Layer by Layer: A Guide to Aztec’s Security Approach

Fork your system if you want fork.

Aztec Connect represents the culmination of years of cutting-edge cryptographic research, signaling a new privacy paradigm for Ethereum.

As a result, we are pursuing a security-first approach to unleashing its full functionality — starting with last week’s test deployment of contracts to mainnet Ethereum and reinforced by the offer of bug bounties totaling $2 million in partnership with ImmuneFi.

See our full Bug Bounty announcement here

A New Paradigm

Private DeFi transactions have never been done on Ethereum before. For the first time ever, Aztec Connect allows for the direct encryption of generalized Layer 1 computation.

Aztec Connect changes the paradigm. It allows for arbitrary integration of Aztec’s zkRollup with any Layer 1 smart contract, bringing ironclad privacy and cost-reduction to nearly any Ethereum use-case.

State 0+

Aztec Connect also offers myriad upgrades to system architecture and capability:

  • Scaling the rollup to 896 transactions
  • Transaction-chaining for faster fund settlement
  • Gas savings via optimizations to our root verifier circuit
  • Multi-asset DeFi interactions
  • Flashbots support and integration

Given the amount of technical complexity, we have decided not to upgrade the rollup’s contract on Layer 1 and instead hard fork the protocol, creating a new state root that will encapsulate all Aztec Connect transactions going forward.

Existing payments and account balances (“old” will remain isolated in their own state, meaning any bugs present or exploited in the former system will not carry over to the Aztec Connect release, while users who wish to retain funds on the older, battle-tested system can still use private payment functionality there during the migration period.

Alias Migration

In the coming days, new account registrations will be paused on the existing system as we work to deploy Aztec Connect. Once the new system launches, existing user aliases will be seamlessly migrated, while access to the additional functionality of will be unlocked.

Note that only the most recent alias registered by each unique will be migrated.

Because we want to retain user aliases, the new system will start with non-zero state. Evidence that the new state contains only user alias information — and no funds or other potentially compromising data — can be proven with a simple tool we’ve built to verify the hard fork to be published as we get closer to our launch date of June 9th.

We think the usability upgrades–speed, throughput, and DeFi integrations–are well worth the cost of migration.

️ Aztec Controls

As the inventors of the PLONK proving system, we believe Aztec is at the vanguard of zkSNARK innovation. Because the technology is so cutting-edge, our philosophy has been to retain contract upgradeability in order to be able to “hot fix” critical bugs.

We recognize this carries a measure of centralization and core team control. In the interest of full transparency, we want to present the facts faithfully. Liveness and access to the Aztec system is controlled by two multisignature wallets:

  • A 4-of-7 administrative multisig that controls Aztec’s contract upgrade keys.
  • And a 2-of-8 multisig with emergency pause functionality. When emergency pause is enabled, rollup contract functions cannot be called, allowing for incidence response in case of severe issues with the rollup contract.

We expect the emergency pause multisig to be deprecated as the system proves its stability, with the administrative multisig removed over time in line with our longer-term decentralization roadmap.

System Escape Hatch

Because rollup construction is still undertaken by a single central validator operated by the Aztec core team, Aztec Connect has an “escape hatch” functionality to ensure system liveness:

Every 8 hours, a two hour escape hatch window opens for anyone to send rollup proofs to Ethereum to prove transactions and facilitate user funds exiting the system. During the escape hatch window, proof constructors are under race conditions; anyone can submit a proof but it’s first-come first-serve as to which submitter is accepted.

Our rollup provider is also open-source: anyone can build their own backup rollup provider and run it on reasonable community hardware.

See the full rollup provider repo here.

Transaction Limits

Initial deposits into Aztec Connect will be capped at 5 ETH and 10,000 DAI each, as a way to throttle deposit growth and slowly ramp up the deposit pool within this release of

We hope that intentional growth of the depositor set will achieve a number of aims:

  1. Allow the most dedicated Aztec users to test our system live on mainnet
  2. Grow confidence in the security of the system in a deliberate manner
  3. Encourage white hat developers to examine our codebase in production and participate in the bug bounty with real funds at stake

Our plan is to raise the caps according to the following timeline:

  • Month 0 (launch): 5 ETH, 10,000 DAI
  • 1–3 months: 15 ETH, 30,000 DAI
  • 3–6 months: 50 ETH, 100,000 DAI

Users should treat this version of our smart contracts as a beta — and be aware that despite external and internal audits, this is experimental technology.

Audit Repos

There are three core components that make Aztec Connect work:

  1. Underlying cryptography
  2. Core rollup contracts
  3. Bridge Contracts (community-written interfaces)

As of May 26th, we have completed our internal audit of Aztec Connect’s upstream contracts and cryptography systems.

See our public code repo here.

An external audits of the rollup smart contracts with Solidified has been returned with two minor vulnerabilities patched.

See our smart contract audit by Solidified here.

A cryptography fuzzing audit with Sentnl has also been completed and returned.

See the cryptography fuzzing audit by Sentnl here.

External audits of the two launch integrations–Lido and Element–have also been completed. As we roll out further integrations, each will be reviewed in turn by Solidified.

∴ Conclusion

Aztec has a unique position at the leading edge of the crypto world, deploying breakthroughs in zero knowledge to Layer 1 Ethereum. Despite this, security is our number one priority, and we will continue to build the safest, easiest to use generalized privacy solution in blockchain today.

Thank you for your ongoing support, and we can’t wait for you to use the services you love and trust, all with the safety of Aztec privacy.

Build with Aztec Connect SDK

Are you a developer who wants to bring privacy to your favorite DeFi protocol? If you build it, we’ll fund it.

Aztec Grants Program:

Connect Starter:

Help make privacy a no-brainer.

‍ ‍ ‍ Join the Aztec Community

We’re always on the lookout for talented engineers and applied cryptographers. If joining our mission to bring scalable privacy to Ethereum excites you — check out our open roles.

And continue the conversation with us on Discord or Twitter.