How to Handle Randomness and Preserve Commitments in gnark for Sequential Proofs？

[fhhw]

I am currently learning how to use the gnark library to reproduce some papers, and I have a question. When implementing commitment circuits with gnark, I am unable to retrieve the random numbers used in the commitment. How can I use this commitment in other proofs or verifications in such a case? In other words, is it possible to use my own random numbers in the commitment circuit?
Additionally, I would like to know the difference between the commitments in gnark and those in gnark-crypto. Since there are very few tutorials related to gnark, I hope someone can help answer my questions.
Here is an example:
True = Vrfy(𝑝𝑘𝐶, comm(serial_{j}, bal_{j}, blind_{𝑗}), 𝜎_{𝑗})
commTx = comm(𝑣_{Tx}, blind_{Tx})
state_{𝑗+1} = comm(serial_{𝑗+1}, bal_{𝑗+1}, blind_{𝑗+1})
In this proof, I want to preserve the commitment state_{𝑗+1} as the input for the next signature. How can I achieve this?

[ivokub]

gnark has api.Commit method, but it is unfortunately not well named. It should rather be api.Challenge etc., but we cannot change it easily anymore due to breaking backwards compatiblity.

But in your scheme it seems you wouldn't need the method anyway. Instead, it seems like you would need a cryptographic commitment. There is an example construction on WIkipedia on how it could be constructed. We have elliptic curve arithmetic both over native and non-native fields and it should be sufficient for implementing the verifier.

Regarding on your question about how to use your random numbers inside your circuit - what do you mean? Do you want to provide some values as a witness to the circuit or have something like random number generator?