Skip to main content

The Commit Phase

Commitment is the act of cryptographically binding yourself to data without revealing what that data is.

What Happens

When you commit to Ghost Protocol, you perform the following steps:

  1. Generate secrets. You create random cryptographic values that only you possess. These secrets are the keys to your commitment.

  2. Compute the commitment. Using your secrets and the data you want to commit, you compute a cryptographic hash. This hash is your commitment.

  3. Record the commitment. The commitment is written to the blockchain. It becomes permanent and publicly visible.

  4. Store your secrets. You keep your secrets private. Without them, the commitment is meaningless and unrecoverable.

What Gets Recorded

At the protocol level, the blockchain records:

  • Your commitment hash — a 256-bit value added to the Merkle tree
  • The leaf index — the commitment's position in the tree
  • Block timestamp

The commitment hash alone reveals nothing about the secrets behind it. No one can determine what was committed.

Additional metadata in value transfer applications

When the commit primitive is used for token transfers (Ghostcoin's "vanish" operation), the smart contracts also record:

  • Your address — the depositor's address, stored in the commitmentDepositors mapping and emitted in the Vanish event
  • The token and amount — what token you deposited and how much

This transaction metadata — who deposited, how much, and when — is publicly visible on-chain. The commit/reveal unlinkability guarantee still holds (no one can connect your deposit to a future withdrawal), but the deposit itself is not hidden.

What Stays Private

The commitment's preimage stays private:

  • The random secret used to create the commitment
  • The nullifier secret
  • The blinding factor
  • The connection between your commit and any future reveal

These values exist only in your possession (as a "voucher" in value transfer applications). If you lose them, the commitment is lost forever. There is no recovery mechanism, no backup, no administrator who can help.

The Irreversibility

Once a commitment is recorded, it cannot be changed or removed. The blockchain is append-only. Your commitment will exist permanently, whether you reveal it or not.

This permanence is intentional. It ensures that:

  • No one can censor your commitment after it is made
  • No one can claim you never made a commitment
  • The commitment cannot be altered to change its meaning
  • The timeline of commitments is immutable

You can abandon a commitment by never revealing it. But you cannot erase that the commitment was made.

When Commit Happens

Commit is always your choice. No one can force you to make a commitment. No one can make a commitment on your behalf without your secrets.

This is different from traditional systems where transactions are recorded about you without your participation. In Ghost Protocol, you control when and whether commitments are made.