Aztec 0 → 1 Ethereum was built on principles of transparency, decentralization, and trustlessness. While it’s pseudonymous, it is not fully private, and privacy matters. Aztec is solving Ethereum’s privacy problem while keeping its core principles intact. Here’s how it works 🧵

Our team just finished an audit of a GeometricMeanOracle built using Uniswap hooks, and we found an issue where a user with enough capital can manipulate the prices being stored. The interesting part of this issue is that it is a relatively unique finding related to v4 hooks.

With great privacy comes great responsibility.

Dear algorithm, Please show this post to every Security Researcher attending Devconnect. Join the Wonderland CTF: https://t.co/fzlphjiNjp Thank you.

Come play the CTF!!

Here are some resources if you wanna dive deeper right now. @wonderland: https://t.co/adjeANJP0t @aztecnetwork: https://t.co/4QBTLTG74o

- An Aztec transaction executes all private calls frist generating zk proofs and side effects from the calls - Proofs and side effects and sent to the public side where the rest of the execution happens keeping Privacy intact Aztec makes privacy a building block.

- Notes are Aztecs version of a UTXO and are the atomic unit of value or state - Nullifiers are emitted when Notes are spent preventing double spending - The private execution enviornment lives on your local machine and handles private state and private function calls

📓OK that was a lot lets summarize what we know so far. - Aztec’s state is handled via 5 merkle trees - Private and Public state is kept seperate and because zk they can talk to eachother - Accounts are smart contracts on Aztec

Next comes the main app logic. Enqueued public calls run allowing rollbacks if one fails. Finally, the teardown phase settles fees and refunds. This public phase runs at the chain’s tip, while private reads rely on historical roots and re-emit new notes to keep privacy intact .

🚦After receiving the proved transaction, the sequencer verifies the private proof and applies its effects in phases. It first commits non-revertible data like transaction-level nullifiers, then runs any setup logic.

The result is a proof plus a bundle of side effects Side effects fall into a few catagories: non-revertible, revertible, and any queued public calls. This package is handed off to the network for execution.

Every Aztec transaction begins in the wallet’s PXE where private calls are executed before any public calls. The PXE simulates private function calls against its synced snapshot of the chain, then proves them locally through a sequence of kernel circuits.

Even reading a note triggers the creation of a fresh note, ensuring no one can link accesses or trace ownership over time. 🪄 Now I mentioned that the private and public states can communicate without revealing secretss. Here is how that happens.

The note hash tree (append-only) stores new encrypted notes. The nullifier tree (indexed) records which notes have been spent. Aztec updates private state using a replace-via-append model: insert a new note, emit a nullifier for the old one.

‼️The nullifier proves the note has been used once, without revealing which note it was or who owned it. This prevents double-spends while keeping transactions unlinkable.

Only the intended owner can decrypt a note, but everyone can verify it exists in the global note tree. When a note is spent, Aztec emits a nullifier — a unique, deterministic fingerprint derived from that note and the spender’s secret key.

Any proofs needed for the private part are built locally in the PXE. 👾 In Aztec, state is not stored as balances like ethereum — states exist as notes. A note is a cryptographically committed, privately owned data object representing a discrete unit of value or state.

👛 Account abstraction is native on Aztecs. This is a key architechural compent that enables privacy as your wallet directly inteacts with the PXE. There it syncs the state in the PXE with the entire Aztec chain, it can prepare, and execute any private or public calls.

🕵️ Private state lives inside this exciting place called the PXE (Private eXecution Environment). The PXE lives on your device and handles encrypted notes and nullifiers. The coolest part, these Private and public worlds can interact — without revealing secrets.

🪻Aztec has are two worlds: Private and Public. Public state lives in the Public Data Tree which tracks contract storage. Every update is proven inside the rollup and settles on mainnet, guaranteeing correctness without re-executing everything on L1, calssic rollup behavior.