Introduction to Aztec: Value hiding on public blockchain

Introduction

Blockchain technology has transformed the way we think about transparency, decentralization, and trust. Its fundamental design principle allows participants in a distributed network to reach consensus on the state of a shared ledger, ensuring that every transaction is visible and verifiable by all. While this approach has brought revolutionary transparency to industries like finance, supply chains, and governance, it also poses a significant challenge: privacy. In traditional blockchains, every transaction is public, and although pseudonymous, user activity can often be traced and linked, creating privacy concerns for individuals and businesses alike.

This dilemma between transparency and privacy is a growing issue as blockchain use expands. Users who wish to leverage the benefits of decentralized technology without compromising sensitive information—such as transaction amounts, counterparties, or asset holdings—face a difficult decision. The need for privacy-preserving technology in blockchain is becoming more pressing, especially in sectors where confidentiality is paramount, such as in financial services and business contracts. Enter Aztec, a blockchain protocol designed to address these privacy concerns by leveraging advanced cryptographic techniques, specifically Zero-Knowledge Proofs (ZKPs).

‍

1. The Privacy Problem in Blockchain

The fundamental nature of public blockchains is to create transparency, a feature that ensures trust within a decentralized network. In systems like Bitcoin and Ethereum, every transaction is broadcast to all participants in the network. The blockchain ledger is immutable and transparent—meaning any observer can see the details of every transaction, from the sender's and receiver's addresses to the amount transferred and the time of the transaction. While this transparency is key to establishing the trustless nature of decentralized systems, it comes with trade-offs.

One of the most significant challenges of this transparency is the exposure of financial data and transaction histories. Even though blockchain addresses are pseudonymous (tied to a user by an address rather than a real name), advanced analytics techniques can often de-anonymize users by linking transaction histories and correlating blockchain data with external information. This level of exposure is problematic for various reasons:

• Financial privacy: Users might not want their entire transaction history to be publicly visible. In traditional banking, transactions are private, only visible to the bank and the account holder. On a blockchain, any observer can track the flow of funds between addresses.
• Corporate secrecy: Businesses using blockchain may inadvertently expose sensitive commercial activity to competitors or malicious actors by allowing them to track transactions, contractual obligations, or internal transfers.
• Personal security risks: High-net-worth individuals, celebrities, or other targets could face threats if their transaction patterns, asset holdings, or spending habits are easily accessible through a public ledger.

These privacy concerns have given rise to the demand for privacy-preserving blockchain solutions. Users want the ability to conduct private transactions while still leveraging the security and decentralization that blockchain provides. To address this, a number of privacy-enhancing protocols have emerged. However, they often face a difficult balancing act between maintaining the integrity of the blockchain and preserving confidentiality. Aztec, developed as a layer 2 on the Ethereum blockchain, is designed to fill this gap. Aztec achieves this by leveraging Zero-Knowledge Proofs (ZKPs), a category of cryptographic proofs that allow one party to prove to another that a statement is true without revealing any additional information about the statement. This concept has wide-reaching applications in privacy-preserving technology, and Aztec has harnessed its potential to enable confidential transactions.

The implementation of zk-SNARKs within Aztec represents a significant breakthrough in the blockchain space. Zero-Knowledge technology, particularly zk-SNARKs, plays a critical role in the evolution of privacy on blockchain. Prior to its introduction, privacy in blockchains was either achieved through complex off-chain solutions, such as mixers or sidechains, or through entirely separate privacy-centric blockchains like Zcash or Monero. These approaches, while effective in certain respects, often came with scalability issues, regulatory challenges, or limitations in usability. Aztec is one of the pioneering projects using this technology in a practical, scalable way. By applying zk-SNARKs to its Note system, Aztec ensures that sensitive information—like transaction amounts or user identities—remains confidential while still being cryptographically verifiable. This opens up new possibilities for privacy in decentralized finance, enabling use cases where discretion is essential, such as private loans, encrypted smart contracts, and confidential business transactions.

‍

2. Zero-Knowledge Proofs: A Foundation for Privacy

The concept of privacy in blockchain is rooted in a desire to allow transactions to remain confidential while still benefiting from the security and trust of decentralized systems. Zero-Knowledge Proofs (ZKPs) are a key cryptographic innovation that enables this balance. This chapter explores how ZKPs work, particularly in the context of blockchain, and introduces the zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) technology, which is foundational to the Aztec protocol. By using zk-SNARKs, Aztec enables transactions to be verified without revealing sensitive information, ensuring privacy without compromising security or decentralization.

At its core, a Zero-Knowledge Proof (ZKP) is a cryptographic protocol that allows one party (the "prover") to prove to another party (the "verifier") that they know a piece of information or that a certain statement is true, without revealing the information itself. The power of ZKPs lies in their ability to provide certainty and verification without exposure.

The concept of Zero-Knowledge Proofs was first introduced in the 1980s by researchers Goldwasser, Micali, and Rackoff, who outlined the fundamental properties that a ZKP must satisfy:

• Completeness: If the statement is true, the verifier will be convinced of the fact by the proof.
• Soundness: If the statement is false, a malicious prover cannot convince the verifier that it is true, except with some extremely small probability.
• Zero-Knowledge: The verifier learns nothing beyond the fact that the statement is true. They do not gain any additional information about the underlying data or computations.

In a blockchain context, ZKPs have become a key method of preserving privacy while still enabling the network to validate transactions. The need for such technology stems from the transparency inherent in most blockchains. For example, Bitcoin and Ethereum maintain publicly accessible ledgers where anyone can inspect transaction details. While this ensures trust and immutability, it compromises the privacy of users who may not want their financial activities to be exposed to the world.

ZKPs offer a way to preserve privacy by enabling transactions to be verified without disclosing the details of those transactions. With the growth of decentralized finance (DeFi) and the increasing desire for confidential smart contracts, ZKPs are becoming an essential tool in modern blockchain protocols. Aztec leverages this technology to ensure that users can conduct private transactions without undermining the security or trustworthiness of the blockchain.

zk-SNARKs, or Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge, represent a specific type of Zero-Knowledge Proof that has gained significant attention in blockchain applications. zk-SNARKs are a compact and efficient form of ZKP that allows for scalable privacy in decentralized systems. They enable a party to prove that they possess knowledge of certain information without having to interact with the verifier repeatedly or provide large, complex proofs.

The “succinct” and “non-interactive” aspects of zk-SNARKs are particularly important for their use in blockchain:

• Succinctness: zk-SNARKs are extremely efficient. The proofs generated are small in size and can be verified quickly, which is crucial for maintaining performance in blockchain systems where computational efficiency is a priority.
• Non-Interactivity: Traditional ZKPs often require multiple rounds of communication between the prover and the verifier, which can be cumbersome in a decentralized environment. zk-SNARKs, however, enable a single proof to be generated and verified without the need for ongoing interaction, making them ideal for blockchain applications where a prover and verifier may not be able to interact directly.

Aztec’s implementation of zk-SNARKs is one of its defining features. By integrating zk-SNARKs into its protocol, Aztec allows users to create proofs that verify the correctness of a transaction without revealing the underlying details, such as the transaction amount or the parties involved. The use of zk-SNARKs ensures that while transactions remain confidential, the integrity of the blockchain is not compromised. zk-SNARKs represent a major breakthrough in this space by allowing transactions to be both private and verifiable. With zk-SNARKs, users can prove the validity of a transaction—such as proving that they own sufficient funds to complete a transfer or that they are authorized to execute a smart contract—without revealing the actual transaction details. This means that:

• The transaction amount can be hidden from public view.
• The sender and receiver identities can remain private.
• The logic of smart contracts can be executed without exposing sensitive business or financial data.

Aztec’s use of zk-SNARKs is aimed at enhancing privacy without sacrificing the security and verifiability of the blockchain. For example, when a user conducts a transaction using Aztec’s Note system (as explained in later chapters), the transaction is encrypted, but zk-SNARKs are used to prove that the transaction complies with the rules of the blockchain (i.e., the user has enough balance, no double-spending occurs, etc.).

This ability to hide transaction details while still allowing the network to verify their validity opens up new possibilities for confidential financial operations on public blockchains. It enables use cases such as:

• Private payments: Users can transfer funds without revealing the amount or counterparties involved.
• Confidential lending and borrowing: DeFi protocols can issue loans and manage collateral without exposing sensitive financial data.
• Business-to-business transactions: Enterprises can use smart contracts to manage commercial relationships without making contractual details public

While zk-SNARKs offer significant benefits in terms of privacy and scalability, they are not without challenges. Below are some key advantages and obstacles associated with zk-SNARKs:

‍

Benefits:

• Privacy: zk-SNARKs enable private transactions on public blockchains, allowing for confidential asset transfers and smart contract execution.
• Efficiency: zk-SNARK proofs are small and computationally efficient, making them practical for use in blockchain systems that require rapid verification of transactions.
• Verifiability: Despite keeping transaction details private, zk-SNARKs ensure that all transactions remain verifiable and that the integrity of the blockchain is preserved.

Challenges:

• Complexity: zk-SNARKs require sophisticated mathematical constructs, such as elliptic curve cryptography and pairings, which can make their implementation more complex than other cryptographic techniques.
• Trusted Setup: One of the primary challenges of zk-SNARKs is the need for a trusted setup phase, where certain cryptographic parameters are generated. If the setup is compromised, it could undermine the security of the entire system. While advances in multi-party computation (MPC) have mitigated this risk, it remains a point of concern.
• Computation Costs: Although zk-SNARKs are computationally efficient in verification, generating zk-SNARK proofs can be resource-intensive, requiring powerful computational resources.

Despite these challenges, zk-SNARKs have proven to be one of the most promising privacy technologies for blockchain. Their ability to provide both privacy and verifiability in a succinct and scalable manner has positioned them as a core element of privacy-focused blockchain protocols like Aztec.

3. Aztec's Note System: A High-Level Overview

The cornerstone of Aztec’s privacy architecture is its innovative Note system. The Note system forms the foundation upon which Aztec enables private transactions on public blockchains such as Ethereum. A Note in Aztec is a cryptographic representation of value or an asset. Each Note acts as a unit of currency or asset on the Aztec network, similar to how tokens or balances are represented in traditional blockchains. However, unlike public token balances, Notes are encrypted, meaning their value and ownership are hidden from the public. Only authorized participants—those with the correct cryptographic keys—can access the underlying data.

Each Note has the following attributes:

• Value: The amount or asset represented by the Note.
• Owner: The entity in possession of the Note, typically a user or an address on the blockchain.
• Unique identifier: A cryptographic hash that uniquely identifies the Note on the network.
• Encryption keys: Cryptographic keys associated with the Note that control who can view or interact with the Note’s data.

In the Aztec system, every transaction involves creating or consuming Notes. When a transaction is initiated, new Notes are created to represent the resulting balances, and the old Notes (from the input side of the transaction) are marked as consumed. This ensures that the relationship between old and new Notes is confidential, preventing observers from tracing the flow of funds across the blockchain.

The confidentiality of Notes is maintained using zk-SNARKs, which allow the network to verify the correctness of transactions without revealing the details. For example, when a new Note is created, a zk-SNARK proof is generated to prove that the Note represents a valid transaction, even though the value and ownership of the Note are encrypted. The lifecycle of a Note within the Aztec protocol revolves around its creation, transfer, and consumption. These processes ensure that assets can move privately between users while preserving the integrity of the blockchain.

A Note is created whenever a user initiates a transaction that transfers value or an asset in the Aztec system. Each Note is uniquely identified by a cryptographic hash, which represents the Note's attributes—such as value and ownership—in a secure, encoded format. This cryptographic hash is then added to the Note Hash Tree (discussed in Chapter 5), where it is stored securely but without revealing the underlying details to the public.

When creating a Note, the following steps occur:

1. Note Generation: The user specifies the amount or asset they wish to represent as a Note, along with the recipient who will be authorized to own the Note.
2. Encryption: The Note is encrypted using the recipient’s public key, ensuring that only the recipient can decrypt and access the Note’s details.
3. zk-SNARK Proof: A zk-SNARK proof is generated to verify that the Note represents a valid transaction, without revealing its value or the parties involved.
4. Inclusion in the Note Hash Tree: The hash of the newly created Note is added to the Note Hash Tree, a Merkle tree that acts as the privacy-preserving ledger for Notes on the Aztec network.

The Note creation process is designed to ensure privacy while maintaining the verifiability and security of the transaction. Each step ensures that the value of the transaction remains hidden, and yet, the network can confirm that it abides by the rules of the blockchain. Transferring a Note from one user to another is a key function in the Aztec system. However, unlike traditional blockchains where tokens or coins are directly transferred, Aztec employs the creation of new Notes to reflect asset transfers. In essence, when a Note is transferred, it is “consumed” and replaced with a new Note that reflects the updated ownership.

The process of transferring a Note involves:

1. Consumption of Old Note: The Note that currently represents the asset is consumed, meaning it is marked as used and no longer valid for future transactions. This is necessary to prevent double-spending or reuse of Notes.
2. Creation of New Note: A new Note is created to represent the updated state of the transaction, such as new ownership or a change in value. This Note is encrypted with the recipient’s public key to maintain privacy.
3. zk-SNARK Proof Generation: As with the creation process, a zk-SNARK proof is generated to verify the validity of the transaction. This proof confirms that the old Note has been consumed correctly and that the new Note adheres to the rules of the blockchain, all without revealing transaction details.

The use of zk-SNARKs in the Note transfer process ensures that transfers can be verified while remaining confidential. The creation of new Notes for each transaction also helps to prevent tracing, as it breaks the link between old and new Notes, making it extremely difficult for an observer to follow the flow of funds. When a Note is consumed:

1. The Note is marked as consumed: The unique identifier (hash) of the Note is marked in the system as no longer valid.
2. A zk-SNARK proof is generated: This proof ensures that the Note has been consumed correctly and that no double-spending is occurring. It also verifies that any new Notes created from the transaction are valid and properly linked to the consumed Note, without revealing the details of the transaction.

This consumption mechanism is a key part of Aztec’s privacy architecture. It ensures that each Note can only be used once, and that any linkage between old and new Notes is hidden from the public ledger, thereby maintaining confidentiality. The Aztec Note system is integral to the privacy-preserving nature of the protocol. By using encrypted Notes to represent value or assets, Aztec ensures that transaction details remain hidden from the public, while still enabling the network to verify the validity of transactions.

Here are the key ways in which Notes contribute to maintaining privacy in the Aztec network:

1. Encryption of Value and Ownership: Notes are encrypted using the recipient’s public key, meaning that only the intended recipient can access the details of the transaction. This ensures that the value and ownership of assets remain confidential.
2. Breaking Transaction Linkability: Each time a Note is used in a transaction, it is consumed and replaced with a new Note. This process makes it difficult to link transactions together, as there is no direct connection between old and new Notes. Observers cannot easily trace the movement of assets across the blockchain.
3. zk-SNARKs for Verification without Exposure: The use of zk-SNARKs ensures that the network can verify the correctness of transactions without needing to know the transaction details. This cryptographic verification allows the network to maintain its decentralized and trustless nature, while still offering privacy.
4. Flexible Privacy for Multiple Use Cases: Aztec’s Note system is not limited to simple asset transfers. It can be used in a wide range of decentralized finance (DeFi) applications, such as private loans, confidential trading, and encrypted smart contracts. In each case, the Note system ensures that sensitive information is protected, while still enabling the blockchain to operate securely.

Conclusion

Aztec’s innovative approach to blockchain privacy leverages Zero-Knowledge Proofs and zk-SNARKs to balance confidentiality and transparency. Through its Note system, assets are encrypted and transactions remain private, while zk-SNARKs ensure the network can verify transactions without revealing sensitive information. Together, these technologies create a robust framework for secure, privacy-preserving transactions, positioning Aztec as a key player in the future of decentralized, confidential financial systems.

‍