The future of zero-knowledge with Aleo
February 16, 2021

The future of zero-knowledge with Aleo

This is the third article in a series that explores the evolution and value of privacy in today’s digital world, and the opportunity for zero-knowledge technology to level the playing field. Check out the first post How Zero-Knowledge is Rebalancing the Scales of the Internet and our second What Does Transparency Cost You?

Privacy is critical for a complete user experience in Web3

Though public blockchains have provided immense financial access, the fact that transactions are transparent and open for all to see leaves opportunities for exploitation and arbitrage.  

One proposed solution is absolute privacy. But by obfuscating absolutely everything about a transaction, absolute privacy precludes programmability. The example of decentralized finance (DeFi) has shown the importance of programmability for any expressive blockchain network. Until now, users have had to choose between the two: privacy or programmability. For example, Zcash gives users complete privacy, but limited programmability. Ethereum provides powerful programmability, but limited privacy. What we would like is a protocol that is both private and programmable. Such a protocol would ensure that users are not exploited, yet enable powerful on-chain applications and composability between them. This is why we built Aleo.

Aleo is the first decentralized, open-source platform to enable both private and programmable applications.

Through opt-out privacy by default, Aleo enables a sustainable, equitable Web3 world that can meet developer, consumer, and enterprise needs.

Aleo uses zero-knowledge cryptography to achieve both privacy and programmability. Zero-knowledge cryptography and zero-knowledge proofs allow third parties to verify the truth of a piece of information without us needing to reveal it directly. Aleo uses this as the foundation of a system called ZEXE (Zero-Knowledge EXEcution). In ZEXE, users execute state transitions offline. This process produces a proof, which is bundled into an on-chain transaction. This transaction updates the state of the system by consuming/creating on-chain records. Like Zcash, this system gives us strong privacy guarantees, as the transactions contain only the proof, not the inputs that generated it. And like Ethereum, ZEXE can support smart contracts that enable users to interact or transfer value in a pre-defined way.

To give a concrete example, let’s consider a decentralized exchange (DEX) on a public smart contract blockchain. A DEX is a decentralized application that enables users to buy or sell tokens on-chain without needing to find a specific buyer or seller. Unlike the centralized version (like Coinbase or Binance), a DEX enables users to maintain custody of their own assets.

Decentralized finance (DeFi) exploded in 2020, putting DEXes in the spotlight. The largest on-chain DEX, Uniswap, has processed over $25B of volume so far in 2021. But on a public blockchain, they create opportunities for one’s identity (and thus full financial history) to be revealed. As discussed before, the transparent nature of this system opens up users to exploitation. Of course, you could cycle accounts to make it more difficult for your real identity and on-chain identity to be linked. But doing so is complex and inconvenient for a user. And even in the best case, there are still many ways for your identity to be associated with an on-chain pseudonymous address. Since the data stored on the blockchain is permanent, once that association is made it can never be broken.

Aleo addresses this risk by applying privacy to the most fundamental components of any application - users and transactions.

To state it simply: every application on a decentralized network is a series of users (people or smart contracts) transacting with one another in varying degrees of complexity. Any privacy solution, therefore, has to ensure both those atomic components of any application are private.

For a DEX, this means making counterparties anonymous. This means that a user’s activity cannot be tied to a particular address or account on the Aleo blockchain. By also hiding the details of any transaction, Aleo ensures that even broad contours or patterns of financial activity cannot leak any identifying information. 

When you make a trade on a DEX in Aleo, you compute the updated account balances off-chain based on the exchange rate. This trade is finalized by submitting a zero-knowledge proof as a transaction to the Aleo network, which indicates an action has occurred. The proof alone does not include any information about what the action was, on which exchange it was executed, or who was involved. Yet the underlying cryptography should convince all participants that the trade was executed and all balances updated correctly.

For example, let’s say you want to trade Token A for Token B on an Aleo-based DEX. First, you will need to prove to the DEX that you have enough of Token A in your possession to complete the transaction. But because this information can be shown through a zero-knowledge proof, this does not mean revealing your wallet balance or trade history. Instead, you can reference an on-chain proof (a record) of a prior transaction to show that you have a sufficient balance to trade. In the process, the exchange never learns:

  1. the amount of tokens you own,

  2. where you got those tokens from,

  3. if you’ve ever transacted on the DEX before.

Altogether, this creates a DEX ecosystem that is not only entirely private and scalable for users but also replicates a key feature of smart contract blockchains like Ethereum: composability.

The idea that applications can plug into each other in increasingly complex ways on an open platform is known as composability. Composability is a powerful concept that enables, among other things, Ethereum’s DeFi ecosystem. Although Aleo ensures full privacy, certain applications could leverage public sources of data (either published in a record alongside a proof, or off-chain) to make private smart contracts composable. This opt-out privacy model eliminates many of the cost-extracting consequences of transparent blockchains. And yet it empowers users to control when and how they interact with applications while only revealing what they choose to. Thus, Aleo enables applications that are programmable, composable, and private.

Breaking Down Aleo

At Aleo, we offer industry-leading infrastructure and tooling for writing zero-knowledge applications.

Our goal is to provide an end-to-end pipeline for developers to write, run, and deploy private applications seamlessly, using our complete set of tools for programmable zero-knowledge, enumerated below:

  1. Leo - To write private applications on Aleo intuitively and easily, we have developed a programming language called Leo. Leo looks and feels just like a traditional programming language. Yet under the hood, Leo is far more complex. Leo abstracts low-level cryptographic concepts and makes it easy to integrate private applications into your stack.

    Leo introduces a high-level syntax that makes it easy to write and intuitive to express logic in zero-knowledge. The Leo language was influenced by traditional programming languages like JavaScript, Scala, and Rust, with a strong emphasis on readability and ease-of-use. Under the hood, Leo converts a developer’s high-level code into zero-knowledge circuits.

  2. Aleo Studio - To jumpstart the development cycle, we have built Aleo Studio, the first IDE for writing zero-knowledge applications. Aleo Studio is an interactive development environment for writing zero-knowledge applications in Leo. For developers, Aleo Studio is designed to simplify the development cycle and make it easy to publish your Leo project as a package to the ecosystem.

  3. Aleo Package Manager - To make it simple to bundle and share your work, we have built a package manager for Leo. Aleo Package Manager is the first package manager for zero-knowledge circuits. It includes collaborative features like teams and organizations to make it easy to work with friends and colleagues on private applications. In addition, Aleo Package Manager is integrated with Aleo Studio, making it easy to import and publish new packages without having to leave the editor.

  4. snarkOS - Aleo runs on a decentralized operating system for private applications called snarkOS. It forms the logical backbone for state transitions, and enables applications to verify and store state on the Aleo blockchain in a publicly verifiable manner. snarkOS enforces data availability guarantees on Aleo for all programs and transactions. Moreover, our consensus mechanism ensures verifiers compute zero-knowledge proofs to checkpoint state on-chain.

These tools will enable developers to build the next generation of smart contracts. Aleo can express powerful DeFi primitives like stablecoins or decentralized exchanges. Yet all transactions are totally private, putting the developer and user in control.