dr-orlovsky
commented
4 years ago After the team meeting with @InBitcoin it was decided that references to the parent proofs are prunable information, so there is no need to preserve space by using hash that is different from the normal proof/contract id.
At this moment, we reference upstream proofs and contracts by a SHA256-hash of their commitment fields – the same hash which is used for P2C commitments. However, we can save at least 96 bytes per upstream reference if we will use RIPMD160 on top of that SHA256 — and for asset aggregation proofs (like we can have with USDT) it will save even some kb in storage space.
There is also an additional benefit in relation to privacy: Bifrost servers receiving requests for providing proofs by their RIPMD160 hash will never know their commitment hash (SHA256) util they have an actual source of the proof.