Search

Search for projects by name

Zk.Money v1 (Aztec v1) logoZk.Money v1 (Aztec v1)

This project is archived.

About

Zk.Money v1 is an open source layer 2 network that aims to enable affordable, private crypto payments via zero-knowledge proofs.


Value Locked
$3.83 M1.89%
Canonically Bridged
$3.83 M
Externally Bridged
$0.00
Natively Minted
$0.00

  • Tokens
  • Daily TPS
  • 30D tx count

  • Stage
    Stage 2
  • Type
    ZK Rollup
  • Purpose
    Private payments
  • Sequencer failureState validationData availabilityExit windowProposer failure

    About

    Zk.Money v1 is an open source layer 2 network that aims to enable affordable, private crypto payments via zero-knowledge proofs.


    Value Locked
    Milestones & Incidents

    Aztec operator sunset

    2023 Jul 8th

    Aztec stops their rollup operators. Users now have to run the Rollup manually.

    Learn more

    Aztec 2.0

    2021 Mar 15th

    Private Rollup is live on mainnet, allowing user to access DeFi.

    Learn more
    Risk summary
    EOL: Ownership of the rollup contract is irrevocably renounced and Aztec is not running a rollup processor (operator). Users or third parties have to run the rollup system by themselves to withdraw or transact.
    Risk analysis
    EOL: Ownership of the rollup contract is irrevocably renounced and Aztec is not running a rollup processor (operator). Users or third parties have to run the rollup system by themselves to withdraw or transact.
    Sequencer failureState validationData availabilityExit windowProposer failure

    Sequencer failure

    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. Proposing new blocks requires creating ZK proofs.

    State validation

    ZK proofs (SN)

    SNARKs are zero knowledge proofs that ensure state correctness, but require trusted setup.

    Data availability

    Onchain

    All of the data needed for proof construction is published on Ethereum L1.

    Exit window

    Users can exit funds at any time because contracts are not upgradeable.

    Proposer failure

    Self propose

    If the Proposer fails, users can leverage the source available prover to submit proofs to the L1 bridge.

    Rollup stage
    Zk.Money v1 (Aztec v1)Zk.Money v1 (Aztec v1) is a
    Stage 2
    ZK Rollup.

    Learn more about Rollup stages
    Please keep in mind that these stages do not reflect rollup security, this is an opinionated assessment of rollup maturity based on subjective criteria, created with a goal of incentivizing projects to push toward better decentralization. Each team may have taken different paths to achieve this goal.
    Technology

    Validity proofs ensure state correctness

    Each update to the system state must be accompanied by a ZK proof that ensures that the new state was derived by correctly applying a series of valid user transactions to the previous state. These proofs are then verified on Ethereum by a smart contract.

    1. RollupProcessor.sol#L395 - Etherscan source code

    Zero knowledge SNARK cryptography is used

    Despite their production use zkSNARKs are still new and experimental cryptography. Cryptography has made a lot of advancements in the recent years but all cryptographic solutions rely on time to prove their security. In addition zkSNARKs require a trusted setup to operate.

    • Funds can be stolen if the cryptography is broken or implemented incorrectly.

    1. TurboVerifier.sol#L37 - Etherscan source code

    All data required for proofs is published on chain

    All the data that is used to construct the system state is published on chain in the form of cheap calldata. This ensures that it will always be available when needed.

    1. RollupProcessor.sol#L359 - Etherscan source code
    State derivation
    Node software

    There are three ways to run a node and use the escape hatch: By running the Aztec v2 Ejector during the escape hatch window, 2) by running falafel, 3) by running the SDK in escape hatch mode and connecting to an escape hatch server. The two latter methods are no longer recommended by the aztec team.

    Compression scheme

    No compression scheme is used.

    Genesis state

    No genesis state is used.

    Data format

    The data format used can be found here

    Operator

    No operator

    Only specific addresses appointed by the owner were permitted to propose new blocks during regular rollup operation. Since EOL, these operators are not processing the rollup anymore. Periodically a special window (escape hatch) is open during which anyone can propose new blocks.

    1. RollupProcessor.sol#L97 - Etherscan source code
    2. RollupProcessor.sol#L369 - Etherscan source code

    Users can force any transaction

    Because the block production is open to anyone if users experience censorship from the operator they can propose their own blocks which would include their transactions. Periodically the rollup opens a special window (escape hatch) during which anyone can propose new blocks.

    • Users can be censored if the operator refuses to include their transactions and users lack resources to propose blocks themselves.

    1. RollupProcessor.sol#L347 - Etherscan source code
    2. RollupProcessor.sol#L168 - Etherscan source code
    Withdrawals

    EOL: Manual withdrawal using Aztec v2 Ejector

    EOL: Ownership of the rollup contract is irrevocably renounced and operators are not processing the rollup. Assets in the escrow can be manually withdrawn with the Aztec v2 Ejector.

    1. Aztec v2 Ejector - Codespace template for running the Aztec v2 rollup.

    Regular withdraw (deprecated)

    The user initiates the withdrawal by submitting a transaction on L2. When the block containing that transaction is proven on L1 the assets are automatically withdrawn to the user.

    1. RollupProcessor.sol#LL396 - Etherscan source code
    Other considerations

    Payments are private

    Balances and identities for all tokens on the Aztec rollup are encrypted. Each transaction is encoded as a zkSNARK, protecting user data.

    1. Fast Privacy, Now - Aztec Medium Blog
    Permissions

    The system uses the following set of permissioned addresses:

    Rollup Providers (2) 0xf39F…22660xFcF7…8895

    Addresses that can propose new blocks during regular rollup operation.

    Smart contracts

    The system consists of the following smart contracts on the host chain (Ethereum):

    RollupProcessor 0x7379…A2ba

    Main Rollup contract responsible for deposits, withdrawals and accepting transaction batches alongside a ZK proof. This contract stores the following tokens: ETH, DAI, renBTC, USDT.

    AztecFeeDistributor 0x41A5…6734

    Contract responsible for distributing fees and reimbursing gas to Rollup Providers.

    TurboVerifier 0x48Cb…8Ce8

    Turbo Plonk zkSNARK Verifier.