aaronbassett/compact-core:privacy-disclosure
plugins/compact-core/skills/privacy-disclosure/SKILL.md
Use when encountering "potential witness-value disclosure" compiler errors, implementing commit-reveal patterns, working with persistentCommit/transientCommit vs persistentHash/transientHash, or designing privacy-preserving circuits with proper witness protection.
development
Updated Mar 26, 2026
$ install --global
skillsauthnpx skillsauth add aaronbassett/midnight-knowledgebase compact-core:privacy-disclosureInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Error
VirusTotalMulti-engine malware detection
70%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 26, 2026, 12:43 PM45.8s7 files scanned
SKILL.md
- name:
- compact-core:privacy-disclosure
- description:
- Use when encountering "potential witness-value disclosure" compiler errors, implementing commit-reveal patterns, working with persistentCommit/transientCommit vs persistentHash/transientHash, or designing privacy-preserving circuits with proper witness protection.
Privacy & Disclosure
Essential guidance for Midnight's privacy model: when disclosure is required, commitment patterns, and witness protection.
The Disclosure Rule
Witness values cannot flow to public outputs without explicit disclose().
The compiler tracks all witness-derived values through your code. If a value touches any of these "disclosure triggers", you must wrap it with disclose():
| Trigger | Why Disclosure Required | |---------|------------------------| | Ledger storage | Data on-chain is public | | Circuit return | Return values go to TypeScript | | External contract | Data leaves your contract boundary | | Comparison operations | Comparisons can leak information |
Quick Decision Tree
Is the value derived from a witness?
├── No → No disclosure needed
└── Yes → Does it flow to:
├── Ledger write → disclose() required
├── Circuit return → disclose() required
├── Comparison (==, <, >) → disclose() required
└── Commitment (transientCommit/persistentCommit) → Safe, no disclosure
Safe vs Unsafe Operations
| Operation | Safe? | Why |
|-----------|-------|-----|
| persistentCommit(x) | ✅ Safe | Hides value with nonce |
| transientCommit(x) | ✅ Safe | Hides value with nonce |
| persistentHash(x) | ❌ Unsafe | No nonce, can be brute-forced |
| transientHash(x) | ❌ Unsafe | No nonce, can be brute-forced |
Common Patterns
Commit-Reveal
witness get_secret(): Field;
// Phase 1: Commit
export circuit commit(): Bytes<32> {
const secret = get_secret();
return persistentCommit(secret); // Safe: commitment hides secret
}
// Phase 2: Reveal (requires disclosure)
export circuit reveal(): Field {
const secret = get_secret();
return disclose(secret); // Explicit: user knows this reveals
}
Nullifier Pattern
witness get_secret(): Field;
export circuit spend(commitment: Bytes<32>): Bytes<32> {
const secret = get_secret();
// Verify knowledge of secret
assert persistentCommit(secret) == commitment, "Invalid commitment";
// Generate nullifier (unique per secret, reveals nothing)
const nullifier = persistentHash("nullifier", secret);
return nullifier;
}
References
- Disclosure Rules - Complete decision tree
- Witness Protection - How the compiler tracks values
- Safe Operations - Safe vs unsafe stdlib functions
Related Skills
aaronbassett/midnight-tooling:midnight-setup
tools
VerifiedTrustedCommunity
Use when setting up Midnight development environment, installing Compact compiler and developer tools, configuring proof server, verifying prerequisites, or getting started with Midnight development.
SKILL.mdUpdated Mar 26, 2026
aaronbassett/plugins/midnight-tooling/skills/midnight-debugging
tools
VerifiedTrustedCommunity
--- name: midnight-tooling:midnight-debugging description: Use when encountering Midnight errors like "compact: command not found", "ERR_UNSUPPORTED_DIR_IMPORT", version mismatches, proof server failures, "@midnight-ntwrk" package errors, or compilation failures. --- # Midnight Environment Debugging Expert knowledge for identifying and resolving common Midnight development toolchain issues. ## Diagnostic Approach When encountering Midnight-related errors, follow this systematic approach: 1.
SKILL.mdUpdated Mar 26, 2026
aaronbassett/midnight-tooling:midnight-compatibility
tools
VerifiedTrustedCommunity
Use when checking Midnight version compatibility, understanding pragma language_version, verifying compiler and runtime version relationships, or troubleshooting version mismatch errors between Midnight components.
SKILL.mdUpdated Mar 26, 2026
aaronbassett/midnight-tooling:midnight-ci
tools
VerifiedTrustedCommunity
Use when setting up CI/CD for Midnight projects, configuring GitHub Actions for Compact contract compilation, running TypeScript tests in CI, validating version consistency, or automating contract builds.
SKILL.mdUpdated Mar 26, 2026