snarkvm_circuit_program/data/record/
to_commitment.rs

1// Copyright (c) 2019-2025 Provable Inc.
2// This file is part of the snarkVM library.
3
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at:
7
8// http://www.apache.org/licenses/LICENSE-2.0
9
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15
16use super::*;
17
18impl<A: Aleo> Record<A, Plaintext<A>> {
19    /// Returns the record commitment.
20    pub fn to_commitment(
21        &self,
22        program_id: &ProgramID<A>,
23        record_name: &Identifier<A>,
24        record_view_key: &Field<A>,
25    ) -> Field<A> {
26        // Construct the input as `(program_id || record_name || record)`.
27        let mut input = program_id.to_bits_le();
28        record_name.write_bits_le(&mut input);
29        self.write_bits_le(&mut input);
30
31        // Version 0 - Construct the input as the *record bits* without the version bits.
32        let input_v0 = input[..input.len() - 8].to_vec();
33        // Version 0 - Compute the BHP hash of the program record.
34        let digest = A::hash_bhp1024(&input_v0);
35
36        // Version 1 - Construct the input as the *digest* with the version bits.
37        let mut input_v1 = digest.to_bits_le();
38        // Append the version bits.
39        input_v1.extend_from_slice(&input[input.len() - 8..]);
40
41        // Construct the cm_nonce.
42        let cm_nonce = A::hash_to_scalar_psd2(&[A::commitment_domain(), record_view_key.clone()]);
43        // Version 1 - Compute the BHP commitment of the program record.
44        let commitment = A::commit_bhp512(&input_v1, &cm_nonce);
45
46        // If the record is non-hiding, then return the digest. Otherwise, return the commitment.
47        Ternary::ternary(&!self.is_hiding(), &digest, &commitment)
48    }
49}
50
51impl<A: Aleo> Record<A, Ciphertext<A>> {
52    /// Returns the record commitment.
53    pub fn to_commitment(
54        &self,
55        _program_id: &ProgramID<A>,
56        _record_name: &Identifier<A>,
57        _record_view_key: &Field<A>,
58    ) -> Field<A> {
59        A::halt("Illegal operation: Record::to_commitment() cannot be invoked on the `Ciphertext` variant.")
60    }
61}