Currently, since we are representing all of our public inputs for the proof as bit vectors, we use an iterated hash of sha256 (if the top of bit stream = 0) and ripemd160 (if the top of bit stream = 1) to encode a commitment to a bitstream that connects the UXTOs:
/*
Populate the stack like this
...
0x[previous result (for ZKP L2's, the bit stream of all state roots)] <--- top of stack
*/
const ops: string[] = [];
for(let i=0;i
ops.push("OP_IF"); // if bit === 1, then ripemd160
ops.push("OP_RIPEMD160");
ops.push("OP_ELSE"); // if bit === 0, then sha256
ops.push("OP_SHA256");
ops.push("OP_ENDIF");
}
// your computed value is now on the top of the stack!
return ops.join("\n");
}
While this does work, it seems incredibly wasteful I was wondering if anyone had come up with a more clever way to work around not being able to use OP_CAT/enforce recursive covenants in its absence.