The commit–reveal scheme is one of the simplest and most elegant cryptographic patterns used in smart contracts to prevent cheating or premature information disclosure. It’s like playing rock–paper–scissors on the blockchain without letting your opponent see your move before locking in theirs.
The blockchain is transparent. Any data you send (like your choice, guess, or bid) is visible to everyone.
So if you directly submit your secret — “rock”, “bid 10 ETH”, or “number 42” — others can see it and react accordingly.
The solution is:
First commit a hash of your secret (so nobody can see it), then reveal it later.
You send a hash of your secret data to the contract, not the secret itself.
Example:
commit = keccak256(abi.encodePacked(secret, salt))
Here, secret is what you’ll reveal later, and salt is a random string to prevent brute-forcing (guessing).
You store this hash in the contract:
mapping(address => bytes32) public commits;
function commit(bytes32 _hash) public {
commits[msg.sender] = _hash;
}
Nobody can learn your secret from the hash — that’s the “commitment”.
Later, when it’s time to prove your choice, you reveal both your secret and your salt.