An artifact that allows you to hide in the chain and erase traces – Ethereum AZTEC Protocol Guide

As we all know, the blockchain of Ethereum is publicly visible. In other words, whenever you transfer an ERC-20 Pass or any other digital asset, you will leave a record on the blockchain , which can be easily monitored by any third party.

At the same time, with the help of blockchain browsers such as Etherscan and Blockscout, third parties can also find the history of activities on all of your blockchains.

It can be said that your activities on the blockchain seem to be "streaking" , but don't be afraid, we can protect our privacy through some means. For example, you can open accounts with multiple cryptocurrencies, but you must always remember not to associate these accounts.

Take the situation that is common in our daily life. What should I do if there is a sudden shortage of money in one account? These rules will be a nightmare when you use cryptocurrencies. Is there a more elegant, more technical solution?

The best way is to use AZTEC (a privacy agreement built on Ethereum). In this article, I will not tell you the underlying cryptography techniques used in the protocol, just like your high school teacher. Let's talk a little bit easier, talk about the practical application of this agreement, which is our theme today – how to use AZTEC to develop privacy certificate .

It is no exaggeration to say that the AZTEC agreement is my hard work.

Before I started, I assumed that you are already an old driver of the "chain" and have a basic understanding of some common sense:

  • Ethereum development using the Truffle framework;
  • Zero knowledge proof
  • Cryptography and Ellipse Curve Cryptography

Also, make sure you have node.js and npm installed on your computer. Next we use npm to install the Truffle framework with just one line of instructions:

After talking about the most basic blockchain common sense, now let's go over the dry goods to talk about the core technical concepts.

Understand the AZTEC agreement

If you compare Ethereum to a country , then the AZTEC agreement is a forest .

In the Ethereum country, people interact and finance their business through decentralized applications, and they are free to move to the city they want to go (free choice of wallet software). I think the AZTEC agreement is a quiet forest in this country. People can come to the forest to avoid tracking. Before entering the forest, your activity on the blockchain is publicly visible, and once you step into the forest, all your transactions. They are all confidential .

Just like the beautiful landscape below, it can represent what I said about entering the AZTEC agreement. Under normal circumstances, the activity on your blockchain is as clear as the landscape in this picture, and once you cross the arches in the picture, the whole world (Ethereum) will gradually blur and eventually be forested (AZTEC agreement) Hidden .

There is a basic concept in AZTEC called notes . Records are the “first class citizens” and core primitives in the agreement (operating system or computer network terminology, which is a process consisting of several instructions for completing a certain function).

When you use zero-knowledge proof technology to trade, the smart contract does not store any balance information, only the elliptic curve points (the cryptographic concept can be simply understood as a component of the zero-knowledge proof mechanism), and the elliptic curve Points are only calculated for third parties that do not have a private key to decrypt.

It is important that we correctly distinguish between the most common ERC-20 standard and the AZTEC protocol's privacy standard ERC-1724.

In principle, the former stores the mapping between the Ethereum address and the unencrypted balance, while the latter encrypts the balance . I like to compare AZTEC records to Bitcoin's UTXO (Unspent Transaction Output) model, because the process of recording on AZTEC is very similar to it.

The following is the content of a record, we can classify them by visibility:

  • Publicly visible (Public): owner, encrypted amount
  • Private only (Private): Key spent, amount

In order to save time, we are not here to talk about the cryptographic techniques of the bells and whistles. But before programming, you need to be aware that the AZTEC protocol requires a trusted setup. This article first uses the trusted settings generated internally by our team. This is only for introduction. Because the production environment is very complicated, different situations need to be treated differently.

The part of the code is coming.

First, copy the code base and install the node module as follows:

In the process, the console may pop up a lot of information about the two hash functions scrypt and keccak, don't care, because we use aztec.js, and it calls the Ethereum web3.js library, which generated Some dependencies on cryptography.

There are a few important steps you need to perform before actually running the showcase:

  • Create an accounts.js file in the src folder where the source code is stored. You only need to set up two accounts. You can refer to a sample file named accounts.js.example for the specific setting method.
  • Create an .env file in the root of the project and populate it with the following properties. Similarly, the folder also contains a sample file called .env.example;
  • Deploy the Smart Contract with Privacy Pass to the Ethereum Test Network Rinkeby, which you can do with the Truffle framework:

Next is the deployment environment variable, you can follow these steps:

  • CONFIDENTIAL_TOKEN_ADDRESS (Private Pass Address): Please note that the actual smart contract name is ZKERC20. You will get this after the Truffle framework successfully deploys the smart contract.
  • MNEMONIC (mnemonic);
  • INFURA_API_KEY: API access key for the INFURA managed node.

After completing the above steps, your project should now look like this:

Next run this showcase:

The middle needs to wait for a while because the transaction was sent to the Ethereum test network Rinkeby. After a few minutes, you will receive a list of receipts in the console. Congratulations, you just transferred the first privacy pass on Ethereum!

Now let's take a look at the source code in src / demo.js.

Create record

This can be done with the following code:

The specific steps are as follows:

  • Generate some random accounts, here we must use the elliptic curve "secp256k1" to generate the public key private key pair, because the AZTEC protocol requires the account's public key, not just their address;
  • Create 4 records, the first two records belong to the first account, and the last two transfer 8 from the initial total of 10 passes to the second account.

To better understand Step 2, recall what we just said, AZTEC's record is similar in nature to the Bitcoin UTXO model . When a person transfers funds, he must convert the balance into a new set of records, as opposed to Ethereum's trading specifications using a balanced model.

In addition, I distinguished the account used in Ethereum (the account in src / accounts.js ) from the randomly generated AZTEC account (the demo script generated a file called aztecAccounts.json ).

Proof of creating an object

This can be done with the following code:

The above code proves:

  • The claim owner publicOwner is happy to convert 10 publicly visible ERC-20 passes to the AZTEC Privacy Pass;
  • The first randomly generated AZTEC account became the new owner of the certificate. Recall that the first two records each have a value of 5 passes and are owned by the AZTEC account.

Let's take a look at another set of code:

The above code proves:

  • Transfer 8 passes to the second AZTEC account in full maturity zero-knowledge proof;
  • The first two inputs are destroyed, so that the first AZTEC account can no longer reuse them in the future.

We need this code to interact with a smart contract called "NoteRegistry", which is unique to each Privacy Pass. You can think of proofHashes in your code as a list of unique identifiers that were previously generated.

Approve

In the code, we created some passes and granted the NoteRegistry smart contract the right to spend them from the ERC-20 smart contract.

Like ERC-20, NoteRegistry needs to be granted permission to use AZTEC certification. We recognize that this is an area that requires active research, and we are also researching ways to dramatically improve the user experience.

Transfer certificate

Finally, and the most interesting part: calling the Privacy-Certified Smart Contract for a pass.

Please note that the first transaction only transfers the ERC-20 Pass, so the third party can analyze the number of passes that have been transferred. But the second transaction is completely confidential.

The following is the mind map of all the operational logic of our article:

Written at the end

A large amount of pre-approval is required before the transfer of the privacy pass is triggered. As mentioned earlier, this is the direction we will improve next.

The Solidity version used by the AZTEC protocol is 0.4.24, so you need to specify a compatible version when using the OpenZeppelin library, which is 2.0.0.

When AZTEC smart contracts have only one user, privacy is greatly reduced. Since the money deposited through the ERC-20 Pass is publicly visible on the blockchain, the third party can compare it to the total amount held by the smart contract to roughly infer the user's transaction . In other words, the more users join AZTEC, the better its privacy.

The following is an exhaustive list of the packages used in the AZTEC protocol in this article:

Aztec.js

@aztec/contract-addresses

@aztec/contract-artifacts

@aztec/dev-utils

@aztec/protocol

The source code for all of these programs is available in our main library, monorepo.

Resource expansion

If you like this tutorial, or are interested in privacy deals, or would like to know more.

Please check out the following two forms of fully-formed zero-knowledge proof, using some AZTEC proofs to transfer 10 ERC-20 passes:

address:

Https://rinkeby.etherscan.io/tx/0x85ab17ab8290bad0d91501083c571a63e8715a0d425828df4c0b36accb11d077

Https://rinkeby.etherscan.io/tx/0xf5dbaf357e09abf2d4151974bdfae5e20317043b155ff653b03fbd137c940a84

 

Source | Paul Berg

Compile |

Editor | Aholiab

Produced | Blockchain Base Camp (blockchain_camp)