# Preimage Commitment

<figure><img src="https://67081447-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLhegu0iVyRUg425RQWaa%2Fuploads%2FFCttitF35YsY298WuSUK%2FPreimageCommitment_1.png?alt=media&#x26;token=4f773a44-1f54-4e67-b61c-c27a62723577" alt=""><figcaption></figcaption></figure>

The Preimage Commitment is an important cryptographic primitive in constructing SatoshiVM. Cryptographic primitives refer to low-level encryption algorithms that are mature and often used to build computer security systems.

Preimage Commitment is used to conceal the execution trace of a circuit until the Prover reveals the execution trace preimage to the Verifier. The execution trace refers to all the input and output signal values generated during the circuit's execution process. The preimage is related to hash functions, where if hash(a) = b, we call a the preimage and b the hash value. When the Prover discloses the preimage corresponding to a Preimage Commitment, the Verifier needs to check it to confirm whether it truly complies with the circuit's execution rules.

Consider a specific case, focusing on gate C, which has one input (1) and one output (5), and its function is to perform a NOT operation on its input. Suppose that when the circuit execution reaches gate C, its input value is `value`, as follows:

<figure><img src="https://67081447-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLhegu0iVyRUg425RQWaa%2Fuploads%2FpZUPDdta6dOe6ye2uUV1%2FPreimageCommitment_2.png?alt=media&#x26;token=338e6d22-05d5-4c5d-a6f8-d9b9401cb752" alt=""><figcaption></figcaption></figure>

The Prover sends the hash value of the input line (4) value `value` and the output line (5) value `output` of gate B to the Verifier. The Verifier then uses these hash values to construct a script for on-chain verification, which we will discuss in detail later. The hash values of `value` and `output` given here are referred to as the Preimage Commitment. As mentioned before, the purpose of the Preimage Commitment is to prevent the Prover from altering the pre-committed execution path for malicious purposes. Once the Verifier has completed constructing this script, the Prover reveals the values of `value` and `output`.The Verifier has a local program that can verify whether the inputs and outputs disclosed by the Prover comply with the rules of gate B. If the Prover's output does not match the gate's rules, a transaction can be spent to prove the Prover's malfeasance. The script corresponding to this transaction is as follows:

<figure><img src="https://67081447-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLhegu0iVyRUg425RQWaa%2Fuploads%2FVMMG6zkD5JmNQths1L5l%2FPreimageCommitment_3.png?alt=media&#x26;token=13174719-9966-4f58-9dd9-92af9a5d2620" alt=""><figcaption></figcaption></figure>

When the Prover behaves maliciously, such as providing an input of `1` but also providing an output of `1`, indicating dishonesty, the Verifier can spend the UTXO locked by the above script to prove that the Prover has acted maliciously. The specific construction of this script will also be discussed later in the document.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.satoshivm.io/satoshivm/preimage-commitment.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.