Skip to content
Public repository for the AZTEC protocol
JavaScript Solidity Shell
Branch: develop
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci refactor(protocol): implement PR feedback Sep 8, 2019
.github chore: add files throughout Sep 11, 2019
packages feat(contract-addresses): sync 🤖 Oct 11, 2019
.commitlintrc.js feat: switch to yarn and upgrade dependencies Apr 8, 2019
.editorconfig Configured main AZTEC repo for lerna Jan 22, 2019
.eslintignore chore: add dist to ignore files Apr 25, 2019
.eslintrc.js chore: allow unused _ variables in eslint Jun 17, 2019
.gitattributes make gitHub's linguist detects solidity code May 24, 2019
.gitignore fix(protocol): removed huff and weierstrudel from .gitignore Aug 14, 2019
.huskyrc feat: switch to yarn and upgrade dependencies Apr 8, 2019
.prettierignore chore: add dist to ignore files Apr 25, 2019
.prettierrc feat: switch to yarn and upgrade dependencies Apr 8, 2019
.releaserc refactor: update READMEs and github files Apr 9, 2019
.solhint.json feat: switch to yarn and upgrade dependencies Apr 8, 2019
.solhintignore feat: switch to yarn and upgrade dependencies Apr 8, 2019
AZTEC.pdf Added white paper Jan 24, 2019
LICENSE Updated top-level and packages READMEs Jan 24, 2019 Update Sep 27, 2019
babel.config.js build: update babel Apr 25, 2019
lerna.json feat: switch to yarn and upgrade dependencies Apr 8, 2019
package.json fix(): remove dependency with security advisory Sep 13, 2019
yarn.lock build(protocol): downgrade truffle, so event logs logged to console Oct 3, 2019

AZTEC is an efficient zero-knowledge privacy protocol. The protocol powers real world financial applications on Ethereum mainnet today. A complete explanation of AZTEC can be found in our white paper.

CircleCI Coverage Status Semantic Release Commitizen Friendly Twitter License: LGPL v3

Warning 🚨

This is a proof of concept. The trusted setup was generated by our team internally. We will be releasing more information about the production trusted setup generation in the near future. Use at own risk.

Documentation 📚

There are two key sources of documentation:

  1. Protocol specification:
  2. aztec.js client side proof construction API:

Packages 📦

AZTEC is maintained as a monorepo with multiple sub packages. Please find a comprehensive list below.

JavaScript Packages

Package Version Description
aztec.js npm An aggregate package combining many smaller utility packages for interacting with the AZTEC Protocol
@aztec/contract-artifacts npm AZTEC smart contract compiled artifacts
@aztec/contract-addresses npm A tiny utility library for getting known deployed contract addresses for a particular network
@aztec/dev-utils npm Dev utils to be shared across AZTEC projects and packages

Solidity Packages

Package Version Description
@aztec/protocol npm AZTEC solidity smart contracts & tests

Private Packages

Package Description
@aztec/monorepo-scripts Scripts for managing the monorepo


To fiddle with the Cryptography Engine and create your own AZTEC notes:

$ yarn add aztec.js

Other goodies:

$ yarn add @aztec/contract-artifacts
$ yarn add @aztec/contract-addresses
$ yarn add @aztec/dev-utils

To see a demo, head to this tutorial.

For more information, check out our documentation.

Contributing 🙋


  • node >=8.3
  • yarn 1.15.2
  • solidity >=0.5.0 <0.6.0

Pre Requisites

Make sure you are using Yarn 1.15.2. To install using brew:

brew install yarn@1.15.2

Then install dependencies:

yarn install


To build all packages:

$ yarn build

To build a specific package:

$ PKG=aztec.js yarn build


To re-build all packages on change:

$ yarn watch


To clean all packages:

$ yarn clean

To clean a specific package:

$ PKG=aztec.js yarn clean


To lint all packages:

$ yarn lint

To lint a specific package:

$ PKG=aztec.js yarn lint


To run all tests:

$ yarn test

To run tests in a specific package:

$ PKG=aztec.js yarn test


What is the AZTEC Protocol?

The protocol enables transactions of value, where the values of the transaction are encrypted. The AZTEC protocol smart contract validator, AZTEC.sol, validates a unique zero-knowledge proof that determines the legitimacy of a transaction via a combination of homomorphic encryption and range proofs.

What is encrypted 'value'?

Instead of balances, the protocol uses AZTEC notes. A note encrypts a number that represents a value (for example a number of ERC-20 tokens). Each note has an owner, defined via an Ethereum address. In order to spend a note the owner must provide a valid ECDSA signature attesting to this.

What does this enable?

Confidential representations of ERC20-tokens

The AZTEC protocol can enable confidential transactions for any generic digital asset on Ethereum, including existing assets. For our proof of concept implementation of the AZTEC protocol, we attached an AZTEC token to MakerDAO's DAI token. This smart contract can be used to convert DAI from its public ERC-20 form into a confidential AZTEC note form.

Fully confidential digital assets

The AZTEC protocol can be utilized as a stand-alone confidential token, with value transfers described entirely through AZTEC join-split transactions

How much gas do these transactions cost?

The gas costs scale with the number of input and output notes in a join-split transaction. For a fully confidential transfer, with 2 input notes and 2 output notes, the gas cost is approximately 900,000 gas. Planned EIP improvements will reduce the cost of these transactions dramatically, to approximately 200,000 - 300,000 gas.

Where can I see this in action?

The AZTEC protocol is live today on the Ethereum main-net. Our proof of concept contract converts DAI into AZTEC note form and is live on the Ethereum main-net. Here is an example AZTEC join-split transaction.

Range proofs you say? How does that work?

Read the AZTEC paper here. The unique AZTEC commitment function enables the efficient construction and verification of range proofs. The protocol requires a trusted setup protocol, that generates a dataset that is required to construct AZTEC zero-knowledge proofs

The Trusted Setup

Our proof of concept uses a trusted setup generated by our team internally. Whilst we would like to think you can trust us implicitly, we have developed a method of performing the trusted setup via multiparty computation. Each participant generates a piece of toxic waste that must be destroyed. Only one participant must destroy their toxic waste for the protocol to be secure and the trusted setup process can scale indefinitely. We will be releasing our full specification for the trusted setup protocol shortly.

Are AZTEC transactions anonymous as well as confidential?

The AZTEC protocol supports a stealth address protocol that can be used to obfuscate the link between a note 'owner' and any on-chain identity.

This sounds interesting! How can I get involved?

Anybody wishing to become early members of the AZTEC network please get in touch at

You can’t perform that action at this time.