diff --git a/src/api.rs b/src/api.rs
index 644d5dd..362b8e1 100644
--- a/src/api.rs
+++ b/src/api.rs
@@ -1477,9 +1477,11 @@ fn add_validation_token(init_commitment: String, merkle_root_hex: String, approv
     {
         let update_state: &mut ProcessState = process.get_state_for_id_mut(&merkle_root_hex)?;
 
-        let mut merkle_root = [0u8; 32];
-
-        merkle_root.copy_from_slice(&Vec::from_hex(&merkle_root_hex)?);
+        let merkle_root: [u8; 32] = Vec::from_hex(&merkle_root_hex)?
+            .try_into()
+            .map_err(
+                |_| ApiError::new(format!("Failed to deserialize merkle_root_hex: {}", merkle_root_hex))
+            )?;
 
         let message_hash = if approval {
             AnkHash::ValidationYes(AnkValidationYesHash::from_merkle_root(merkle_root))
@@ -1494,6 +1496,39 @@ fn add_validation_token(init_commitment: String, merkle_root_hex: String, approv
         update_state.validation_tokens.push(proof);
     }
 
+    let commit_msg: Option<CommitMessage> = 
+    {
+        let update_state = process.get_state_for_id(&merkle_root_hex)?;
+        // if the state is valid we also add a commit msg
+        let update_is_valid = update_state.is_valid(process.get_parent_state(&update_state.commited_in));
+        if update_is_valid.is_ok() {
+            debug!("Adding the commit msg to return value");
+            let roles = match update_state.encrypted_pcd.extract_roles() {
+                Ok(roles) => roles,
+                Err(_) => {
+                    let mut fields2plains = Map::new();
+                    let fields2commit = update_state.pcd_commitment.as_object().ok_or(anyhow::Error::msg("pcd_commitment is not an object"))?;
+                    update_state.encrypted_pcd
+                        .decrypt_all(update_state.commited_in, &fields2commit, &update_state.keys, &mut fields2plains)?;
+
+                    Value::Object(fields2plains).extract_roles()?
+                }
+            };
+
+            let pcd_commitment = update_state.pcd_commitment.clone();
+            let mut commit_msg = CommitMessage::new_update_commitment(
+                process.get_process_id()?, 
+                pcd_commitment, 
+                roles,
+            );
+            commit_msg.set_validation_tokens(update_state.validation_tokens.clone());
+            Some(commit_msg)
+        } else {
+            debug!("No commit msg");
+            None
+        }
+    };
+
     let updated_process = UpdatedProcess {
         commitment_tx: OutPoint::from_str(&init_commitment)?,
         current_process: process.clone(),
@@ -1503,6 +1538,7 @@ fn add_validation_token(init_commitment: String, merkle_root_hex: String, approv
 
     Ok(ApiReturn {
         updated_process: Some(updated_process),
+        commit_to_send: commit_msg,
         ..Default::default()
     })
 }
@@ -1585,10 +1621,6 @@ pub fn create_response_prd(init_commitment: String, merkle_root_hex: String) ->
         }
     }
 
-    if ciphers.is_empty() {
-        return Err(ApiError::new("Empty ciphers list".to_owned()));
-    }
-
     Ok(ApiReturn {
         ciphers_to_send: ciphers,
         ..Default::default()