verifiable transparency logs in TypeScript

Updated 2026-06-01 · cryptography · RFC 6962 / RFC 9162

A transparency log is an append-only list whose every state is cryptographically committed by a Merkle root. Two proofs make it trustworthy: an inclusion proof (this entry is in the log) and a consistency proof (the newer log is an append-only extension of the older one — nothing was edited or deleted). RFC 6962 needs only SHA-256, so you can build one in TypeScript with zero dependencies.

Why this is the hard part

The JS/TS ecosystem has plenty of generic Merkle-tree libraries, but few modern, dependency-light, spec-faithful primitives for building your own transparency logs with both inclusion and consistency proofs. The robust implementations tend to live in Rust (ct-merkle) or in server-scale infrastructure (Trillian). That leaves a gap for a small, auditable library you can read in an afternoon.

The data model

Hashing follows RFC 6962 §2.1 and is domain-separated so a leaf can never be confused with an internal node:

leafHash(entry)       = SHA256(0x00 || entry)
nodeHash(left, right) = SHA256(0x01 || left || right)
emptyRoot()           = SHA256("")

Log — an ordered list of entries; its Merkle Tree Head (root) commits to the whole history.
Checkpoint — {size, rootHash, timestamp}, optionally Ed25519-signed: a portable, independently verifiable commitment to the log state.
Verifiable map — a sparse Merkle tree over 256-bit keys that proves both key → value (inclusion) and that a key is absent (non-inclusion).

What you use it for

Supply-chain and release transparency, compliance audit trails that are provably append-only, verifiable action logs for agents and automation, secure timestamping, and key-transparency-style verifiable maps. It targets small-to-moderate logs; it is not a replacement for Trillian or certificate transparency at billions of entries.

veritrail implements this in TypeScript with zero dependencies — its proofs are byte-for-byte interoperable with the RFC 6962 reference implementation. Source and docs: github.com/ArisRhiannon/veritrail.