| title | Vendor: Aztec Rollup |
|---|---|
| status | draft |
| maturity | production (Ignition Chain) |
Aztec is a privacy focused rollup (or zk-zk-rollup) on Ethereum that enables private transactions and programmable privacy. It is a fully programmable network where applications can access both private and public state.
It uses the Noir language along with the Aztec.nr framework to write smart contracts with a hybrid execution model: private functions execute client-side (for privacy), while public functions execute on the network (for transparency/auditability).
- pattern-noir-private-contracts.md - Noir private smart contracts
- pattern-privacy-l2s.md - Privacy-native rollup execution
- pattern-shielding.md - Shielded ERC-20 transfers and confidential balances
- pattern-shielding.md - Confidential ERC-20 transfers
- Fully private EVM
- High througput but public rollups
- Hybrid State Model
- Private state (UTXO-based) is managed by the wallet on the user's device.
- Public state (Account-based) is managed by the AVM (Aztec Virtual Machine) on nodes.
- Smart contracts are written in Noir using the Aztec.nr framework.
- Proof system: Honk (UltraHonk) and UltraPlonk. Honk allows for fast recursion and removes the need for a trusted setup.
- DA model: Rollup posts data to Ethereum L1 using EIP-4844 Blobs.
- Settlement: Decentralized sequencers; L2 validity proofs are verified on Ethereum L1.
- Private transfers: Optional shielding of token amounts, counterparties from the public chain.
- Selective disclosure: Users can export viewing keys for auditors/regulators.
- Programmable privacy: Circuits allow private execution of DeFi-like logic (DEX, lending) within Aztec.
- Financial institutions: private stablecoin transfers and settlement.
- Asset managers: confidential DeFi strategies and portfolio movements.
- Corporate treasuries: cross-border payments with regulatory audit but hidden competitive data.
- zkSNARKs: Plonkish proving system with efficient verifier contracts.
- UTXO note commitments with nullifiers to prevent double spends.
- L1/L2 communication relies on "Portals". These are pairs of contracts (one on Ethereum L1, one on Aztec L2) that pass messages asynchronously via the rollup contract, enabling token bridges and cross-chain governance without trusted 3rd parties.
- Native account abstraction at the protocol level; all accounts are smart contracts.
- Decentralized sequencer (Fernet), block production uses a randomized leader election (VRF-based) to select sequencers, ensuring fair participation. It includes a Based Fallback mechanism, allowing users to submit transactions directly to L1 if the L2 sequencers attempt to censor them.
- Strong privacy guarantees for: any private data, private function execution, private smart contract code, privacy over who executed the functions.
- Programmable privacy smart contract execution extend beyond simple shielded transfers.
- Mature research team with open-source infrastructure and audits.
- State Synchronization, users must download and trial-decrypt note history to discover their funds (cannot simply query a balance). Wallets must actively track, discover, and consume Notes, creating sync bottlenecks compared to public L2s.
- Client-Side Proving, private execution requires local proof generation (via PXE), demanding significant compute resources for end users.
- Compliance vs. Permissionlessness, While "Selective Disclosure" exists, it is unclear if regulators will accept retroactive auditing over proactive censorship (e.g., OFAC lists at the sequencer level).
- Performances, this system requires a lot of engineering at the cost of a lower throughput, raising the question of use cases that it could tackle.