Zk.Money v2 (Aztec Connect) logoZk.Money v2 (Aztec Connect)

Aztec Connect is an open source layer 2 network that aims to enable affordable, private crypto payments via zero-knowledge proofs.
This project is archived.
Value Locked

$5.30 M

8.77%

Canonically Bridged
$5.30 M (100%)
Externally Bridged
$0.00 (0%)
Natively Minted
$0.00 (0%)
  • Tokens
  • Daily TPS
    Coming soon
  • 30D tx count
    Coming soon
  • Stage
    Stage 0
  • Type
    ZK Rollup
  • Purpose
    DeFi
  • Chart

    ...

    Tokens

    Choose token

    Canonically Bridged Tokens (Top 15)

    Ether (ETH)
    Wrapped liquid staked Ether 2.0 (wstETH)
    Dai Stablecoin (DAI)
    Milestones

    Introducing Noir

    2022 Oct 6th

    Noir - programming language for zero-knowledge proofs, has been introduced.

    Learn more

    Mainnet Launch

    2022 Jul 7th

    Aztec Connect is live on mainnet, enabling private DeFi on Ethereum.

    Learn more
    Risk analysis
    EOL: Aztec team announced they are going to shut down the rollup infrastructure on March 21st, 2024. The escape hatch delay has been recently increased to ~136 years, meaning that users will not be able to exit when the operator will be shut down.
    Sequencer failureState validationData availabilityExit windowProposer failure

    State validation

    ZK proofs (SN)

    zkSNARKS are zero knowledge proofs that ensure state correctness, but require trusted setup.

    Data availability

    On chain

    All of the data needed for proof construction is published on chain.

    Exit window

    None

    There is no window for users to exit in case of an unwanted upgrade since contracts are instantly upgradable.

    Sequencer failure

    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. Proposing new blocks requires creating ZK proofs.

    Proposer failure

    Cannot withdraw

    Only the whitelisted proposers can publish L2 state roots on L1 within ~136 years from the last posted root, so in the event of failure the withdrawals are frozen.

    Rollup stage
    Zk.Money v2 (Aztec Connect)Zk.Money v2 (Aztec Connect) is a
    Stage 0
    ZK Rollup.
    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.
    Technology

    Validity proofs ensure state correctness

    Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. These proofs are then verified on Ethereum by a smart contract.

    1. RollupProcessorV2.sol#L706 - Etherscan source code

    Zero knowledge SNARK cryptography is used

    Despite their production use zkSNARKs are still new and experimental cryptography. Cryptography has made a lot of advancements in the recent years but all cryptographic solutions rely on time to prove their security. In addition zkSNARKs require a trusted setup to operate.

    • Funds can be stolen if the cryptography is broken or implemented incorrectly.

    1. Verifier28x32.sol#L150 - Etherscan source code

    All data required for proofs is published on chain

    All the data that is used to construct the system state is published on chain in the form of cheap calldata. This ensures that it will always be available when needed.

    1. RollupProcessorV2.sol#L686 - Etherscan source code
    State derivation
    Node software

    The entire stack’s source code is housed in a single monorepo, which can be found here. For instructions on running the node, please refer to this readme.

    Compression scheme

    No compression is used.

    Genesis state

    The genesis file is available here, and it includes accounts from zk.money as well.

    Data format

    The code to decode onchain data can be found here

    Operator

    The system has a centralized operator

    Only specific addresses appointed by the owner are permitted to propose new blocks during regular rollup operation. Periodically a special window is open during which anyone can propose new blocks, but only if the last root was posted more than ~136 years prior.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    1. RollupProcessorV2.sol#L692 - Etherscan source code

    Users can force any transaction

    Because the block production is open to anyone if users experience censorship from the operator they can propose their own blocks which would include their transactions. Periodically the rollup opens a special window during which anyone can propose new blocks. This is only possible if the last root was posted more than ~136 years prior.

    • Funds can be frozen if the centralized operator censors withdrawal transactions (CRITICAL).

    1. RollupProcessorV2.sol#L697 - Etherscan source code
    2. RollupProcessorV2.sol#L697 - Etherscan source code
    Withdrawals

    Regular withdraw

    The user initiates the withdrawal by submitting a transaction on L2. When the block containing that transaction is proven on L1 the assets are automatically withdrawn to the user.

    1. RollupProcessorV2.sol#L1042 - Etherscan source code
    2. RollupProcessorV2.sol#L1206 - Etherscan source code
    Other considerations

    Payments are private

    Balances and identities for all tokens on the Aztec rollup are encrypted. Each transaction is encoded as a zkSNARK, protecting user data.

    1. Fast Privacy, Now - Aztec Medium Blog
    Permissions

    The system uses the following set of permissioned addresses:

    Aztec Multisig 0xE298…8aaD

    Owner of ProxyAdmin contract, which is used to upgrade RollupProcessorV2. OWNER_ROLE on RollupProcessorV2: can enable capped deposit/withdrawals, can add rollupProviders (sequencers), can change delay before escape hatch, can change the verifier contract with no delay, can change defiBridgeProxy This is a Gnosis Safe with 1 / 2 threshold.

    Aztec Multisig participants 0x1D93…4fdD0x7fb9…Fc5f

    Those are the participants of the Aztec Multisig.

    Emergency Multisig 0x23f8…236F

    EMERGENCY_ROLE on RollupProcessorV2: Can pause the rollup. This is a Gnosis Safe with 2 / 15 threshold.

    Resume Multisig 0x6241…389a

    RESUME_ROLE on RollupProcessorV2: Can resume the rollup. This is a Gnosis Safe with 10 / 15 threshold.

    Lister Multisig 0x68A3…0b9e

    LISTER_ROLE on RollupProcessorV2: Can add new tokens and bridges to the rollup. Can’t remove tokens or bridges. This is a Gnosis Safe with 2 / 3 threshold.

    Lister Multisig participants 0xb143…8bC60x6fF2…c7C50x83F2…791d

    Those are the participants of the Lister Multisig.

    Actors allowed to call the processRollup function on the RollupProcessorvV2 contract.

    Smart contracts
    A diagram of the smart contract architecture
    A diagram of the smart contract architecture

    The system consists of the following smart contracts:

    Main Rollup contract responsible for deposits, withdrawals and accepting transaction batches alongside a ZK proof. The escape hatch delay is currently set to ~136 years)} The contract is pausable by Emergency Multisig. This contract stores the following tokens: ETH, DAI, wstETH.

    Can be upgraded by: Aztec Multisig

    Upgrade delay: No delay

    AztecFeeDistributor 0x4cf3…4927

    Contract responsible for distributing fees and reimbursing gas to Rollup Providers.

    DefiBridgeProxy 0xA1BB…1487

    Bridge Connector to various DeFi Bridges.

    Verifier28x32 0x71c0…8f69

    Standard Plonk zkSNARK Verifier. It can be upgraded by the owner with no delay.

    Can be upgraded by: Aztec Multisig

    Upgrade delay: No delay

    The current deployment carries some associated risks:

    • Funds can be stolen if a contract receives a malicious code upgrade. There is no delay on code upgrades (CRITICAL).

    Knowledge nuggets
    If you find something wrong on this page you can submit an issue or edit the information