Unchained - With Aztec's Ignition Chain Launched, Will Ethereum Have Decentralized Privacy? - Ep. 958
Episode Date: November 23, 2025Check out our sponsor Uniswap! Fresh off the launch of Ignition Chain, Aztec’s co-founders Zac Williamson and Joe Andrews discuss why they’re rolling out a privacy-preserving L2 now, how they’r...e approaching decentralization from the start, and why they chose a token sale instead of the airdrop model. They also explain why they believe most L2s have evolved into “parasitic” ecosystems, how Aztec plans to avoid those incentives, what the AZTEC token is meant to do, and what’s changed in the broader privacy renaissance across crypto. Guests: Zac Williamson, Cofounder of Aztec Network Joe Andrews, Co-founder and President of Aztec Network Links: Unchained: Vitalik Unveils New Ethereum Privacy Toolkit 'Kohaku' ETH's HTTP Moment? How Ethereum Interop Layer Hopes to Fix L2 Fragmentation Zcash Developer Reveals Q4 Roadmap What’s the Best Way for Ethereum to Grow? Justin Drake and Martin Köppelmann Debate Why the Privacy Coins Mania Is Much More Than Price Action CoinDesk: Privacy-Focused Aztec Network's Ignition Chain Lights Up Timestamps: 🎙️ 0:00 Introduction 🚀 1:30 Why Aztec launched Ignition Chain and how it works 🔒 6:01 How Aztec’s privacy model differs from Ethereum’s efforts — and from Zcash ⏱️ 15:52 Why Aztec has large block times 💸 17:28 Are fees expensive on Aztec? 👥 22:04 Zac & Joe’s backstory — and how Aztec was born 🏗️ 25:21 Why they built an L2 on Ethereum instead of a standalone chain 🤝 28:38 Whether Aztec competes with — or complements — Ethereum privacy tools like Kohaku 🎯 31:40 Who Aztec is for and the use cases they’re targeting 🆔 34:50 What ZK Passport is and why it matters 🌅 35:57 Whether the privacy renaissance surprised them 🕶️ 39:42 What private DeFi on Aztec could unlock ⚡ 43:36 Why Zac says most L2s are “parasitic” and why Aztec isn’t 🛠️ 46:07 How Aztec plans to decentralize from day one 🪙 50:15 The role of the AZTEC token and details on the upcoming ICO 🎯 53:25 How they aim to run a “fair” token sale 🌍 59:20 Why most countries, even the U.S., can participate in the ICO 💻 1:00:22 Why Aztec built its own programming language ⚖️ 1:07:29 Whether the Tornado Cash case made them hesitant to ship privacy tools 📱 1:11:48 The apps Zac and Joe are most excited about on Aztec 🎮 1:16:31 Why Zac is bullish on ZK-powered onchain games Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
We've been running kind of a test net for this since May and had 10,000 plus nodes on the test net.
But doing it on Ethereum main net with real economics was like the final kind of piece of the puzzle.
So we're going to run that.
Well, they're going to run it for the next two, three months.
And then early next year, they'll turn on transactions.
And then the whole network will be live.
Private world computer will be running.
And you'll have privacy on Ethereum, which is kind of what we've been waiting for.
longer time we want ASEC to be the global exchange and settlement platform for the world's assets.
Not digital assets, but all assets.
Hey, everyone. Welcome to Unchained. You're no-hyped resource for all things crypto.
I'm your host, Laura Shin. Before we get started, a quick reminder. Nothing you hear on Unchained as an investment device.
This show is for informational and entertainment purposes only. And my guest and I may hold assets discussed on the show.
For more disclosures, visit Unchained Crypto.com.
Today's guests are Zach Williamson, co-founder of Aztec Network, and Joe Andrews, co-founder of Aztec Network.
Both of them are co-founders.
Welcome, Zach and Joe.
Thank you.
Thank you so much for having us.
Are you a builder who needs to add on-chain trading to your product?
The Uniswop Trading API from Uniswap Labs offers plug-and-play access to some of the deepest liquidity in crypto.
It's on-chain execution at an enterprise level.
More liquidity, less complexity.
Visit hub.uniswop.org to learn more.
So Aztec just launched Ignition Chain.
Congratulations.
Tell me about it.
And Zach, why don't you start?
All right.
So this has been something seven years in the making.
So the ignition chain is the production of ASTIC blocks on the Ethereum mainnet.
I should probably say what ASTIC is, right?
So we are fully private, fully decentralized layer two on Ethereum.
where we want to take the world computer architecture that Ethereum created
and private information into it so that you can do private identities,
private data, and have smart contracts that reason about that,
effectively a private world computer.
And ignition is a major part of our rollout process
where we have fully decentralized block production,
and maybe Joe can talk more about that.
Yeah, so kind of launching decentralized, we wanted to do it in stages.
And so the first stage of this is what we call ignition.
It's a bit like Ethereum's beacon chain.
So we've deployed the exclusion environment without transactions on Ethereum mainnet.
The gas limits affect three zero.
And what it really is is the governance system behind Aztec running on Ethereum.
So I think 1am on Wednesday nights, we had 500 different kind of sequencers all around the world,
stake their tokens and start block production.
We also had four different proving entities.
It's punished on this to come and prove the first blocks.
And the goal is to just ensure that block production works in a decentralized context on Ethereum mainnet.
We've been running kind of a test net for this since May and had 10,000 plus nodes on the test net.
But doing it on Ethereum main net with real economics was like the final kind of piece of the puzzle.
So we're going to run that, well, they're going to run it for the next two, three months.
And then early next year they'll turn on transactions.
And then the whole network will be live.
Private World Confuciil will be running.
And you'll have privacy on Ethereum, which is kind of what we'll.
people have been waiting for. Wow. That's that's really cool. So explain what kinds of problems you
were trying to solve with ignition chain. I think it's one of the first times that an L2 is fully
decentralized. And so some people kind of in the L2 space of like push different aspects of
decentralization. But for us, decentralization is kind of, I think there's three parts to it.
There's ownership with the network, like who owns and controls the network and its governance. There's
who can produce blocks, normally sequencing, and then there's decentralized proving.
And so we've run all three of those with kind of the ignition chain.
And as a result, when the execution environment lives, it will be a, as goes live,
it'll be a stage two roll up, a stage 2L2, which is something we care very deeply about.
I think, like, the main goal is kind of testing that out and making sure it works as
intended before users can actually send transactions.
and so that's the main goal
and also just bootstrapping a staking set on Ethereum.
Other chains have kind of like
pushed the boundaries in one of those directions,
but it's rare to see kind of all three of those
be hit in kind of one release.
Do you want to add anything on that?
Yeah, well, it's pretty concise.
I think for us,
the incentives line up perfectly
to do this full decentralization.
You know, you normally have this great tension
in L2s where you want to launch quickly,
you want to get some traction, and then you're like, oh, I'll disinterlise later.
But if you're a transparent layer too and you're selling on differentiated block space,
what decentralization means is your transactions become so and more expensive.
And so there's this massive tension.
Whereas with Aztec, because our value proposition is privacy,
it's very important for us that our network is genuinely neutral and it's permissionless.
And that's, you know, we don't have centralized sequences because then there'll be huge pressure
from governments,
majorcies to put back doors into those.
Just like, for example,
if the internet ran through one corporate institution,
there'll be backdoors.
And there's going to be a backdoor in Aztec
over journalized dead bodies.
Yeah, yeah.
I think I would add, like,
a lot of people try and get privacy
through an intermediary.
And so you can have, like, you know,
centralized privacy.
That's how it works in Web 2.
But on kind of a blockchain,
we think it should be done through cryptography.
And so that's why decentralization is a key part of that to ensure that there is no intermediary sitting between you and the network.
It's a decentralized network.
And we use cryptography to get the privacy guarantees instead.
And so, you know, as you have been curing, you know, throughout, I would say, the last six weeks, there's a lot of privacy efforts and there's a lot of interest in privacy.
and the Ethereum Foundation also announced
that it was going to make privacy a priority.
So how are your efforts with Aztec and the ignition chain
different from other privacy efforts in Ethereum?
Yeah, so I think maybe I could discover a higher level, like, overview,
and we can dive into like how privacy on Aztec works.
And I think we realized nearly seven years ago now, maybe eight years ago now,
it's been a long journey, kind of like a fully transparent
blockchain was not going to meet the needs of the real world. When we started Aztec, we were trying
to put corporate debt onto Ethereum. And so we were trying to build a product. And it turned out
that product needed strong privacy guarantees. And so we kept running into this wall, talking to customers,
talking to institutions around the need for privacy. And fast forward a few years and Zach, you can see
it on his kind of outfit here. He wrote a paper in 2018 that we bought the Aztec.
Yeah, they're very dull.
Let's tell the audience, Zach.
Yeah.
Talk a little bit about your jacket.
Okay, yeah.
This was our designer Tiffany had a brain rave and made this up for me.
So it's got the front page of the very first cryptographic paper I ever published in 2018 on it that we originally called Aztec,
and that's what spawned the company, the network name.
And it's, yeah, it was our first privacy critical that allowed for confidential transactions on Ethereum.
It was by modern standards, it's very, very powerful.
primitive. It wasn't a roll up. It used old school crypto primitives and these weird things
called Bonnet Boy N signatures, but it did the job. And it started us on our path to where we are now.
It's funny because I think it was in 2018 my Halloween costume because it was 2018, the 10th anniversary
of the Bitcoin white paper. I was actually the Bitcoin white paper for Halloween that year.
And at the party, I went to literally only one person understood it. Like others were like, are you
Bitcoin and I was like, I'm not Bitcoin, but close. And I had like laminated front pages of the
Bitcoin white paper on my shirt, like attached to my body and people like couldn't figure it out.
And then one guy, one guy was like, thank you. So, but you figured it out. But anyway.
You're too early. But yeah. So you were referencing. Yeah. So I think like what I was trying to
get to was like we ran into this problem of needing privacy to get real world adoption. And I think
the reason that there's been so much kind of, I guess, attention on privacy coins,
see cash, all of these other things over the last kind of, probably last year, actually,
not just six weeks, is because blockchains are rubbing up to the real world a lot more than they
were kind of like three years ago. Like we were getting people to use them. And every time you
go and speak to an institution or real world users, the same question comes back, which is like,
well, who can see what? Who can see my data? Is it private? And so I think that's turned a lot
of focus on to needing privacy.
Blockchains have come on a long way since kind of like
2018. They're a lot cheaper. They have like a lot more features,
but they still don't have this feature that we've been building privacy.
And so I think that's why there's a lot more attention on it these days,
just because we're getting into the real world.
But how would you differentiate what you guys are doing versus something like
a Zcash or tornado cash or any of the other popular?
Yeah, yeah. So it's all about private composability.
So most of the privacy efforts that we're seeing are very application-level, application-layer-specific projects,
like Tornado Cash or like Kuhaku, which is like this suite of privacy tools on top for Ethereum.
And I think these things are very valuable.
I think it's fantastic that Ethereum is adding privacy as one of its core values because I think it needs to.
But if you're trying to retrofit privacy at the app player on top of a public chain,
you're going to run into this problem of composability.
Because let's say I want to build a private app on Ethereum.
I have my own ZK toolchain, right?
I've got my own logic for making proves and handling private state
because that doesn't happen at the protocol layer.
And now if I want to build another app that interfaces with that app,
well now I have my own tool chain that I need to build,
as well as the other tool chain for this other app I need to incorporate.
And this problem grows and grows and grows and grows and grows and grows
if you just want to have contracts to clean clear contracts
to the contracts.
So this is what we saw in 2018,
because that's how we start.
We started going, let's just add, let's have privacy to Ethereum, let's build that toolkit.
And then we realize, wait, the semantics of privacy is so different that to create usable
abstraction layers, you really need to actually build things from the ground up, which is what
we've done with Aztec. You need to be able to have a platform where you can write a private
smart contract with private storage, that is where you can just pull another smart contract,
which has his own private state, which can call other smart contractor and like,
and like random people are writing these contracts, you don't have to trust them.
And it just works out of the box, right?
We have this thing called the Pixie, a private execution environment,
which is basically the private part of the Aztec nodes that users run,
where it's basically this like one-stop shop to handle all your privacy needs, right?
Like our smart contracts expose, you know, nice APIs that you can,
that apps can call through the Pixie.
So like to call these private functions, to generate these proofs, to send transactions.
And if you don't have at the protocol level,
both like an understanding of private state, private state transitions,
and basic semantics around how to call private smart contracts
and the associated node software that handles it.
If you don't have that, then you get into a complexity explosion at the application layer
because the app layer has to handle it.
And it's going to be customer, it's going to be different for every different app,
and it's not interoperable and it's not composable.
But with that, like it is, and that's the real difference.
So explain, like walk me through a kind of transaction that's possible on Aztec or the ignition chain that isn't possible with any of the other privacy technologies.
Yeah.
Oh, yeah.
Yeah, I can try first.
And then maybe it's good to look at kind of like Zcash as an example.
So Zcash is like a chain that has a single asset.
And what you can do in Zcash is so you can shield that asset and you can send it around privately.
It's effectively one application on the chain.
on Aztec, it's like Ethereum where you can deploy any smart contract to it,
but those applications have privacy and private state as a first class primitive.
So we could build C-cash on Aztec and we could use it, do it for any asset.
That would be like a simple use case.
Or we could build something much more complicated and build kind of a fully private decks,
like a dark pool where institutions could trade with each other.
And the logic of those trades would be enforced by a private smart contract.
So you could make sure you weren't trading with an institution who's not on the white list.
And the world wouldn't be able to see what's happening except the institutions in the group.
And so you can have much stronger degrees of kind of composability, programmability,
than a single kind of use chain that just has like one use case built into it.
So it sounds like it's like an Ethereum where everything is private.
Yeah, exactly.
Like you can have like ERC 20, but they're all private.
You can have it.
It's Ethereum where we've taken privacy and made it a first class primacy.
within the network.
And so Ethereum's missing that today.
And so that's basically been the goal of us,
our network for the last few years.
So what about, like, you know how in Zcash,
there's shielded transactions,
and then there's the public ones?
Like, are there these kind of hybrid-type transactions
on ASSEC or is everything just private?
So you have, the application developer has a choice.
So you're in our smart contract programming environment,
so it's a language we've written called Noir,
which is based on must.
You can create both private functions in your contract,
that handle private state
and public functions
that handle public states
and you can call the public ones
from the private ones
and so it's very much up
to the application developer
what they want to expose
what they need to expose
so can I give an example of transaction
because I'm just trying that bit
because I just choose something as possible
so let's say okay so as an entry point
we have account abstraction
so the first thing that gets called
is your account contract
let's see that validates
the Google authorization sign-in process
for your Gmail account
so you're basically proving
I have a Google account
You don't have a private key.
That's who you are for like a hot wallet for retail.
The next call that is made within that transaction is you want to talk to a private
decks that's handling some kind of assets, tokens that are like somewhat regulated or,
you know, the real world assets, they have some kind of compliance.
So your decks is now making a private call to private token contracts.
And those private token contracts might say make a call-outs to a private NFT contract
that validates that you have been issued a credential from
something like a ZK passport contract that issues credentials based on passport proofs to approve
your transaction. And so let's say it happens for both tokens. They then call back into, like,
return back into your, into the private's tax smart contract, which enacts the trade.
And so there you have a very complicated system where you have like the account contract using
Google Office. That's that's one component. You have a private decks. You have compliant token
standards and you have identity contracts. And they've all been written by different actors.
But they can all be composed together into what is from the user, for the user, an atomic singular transaction to execute a trade.
Wow.
That's so interesting.
And when you say that, like, meaning all within one block?
Yes.
Wow.
And what are the block times?
So it's, yeah, it's a good question.
So getting all this working has been kind of a huge engineering effort.
So at the moment, they're between 36 and 72 seconds, but the plan is to get them down to sub-Etherium.
kind of...
Wait, I didn't hear you.
You said 70...
Between 32 seconds and 72 seconds,
depending on the sequence of availability.
The plan, by the end of 2026,
is there'll be below an Ethereum block
and we're targeting four seconds.
Okay.
And is the reason that it's like a longer block
because that there's more computation
because of the privacy or like...
At the moment, it's just because we're...
It's one of the first decentralized altus
and we want to kind of...
We've done a lot of firsts with this.
And so we wanted to make sure everything's reliable
and the sequences could basically choose a parameter in their node,
and they can crank it up over time.
And so that's kind of the state we're in right now.
It's mostly just, yeah, it's new software.
And if we go, you know, try and run 100 miles an hour on day one,
it will probably fall over.
And so we're going to ramp it up slowly.
Okay.
And do you have like a goal of, is it just the goal to be the same length as an Ethereum block?
Our kind of internal goal is four seconds.
Of course.
Yeah.
Yeah.
I think beyond that, it's kind of like,
Like, you know, we're not playing the kind of extremely high frequency kind of like trade.
Like you can always do that on an app specific chain.
And like, yeah.
Which we will be at the line.
Yeah.
Which could have much faster finality.
But doing that kind of like with the full decentralization of Ethereum, it's, it's kind of harder to get much faster than that.
And you get kind of like diminishing tradeoffs below four seconds already.
Okay.
And are transactions much more expensive because of all this cryptography keeping it all private?
Is it much more expensive?
I think certainly, you know, it's not going to be as cheap as purely transparent networks
because there's more data, right?
Because if your data is encrypted, it just there's more of it, which needs to put on
like blobs or, well, right now it's Ethereum blobs.
So I think it's still pretty cheap.
What are the numbers that we're...
We're targeting between like two and five cents for a basic payment.
And I think the majority of that, as Zach was saying, is all data going to Ethereum blobs.
If you kind of don't need to broadcast all that data because it's a bid, spear payment,
it will be kind of maybe a fraction of a cent.
The interesting thing about the Aztec architecture is for private transactions,
all of the compute happens on the user's device.
So if I'm proving a transaction locally with clients,
I'm proving I don't use the traditional model of asking blockchain nodes to execute for me.
I take the transaction, I execute it locally on my device,
and then I prove that it's executed correctly
and it follows the rules of Aztec
and I send the proof to the Memple
and all like for a purely private transaction
the only work sequence it needs to do
is verify the proof
which means that kind of
we get this kind of like
scaling effect around private transactions
and you can actually
what you're paying for in compute
is a lot less than a network like Ethereum
as a result. On the topic site
Basically the proving is like off-chain.
It's on the user's devices.
for private transactions, yeah.
Okay.
And then so the chain is more like lightweight
because you just have the proof.
The compute sequences are running
for private transactions is more lightweight.
For public transactions, it's the same as Ethereum.
So if you have like a transaction
that only has private functions
and in the smart contract, it's lightweight
for kind of a transaction that may decide
to do something publicly at the same time.
Like let's say it's using a UNISOP clone
and it has like a two public
pulls, then that would function like Ethereum and the SQL would have to execute that portion of it
to figure out what the state is. So it depends on how the transactions kind of composed.
Okay. Okay. And I just started of curiosity. So like on my phone when I do that, is it using like,
I'll hear, you know, this phrase trusted execution environment? Is it using like a TEE or what is it
using on my phone to do? It's using all available cores and kind of compute to construct down as
zero-nodged proof, which Jack can explain probably.
Yeah, yeah, so it's all using Zika proofs, not too easy.
So if you're sending a transaction on your phone,
your phone will be going,
and like running, running the truth,
like relative to all the other Zika stuff,
it's pretty damn fast,
but it's just like maybe like 10 seconds for the answer.
Yeah.
But no sensitive data leaves your device.
You have the private execution environment,
which is basically like a,
like a runtime environment on your phone.
it's not using only on enclaves or anything,
but if we've done my job,
quickly, it should not be possible for other applications
to get data from that, from the Pixie.
And so you're generating your proofs on the Pixie.
You're sending your proofs out to the world,
but no sensitive information leaves your device.
So you have no real need for IT.
But is it using the same part of the phone
that reads my eyes or whatever?
No, because the phone doesn't have,
like, that T doesn't have the kind of compute bandwidth
to make ZK proofs.
If you're, like,
if the program that you're executing requires,
digital signatures or it requires like sensitive credentials, then yes, that part will be,
the singers will be generated by the Seeker enclave, but the actual proof of everything,
that does happen just directly on the phone's bare metal.
Okay.
Hey, founders and developers.
If you're looking to bring on-chain trading to your product, wallet, or platform,
check out the new Uniswap Trading API from Uniswap Labs.
It's your plug-and-play gateway to global on-chain liquidity.
No deep crypto experience required.
and no need to manage complex integrations or ongoing maintenance.
With the Uniswap Trading API, you'll get Enterprise-grade on-chain execution,
combining both on-chain and off-chain sources for the most competitive prices.
Simply put, more liquidity, less complexity.
And this isn't just any API.
It connects directly to the Uniswap Protocol,
which has securely processed over $3.3 trillion in total volume, with zero hacks.
So stop worrying about liquidity infrastructure and focus on building your product.
Get access to the same liquidity that powers billions and swaps through one powerful API.
Visit hub.uniswap.org to learn more.
So before we get more details around, you know, the chain and the token sale and all these things,
I'm curious to hear how you guys gotten in crypto and how you came to found Aztec.
You want to start?
Okay, so, you know, everyone comes to blockchain.
from weird roots, you know, there's not like this all.
You can take a blockchain degree and get a blockchain internship.
So I was an ex-academic.
I was a particle physicist doing a PhD in op.
Then I basically crashed out of that.
Got my PhD and left because I decided I can't be an academic.
It's just not for me.
Begian a programmer, was at a bit of a loose sentence.
And then my brother at the time, who was an opera singer,
who strangely was massively into crypto because of one of his best friends,
said, Zach, my best friend who works in the city, he's trying to do this fintech thing on
Ethereum, he needs a technical co-founder. You know how computers work. Do you want to meet him?
And I'm like, I'm not doing anything interesting right now, so yeah, sure, why not?
And that's, for me, that's how that started. And then Joe joined very, very quickly afterwards.
Do you want to show your story? Yeah, I guess we both had a bit of a strange way into crypto.
I was previously kind of in the food tech industry, so I was like building...
Wait, did you say food tech? Yeah, food tech.
I didn't even know there was a food tech thing. But anyway,
I was like, you know, in America there was like kind of these meal delivery services,
like that kind of like food tech kind of bubble.
So I was doing that in kind of 2013 to 2017.
And I actually kind of met Vitalik and Gavin in 2013, I think it was in San Francisco in the
original like Ethereum like road show.
I didn't pay much attention to it because, you know, it was very early back then.
But I kind of followed it since then until about 2017.
And when the food delivery kind of company like that like didn't work.
out anymore. I joined an incubator in London called Entrepreneur First, and Zach and Tom were on
that with this kind of idea to put, uh, kind of, you know, corporate finance onto Ethereum. And I was like,
okay, this is, I've been learning about Ethereum for this time, but never jumped in. It was the right
time. And, um, so we joined that and we ran into kind of this problem of trying to put these
loans on Ethereum. And as a result, privacy was the problem we actually solved. So it was kind of a
roundabout way of getting in, but it's been, I think I, yeah, I think about it more about, like,
the reasons why we're here, not how we got here. And I think it's just based on, like, for me,
it's the impact that it can have on, on the world. And so previously in my life, it was like,
healthy meals did that. And then I was like, okay, this technology is way better than healthy
meals in terms of impact. So we can have, uh, it was such exciting to get into it. Yeah.
I mean, I remember, like, running into Joe, this accelerator, which we joined, because I'm, like,
going to Tom, like, he's a finance guy.
I'm like an ex-researcher, like, you know,
like tech guy. And I'm like, I'm like,
buddy, like, we don't know how to be entrepreneurs.
We need to go to entrepreneur school.
So it was Accelerator. And then we met,
we met Joe, and Joe's like,
Joe's very good at products, product design.
Like, he can make things look good. He can build products.
And I'm like, and I'm like, oh, my goal, we need this guy.
It's like, we need this guy to make build a product.
So, yeah, that's how we start the labrating.
I love it.
By the way, I did study abroad at Oxford
and I love it there.
It's amazing, yeah.
Yeah.
Beautiful place.
Yeah.
And so out of curiosity, because, so I understand you, you were introduced to Ethereum
and you were interested in privacy, but, like, why did you decide to build it as an L2
on Ethereum?
Because, you know, you could have, like, built your own chain that was EAM compatible.
I mean, there's so many other ways you could have gone about it.
So, like, why the structure?
It was controversial at the time, because we started this L2 a long time ago.
And I remember, like, some other vices going, like, why are you doing this?
You know, it's going to be less valuable.
You can raise way more money as an L1 than an L2.
But for us, it was originally a no-bana for two reasons.
One of them is played your strengths.
We didn't want to build a consensus network from scratch,
and we didn't want to have the responsibility
of maintaining that consensus network
because we saw, honestly,
we saw a little bit what happened with Zcash in that vertical
because they ran into a lot of problems after they launched,
where they just had a lot of work they had to do
to keep the Zcash client up to date with Bitcoin
because it was a fork of Bitcoin originally.
So all the Bitcoin like upgrades and security things,
they had to kind of backport into Zcash.
But they'd change everything around so much.
It was not a simple process.
And it just sucked their time away from their core strengths,
which is zero knowledge cryptography and privacy.
And I was looking at that, I don't want to,
I don't want us to have to do that.
Yeah.
Let's just use Ethereum.
Yeah.
I think like the second part is like
to actually get like a lot of security on your network.
you have to really solve that consensus problem.
Like, we're very lucky.
Like, we have very short-term consensus on the Aztec network,
and it's for about 20 minutes before it settles on Ethereum.
And so we benefit massively from, like, the security and the properties of Ethereum.
If we had to kind of, you know, long-term secure all Aztec transactions ourselves,
it would be a much, much harder problem to kind of build a decentralized network.
And I think the second reason as well is just, you know,
despite what you read on crypto Twitter and despite people try it,
like Ethereum is still like the number one programmable blockchain in terms of like developers and capital.
And so like bringing privacy to that is a much more attractive proposition than trying to rebuild that on a new chain.
And no matter how good your bridges are on these kind of like L1s, it's not going to be kind of as efficient to bridge as it is from Ethereum to an L2.
And so that's kind of the main reason we're on Ethereum.
Absolutely.
We didn't want to have to be like the only way he'd get into Aztec is through a trusted.
a trusted bridge, because your privacy is only useful if you have value on your network.
Because nobody cares how many magic beans you have.
So you don't need a privacy for your magic bean network with synthetic instruments.
So you need, you need assets, you need liquidity.
And Ethereum is the continental homeb assets in WebFrey.
And I'm very firmly believe that will continue to you the case for a very long time to come.
And so, yeah, being directly connected into that ecosystem.
For us, it was extremely important.
Okay, yeah. I mean, I can even just analogize this to like my company. It would be like, you know, if we have a subscription newsletter, if instead of, you know, using one of the newsletter websites that already has that built in, if we decided to like, you know, create your own like connection to credit cards or, you know, whatever. So it makes sense. So, you know, here we are at this time where Ethereum, the Ethereum Foundation just made an announcement that they are going to make privacy kind of a first class priority.
So I wonder what that means for like Aztec or the ignition chain.
Do you feel that it's something like that you are included in that?
Or do you feel like it's competitive or how do you view that initiative?
Yeah, it's, it's, I see it's very complimentary.
I think Ethereum has this strong need for neutrality.
And so whilst my very biased opinion, they should just be like, yeah, we're going to just
do bridging stuff into Aztec and get privacy that way, I feel like, uh,
they will only do that if all other avenues are exhausted.
So I see them as complementary because I think that,
so what they're currently doing with Kohaku and with basically like adding in
privacy tool chains on top of Ethereum that they want to get integrated into wallets,
it's valuable.
But the spectrum of what you can achieve there is very limited
because you're limited to the privacy primitives that they are creating.
It's not fully programmable.
It's not private compatibility.
And the reason is because that's very,
hard. We tried to do that on Ethereum five, six years ago, and we realized, it's not going to
work. You need to do from the ground up. And so I think that they're complementary because
what you could on Async is always going to be substantially more advanced than what you
could do on Ethereum with regards to privacy. I think that it's going to be a lot easier
to develop for. Nevertheless, it's still very important to add basic privacy for emitives
into the existing Ethereum ecosystem so that everybody can enjoy privacy. Yeah, I think
Maybe I can add, like, at the moment, if you bridge from a very public Ethereum into something like Aztec, that that's a data leak.
Which, like, every time you come in and out of Aztec, you can kind of, if you're going to a public world, you can see a lot of information.
So the more private Ethereum can be made.
And like, just the basic value transfers, it would help privacy for everyone.
But I agree with Zach on kind of the point around the expressivity of what you can do on Ethereum versus Aztec.
We had three iterations of Aztec.
And so the first version was kind of like basic privacy.
And then we had kind of like basically Zcash on top of the Ethereum for lots of different
assets.
That was called Aztec V2.
And then we built a system called Aztec Connect that let you kind of bridge those funds
to any Ethereum smart contract.
And along the way, we kind of ran into a lot of the same problems that they're facing
today, which is kind of how do you kind of make composable applications work and not these
like siloed applications.
I think the only real way to solve that is something like Aztec.
So I think for single use applications, it may get some traction and it will help people
get a basic level of privacy.
But for those advanced use cases, and kind of like really verifying things like passport
proofs and the kind of flow that Zach gave earlier around the decks, I think it's
going to be hard to do that well on Ethereum, at least not anytime soon.
So it's about the timeline as well.
And tell me about, you know, what types of demographics you think will use Aztec or the ignition chain or what types of use cases you expect to see with it?
Yeah, in terms of use cases, I think we're definitely going after kind of use cases that institutions care about.
But the approach we're taking is kind of not necessary to go after institutions at this stage.
We're finding kind of a lot more success with kind of teams of two or three.
like Hungary kind of like startup builders who want to go after an institutional use case and build
like a competitor. And so we're seeing that kind of in the identity space. We're seeing that in kind
of the deck space and the payment space. And so I think it's more kind of like hungry Ethereum
builders who've like faced problems and building kind of institutional use cases at this stage.
There are some like institutional conversations happening. And I think at some point they're going
meet in the middle. Like, an institution will agree to a pilot and someone will have built a
proof of concept and there'll be a kind of an amazing meeting in the middle.
Oh, Dave, I'll expand with that. Like, we have short medium and long term goals here.
Short term web free natives, you know, as we saw with us to connect 60,000 monthly active
users, people want privacy on chain, particularly if you have portfolios or if you have
just a lot of capital at stake or you have, you're like, you know, you have some hedge
training strategy and that doesn't really work. If everybody could be concerned,
how you're hedged. So basically we create the basic defy-stack on Aztec, you know, lending markets,
decks is, but make it private. Then we also want to do basic identity parameters. So like
civil protection, basically, you know, if you want to do some kind of sale or some kind of
distribution where you want to make sure that it's one person, one, like, uniqueness checks,
you can do that on Aztec very efficiently and very easily with things like ZK passport.
even like a ZK TLS proof you have a Twitter account
with over 100 followers.
I mean, you're probably not a bot.
You might be, but it's a lot harder to get 100 Twitter followers
than it is to spin up a bot farm.
Then, and whilst we're doing that,
in power, we want to absolutely incubate this basically
like this trans-fi disruption track
where you're getting these more hungry teams
to build products or services that Enterprise talk about
but are trying to do in,
ways that, in my opinion, are fundamentally flawed, using, like, these centralized their
parties in private chain, like, private as a private database, and disrupt that, and generate
social proof and create a lot of fear amongst these institutions that they're going to get
disrupted and use that fear to bring them in and get them to join us instead of trying
to avoid us. And then, longer term, we want ASIC to be the global exchange and settlements
platform for the world's assets. Not digital assets, but all assets. Wow. Honestly, actually,
when you were talking, I was like, I could imagine there being a perp decks. Just, you know,
right now we're obviously seeing the flourishing of the perp decks. Well, so I did also, oh,
and just quickly, because you mentioned ZK Passport. Can you just explain what that is for the audience?
Oh, of course. So it's, so pretty much every passport these days has a little NFC chip in it,
which contains a digital signature
signed by your government
where the message is all your passport data.
So you're photograph, your data, both,
you name your passport number, blah, blah, blah.
And, you know, phones these days, they have NFC scanners.
So you can extract that with an app.
You can extract that signature.
Problem is, if you use that digital signature
as an identity at the station,
it leaks a lot of information because it contains
within it, well, your photograph, your passport number,
your name or later birth.
And so what ZeeK passport does
is it uses our technology to selectively disclose
restricted statements. For example, you can usually give passport to prove that you're a citizen
of a certain country or that you're not a citizen of a certain country. You can use it to prove
you're not on an O-FAC sanctions list, where what's getting, where the proof is basically
are not on an effect sanctions list. And here's a hash of my passport details. And that's
what the way we're using it. We're using it to get basic checks about somebody in a decentralized
and strongly permission this manner. Okay. So,
I am so curious to ask you guys, like, what do you make of this craze in privacy all of a sudden?
Like, it sort of felt like it came out of nowhere at the end of September.
Like, you've been working on this for years.
Like, did that surprise you?
Or like, where do you think it came from?
Like, what were you thinking watching this whole thing?
Come back.
Should I start?
Yeah, you start.
I'm thinking, I told you, I've been going around to these conferences for seven
lemmon years going talking about privacy.
And I've been saying exactly the same things that everyone is excited about now.
You know, you can bring in real world assets.
You can, being an enterprise and institutions, you can actually do stuff in the real world.
You can, you can, you get basic user protections.
You stop this thing from being a surveillance dystopia.
And now everyone's like, hey, Zach, I'm probably, right.
No, no, no, no, no, no.
I didn't say that.
They're like, wow, you know, privacy is a big deal.
You can use it to bring real world assets on chain and stop this network from becoming a surveillance dystopia.
And I'm like, yes, yes.
That's a good thing I've been building this for seven years.
Joe, because now we've got, I've got, I've got you, fam.
We've got you.
Oh, good timing for you guys.
Yeah.
It's, I don't know, I think it's kind of, yeah, I kind of said it a bit earlier,
but I think it's because we're running into the problems.
And like, we ran into them earlier than most people because I think we were solving a
particularly niche use case.
But I'm happy that more people are seeing it the same way now because it's, it's validating.
And it's also just, you know, the more kind of people building in the space, like, the ideas
develop faster.
And it's kind of like an explosion of new ideas, which is always how else.
I think another thing which has caused this is basically exhaustion.
Because what you can do with a regular smart contract hasn't changed in years.
You know, yes, it's faster, and it's cheaper, but what you can do hasn't changed.
And the design space is tapped out.
And it's led to this fatigue rate where if you're deaf coming into the space and you're like,
well, what should I do?
And it's like, well, you can make a dex.
Well, there's loads of dex here, but you can make another one.
It is like, well, and like the surface area for innovation is very restricted at the application level.
but not with privacy.
With privacy, it explodes again,
because you can get all these trustless attestations from the real world,
and you can reason about private information
and stuff that you normally can't put on a blockchain.
And people are excited by this.
The technology is now matured enough that people,
like, people can start to see the results of this a little bit.
Like you had, you know, last year,
you had a non-cast, we could do anonymous social media posting.
You know, you've had, I think Aztec has been building on this narrative,
building this narrative for a very long time.
You have technologies like noir,
where you can write really efficient feature-rich private programs.
And so previously, what we would, Joe and I were going and talking,
we were talking about a hypothetical world.
And now people are starting to see the seeds of reality creep in.
And they're like going, oh, wow, yeah, that's really a thing.
So that's now why I think become a lot more mainstream.
Yeah, even within the company, I think, like, when we first started,
the number of people who could write zero and orange circuits was probably, what,
three, two or three people.
And now, like, with Noir and these, like, tools getting a lot more kind of powerful, it's been kind of access to writing private applications.
It's been brought to, like, like, a lot more developers.
Like most Ethereum developers who can write smart contracts can now write private applications.
And so I think that's part of why the craze is happening.
And then also just, like, I guess a cynical view on my side is that a lot of projects have launched.
And maybe they didn't get the traction that they were hoping for.
They had a thousand TPS of promised throughput, and they were kind of nowhere close to that.
And they started looking at why and like what other features needed to be built.
And they probably ran into the same, hey, we need this missing feature of privacy.
And so they started kind of jumping on the same bandwagon.
So that's a cynical view.
But I think it's somewhere in between real world adoption actually requiring it and cynical view.
Well, I mean, the recent, you know, when I mentioned the perps thing, like I was thinking about,
I'm sure you saw the whole James Wynn thing and people saying,
Well, you didn't follow it on hyperliquid?
I've been busy trying to launch the ignition.
A bit of a bit of a cave.
Oh, okay.
It like magicate me.
There was this guy who, well, actually, he's British, I think.
But he was trading on hyperliquid, but since everything is public,
people were saying maybe he was being hunted because he managed to get, I think it, like,
he started with like 13 million and he managed to get it up to like 100 million,
but then he promptly like lost it all.
Oh.
And people were saying, like, oh, maybe he got hunted because his positions were all public.
And then recently there was another trader on there.
Actually, yeah, that person also left.
I'm blanking on like the exact reason.
But I do think there were people that were copying that person's trades again because it's all public.
And then like 10-10 happened.
And so I think a bunch of those people were liquidated to like the copy traders.
So that's what I was saying like a perp tax, you know, because also what was happening was CZ was
criticizing the criticizing hyperliquid and um and the founder of hyperliquid and czee were like having
these twitter posts back and forth and cz was like oh well maybe i'll make a private you know
perp decks because like you know this public experience is not a good experience and anyway point is
just that um yeah i think i think there's probably a lot of reasons but um yeah it amazing you guys
were like so early and then kudos to you for like such amazing timing like people are finally interested
and like you guys launch now.
Can I give an example on the hyperliquid one?
It doesn't just apply to hyperliquid,
but any kind of like defy primitive,
that's kind of exciting with privacy.
So because the Aztec block space is differentiated,
it's private,
you don't need to rebuild some of these things on Aztec.
You only need to build things on Aztec if like you're changing the core
primitive to require,
like the underlying like product to require privacy.
If you have an already public like defy application,
it's sufficient to just send your transaction through Aztec.
And so, like, in the kind of like hyperliquid or perplex example, if you sent a transaction
through, well, from Aztec to hyperliquid or lighter one of the ZKL2s, well, it just looks
on chain that gets come from Aztec.
So you can't see the kind of surrounding positions.
You can't see the portfolio because they can hide that from the world.
So in that scenario, you could have the same trader who has a short and along that are hedging
each other and you can't link them.
So you can't kind of like do the Huntington example.
and you don't have to rebuild everything on Aztec.
So there's this kind of like interesting world where because Aztec has private block space,
it's actually kind of value additive to all L2s and all of Ethereum because we're not competing for the same types of transactions.
Yes.
Like users can put their funds on Aztec and interact with all of these chains via kind of bridging.
And they get a degree of privacy doing that.
Some applications that like are more advanced than that, you know, you want to put passport proofs inside them will have to be rebuilt on Aztec.
or like some parts of it will be
and it's just an exciting thing
because I think people haven't realised yet
that like private bridging and private intents
are going to be this kind of way of getting privacy
in the short term on a lot of public applications
I mean we've seen NIR like really like make people
of this with NIA and LLLNs.
But to really expand on this
like to get to the essence of it
most L2s are parasitic to their own
liquidity modes and recreating the same ecosystem
Asick is very differentiated in that it's very positive sum
to interact,
interoperate between ASTIC and other L2s, other L1s,
because there is value in bridging not assets,
but information on into and out of Aztec.
As in if you need to, if your app needs some sort of identity check
or it needs to check against civil resistance,
or it needs to perform some validation on information that you can't broadcast publicly,
well, if you're running that app on Salana or on base,
you can send a request into ASTIC going,
hey, can you check this credential?
And then the ASTIC contract will just return yes or no.
And so you don't disclose the sensitive data,
but you get the attestation you need,
you get the intent that you need.
But in that example, like the assets
and the actual financial activity still stay
on the Transparent L2 or the Transparent L1.
And so it's a very positive sum.
Like we get, the ASTEC gets some fees
because you've done a credentials check on ASTEC,
but we're not sifling.
equity. So I, I, I, I, one thing we really want to genuinely, um, like, uh, execute on over the
next 12 months is to make Aztec a, a very canonical privacy shield for all of Web3,
not just ourselves, not just Ethereum, but all of Web3 with efficient, um, seamless bridging.
And just to understand how that would work, um, that, you know, having something on base and
then you like, use some part of, um, Aztec in order to, to confirm something.
thing. Yeah. Would that use the Ethereum interoperability? Because I just did an episode in that.
And I don't know, like, currently, like, would you have to bridge or like...
You'd have to bridge. As in, like, right now, we're just, we are, when it comes to, like,
the cross-chain interoperability, we want to focus on simplicity. So, like, for example,
we're partnering with Wormhole to do that. And I think, like, the whole Ethereum Interop layer
is, like, it's something we could plug into. It's just that, like, we need to be very
mindful about things like the cost the user is paying and, like, complexity
around execution of that transaction.
Okay.
Yeah.
So at the moment, it's using, like, it's using a relay to use a sense of transaction on Aztec.
You can't see who sent it, but there's an intent in there that says someone on Aztec would
like to swap one E for some dye on base.
And a relay comes along, picks that up, fills the order and brings the assets back to
Aztec.
And so that's kind of like one flow.
So it's done with relays, but you can get pretty good kind of security guarantees around
those because we were a Zika Rollock.
you can verify what happened on at least any L2.
If you're bridging out of Ethereum, then you have some additional trust assumptions
that you have to kind of deal with, but it's mostly done with relays.
The exciting part about why it's different to normal bridging is just you can't see
who sent the original transaction.
And so that's kind of the privacy angle that we're adding.
Okay.
So now let's talk about the decentralization aspects because people have been bemoaning for a very
long time that we have all these L2s and they're not, you know, fully decentralized.
And you guys are launching, or you launched a chain that is decentralized from day one.
What did it take to do that?
And I'd be curious to hear you opine a little bit on why it is that there aren't many others.
I guess, yeah, and the cynical, cynical view is like most public kind of L2s,
they don't really have an incentive to decentralize.
like they have a centralized sequencer that prints somewhere between 40 and 150 million dollars of fees a year.
And so it's very easy to kind of, you know, appease the Ethereum ecosystem by saying, hey, we'll decentralize later.
And then really they get shackled to kind of these cash flows and like the reality is late and never happens.
And so I think that exists because they put they can put themselves in a privileged position.
In kind of the case of like a privacy chain, like we didn't.
want to be in that position because we don't want to kind of be in control of users data and
kind of be in that position. It has to be a neutral privacy layer like we have on the internet. And so
that kind of forced our hand a little bit to kind of solve the problem earlier. I think like actually
doing it, like it took a lot of kind of different research. So we worked with kind of like our community
quite a lot through RFP processes and RFCs. And yes, yeah, we're just kind of iterated to we
had a design that works. I will say that we like, we're not. We're not.
immune from the kind of like we'll do it later track our previous products that we had were not
decentralized we had a version called as tech connect and it was centralized and we learned a lot of lessons
kind of building that that we kind of made some mistakes that we didn't have to make in this version so we
we kind of learned from that how to do it but yeah i do think that Ethereum as a whole does need to kind of
move away from like l1s that are basically just databases at this point and actually start uh
centralizing the L2s and getting more than to stage two.
And to explain just on Aztec, like how the sequencing happens,
just like the nuts and bolts of how you decentralized it?
Yeah, it's very similar to the Ethereum design.
So stakers have to stake 200,000 Aztec tokens.
That's the minimum staking requirement.
And they then get randomly selected to be on a committee.
Committees 24 at the moment, and they'll expand to 48 next year.
When you're on the committee, you kind of will be
elected to produce a block in your slot, and other committee members have to check that the data
that's needed to prove your block is available. And so we have these rotating committees who kind of
worked together to effectively give a very fast chain of pre-confirmations of what could be proven
on Ethereum. And they commit that chain to Ethereum every, you know, 36 seconds, as we said earlier,
and that will come down in the future.
there's then kind of this chain of like pending blocks on Ethereum that have been committed to
and you can kind of think of them as like being secured by the Aztec staking set,
but they haven't yet been validated by Ethereum.
And so then Provers come along and they look at that chain in blocks of 32.
We call those an epoch.
And they will, once the epoch has ended, they'll collect all the data that's needed to actually
create a roll-up proof, like a ZK proof that,
aggregates all the transactions in every single one of those blocks,
and now crunch that proof down into one single proof
and send it to Ethereum that will be verified.
And so that's a validity proof that verifies all the transactions
in all of the blocks in the epoch.
And once Ethereum says tick, then it's finalized on Ethereum.
And so we've kind of had to decentralize both the sequencer selection side of it
and the provo side of it as well to allow kind of both of those to kind of work together.
and under the hood, kind of the network's economics, power that and make sure that there's always sequences there and prove us there to kind of show up and do their duties on the network.
Okay. So I think this brings us then to the token sale.
Explain like, yeah, just maybe talk a little bit more about how the token powers all that.
Yeah. And then we can talk about the sale.
Yeah, so I think when I think of like decentralization, I think it talks a little bit about it earlier, but it's decentralizing like many things.
And the one that most people kind of forget to decentralize is ownership of the network.
And so ultimately kind of ownership and control.
And so what the Aztec token is used for is it's used for governance of the network.
It's the governance token.
Like you can make changes to the network.
You can make changes to the fee schedule, how rewards work, how the network is.
Sequences have to stake the token to participate in block production.
they earn their rewards and proveers earn their rewards in the token.
And then finally users pay fees in the token.
And the fee model is very similar to Ethereum.
We use the same kind of EIP 1559 style mechanics.
And so if a block is like overfull of transactions,
a portion of the token is burnt.
If it's underfilled with transactions,
then sequences get some of the fees,
but the gas price effect for an Aztec will come down.
And so, yeah, it's kind of used for three things in the network.
It's staking, fees, and governance.
Okay.
And you decided to do an ICO rather than an air draw.
Can you talk a little bit about why you'd went out?
Controversial decisions, but I think for a proof of state network, it's very hard to gift someone
their stake.
So if you kind of, if all of the sequences running Aztec were kind of gifted their
stake, they would have those skin in the game.
And so, you know, if the network was running into issues late at night or,
you know, there was bugs.
It's very easy for them to just be like,
I'm going to turn my machine off because, like,
I got it for free.
I don't have any skin in the game.
And also for Stakers as well,
they have to do their duties well.
Like, there's things they can do wrong and they could be slashed.
And if you have no skin in the game,
slashing doesn't really affect you.
It's like you're wearing a suit of armour.
You don't care if you get into a sword fight as much.
So for those reasons, like we wanted to create a process
that decentralized ownership as much as we could,
but without kind of giving ownership away for free
so that people didn't care about it.
And I think being in the space for like seven,
eight years now, we've seen a lot of launches happen
and air drops can be very short term.
Like if you look at the data around who holds tokens
after an air drop or who is still in that community,
it's great for creating initial hype
and initial kind of marketing around a project,
but it's not very good for long-term aligned community holders.
And so building a decentralized network at the start with an airdrop
would probably result in all of our staking set churning within three to six months
and our community kind of suffering the result of that.
So we wanted to try a different approach where we're kind of changing the norms in the industry
a bit and we wanted our community to kind of grow with us.
And so kind of fair ICO or token sale was the approach we took.
Yeah.
And you're also using this Uniswap Lab's newly launched continuous clearing auction or CCA.
Yes.
Yeah, talk about why you chose that.
I could start on that.
So we chose to partner with the Uniswap on this because we thought it was the fairest way of doing an ICO.
As Joe said, like what we really are focusing on is long-time alignment.
We want our communities stay with us and grow with us.
And so the way we structured auction is very unique.
You know, we have a very long pre-registration period to give people a lot of time to know that this is happening.
So that they don't have, we don't want to be this regular like what normally happens, right?
Three days, three to sale, lose a firm.
Oh my God, bye, bye, bye, bye, bye, bye.
And what does that create?
It creates massive information asymmetries between the buyer and the seller.
It creates an artificially inflated price.
Great and the short term, absolutely terrible in the long term.
We want fair price discovery.
And this is what the Unoswop's new auction does.
It means that if you get an early, yes, you do get a better price,
but not such that like if you get in late, you're going to get a very bad price.
Effectively, your bid, if you bid early, get splits across multiple auctions that clear on different days across the sales schedule,
which means that part of your bid will only clear on the final day.
So the amount of, like, the volume of bits will only ever go up on the days because you only have more people coming in.
But the rate of change there is much more smoothed out with this with Unisop's new mechanism.
So not only as a fairer, but you get better price discovery too, which, again, we think is very important to make sure that people participating in their sale have as much information as possible to make informed choices.
But I got out a few things.
I think like if we look at kind of other sales,
a lot of like how you actually get tokens in the sale,
it happens off chain.
And so what you're really doing in like some of the most recent token sales
is you're putting some eth or some USCT or USC somewhere
and you're asking a centralized intermediary to give you an allocation in a token.
And so that's not great for like teams we've been building like we're meant to be doing stuff on chain.
And the reason we kind of wanted to partner with Uniswob is that they've been able to create a smart contract that does exactly that.
It's kind of a smart contract where you can see exactly how you're going to allocate it.
It's completely transparent.
It's very fair.
And everyone's treated equally.
So there's no kind of like sketchiness happening behind the scenes.
It's if you put ETH into this contract, you'll be allocated the same way as everyone else.
And it kind of disincentivizes kind of these gas wars or these.
these large whales kind of bidding and getting outsized allocations. And I think we've just seen
that too much over the last kind of like seven years, both for air drops and for token sales.
And I think having a new approach is just refreshing. And this is where the industry needs to get to.
It's a new product. And so it's going to be exciting to see how it plans out. But yeah,
there's actually kind of a paper that kind of proves it's like the fairest way to get on-chain
price discovery. And the way it works at the end of the auction is,
we, well, the auction automatically creates a unique swap V4 pool at the final price.
And so it's also kind of seeding on-chain liquidity as a result.
And so driving kind of more users on-chain.
And so it's a really good way to kind of, a, find the fair market price, but also then
create liquidity for the network.
So if you're a sequence or approver and you have real costs, you need a source of liquidity.
And so having kind of a pool, which you can like, you know, trade against Ethan and Azte
tokens is very useful, especially at those costs in EF. And so it's a good way to just kind of
do things on chain and do things kind of, in my view, the right way, which is what the industry
should be building towards, rather than moving more things off chain. Yeah. In terms of what
you described about like the problems that we've seen with ICOs, I wrote about that in my book,
like for the 2017-2018 era. So I'm very, very interested to see how this goes for you guys.
Thank you. I think I mean, I'd had a few.
things like on, yeah, on ICOs, because they'd come a long way, right? Like before, like, in 2017,
2018, like, we, we had some auction mechanisms, but they, they weren't kind of as sophisticated.
And we also had no way to do kind of compliance checks. And so the reason we wanted to kind of
do this on chain is now we have something like ZK passport, and we also have a much more fair
clearing mechanism. We can do this in a smart contract now. And so I think you get these rare moments
where you can do things the easy way or you can do things the hard way and push the industry
forward. And that's what we're trying to do here is just actually show there's a different way
and it doesn't have to be like this kind of this whole historical meta. So it's going to be very
exciting in the next few weeks. Yeah, I love that ZK passport thing because it's like the industry
always talks about how you can do that. And I feel like, oh, well, this is the first time,
or I could be wrong. My thing is the first time that it's being done for a token sale, right?
I'm pretty sure it is. Yeah.
I know our knowledge, yeah.
I mean, and there's a reason for that.
We know, again, we talk about this, like, you know, on-chain permissionist IDs, ZK stuff.
So we're like, well, we better practice what we preach, right?
We better use our own products or at least ecosystem products.
Yeah, yeah.
Because, I mean, that example of, you know, oh, like you can go to a bar without showing your address
or, you know, your actual birthday or whatever and just prove that you're eligible to walk into this bar.
Like, I think people were saying that to me in 2015, you know, and so.
So yeah, it's just cool that you guys are actually using it.
And out of curiosity for that reason, like,
because a lot of the token sales, like, in the U.S.,
it'll be, like, only accredited investors
or they don't allow U.S. people to participate.
But, like, are you, what are the restrictions
or what are the requirements?
So the token sales open to pretty much all countries,
like U.S. retail can participate.
The main reason that's the case is because there's an actual use for the token.
So the use for the token if you buy it is you stake it,
and use it in the network or you use it in governance or for fees.
And so because we've like been building this for seven years,
like the token is the last piece of the puzzle and there's like a use case for it.
So because of that, we're able to open up to nearly all countries in the world except
Sanctrine countries, which is exciting.
Okay, cool.
Yeah, because I wrote about how there was like this period where it would be like,
you know, the countries that are prohibited from participating are like North Korea, you know, Iran,
like whatever, whatever the countries were and the United States, you know, and it's like, what.
So anyway, that's awesome.
Yeah.
All right.
So I actually want to talk a little bit about the language.
So you've incubated this privacy programming language called noir.
And the tagline is that it's like rest for ZK.
Yes.
So explain like why ZK technology needs its own programming language.
Yeah, for sure.
Because it's been a journey.
It's been five years of,
building law. And it would have been lovely if we didn't have to do it. But the challenge is,
for us, it's not just ZK, but it's also private persistence days. What we found very early on,
with our own experience, writing Ziki, writing circuits, is that there's a lot, the semantics
around how to, like, write programs around private information are very, very different
to regular programming environments
where you need different keywords,
different kinds of
semantic flows, you need different
programming patterns.
And that's, so we looked
at a language like Rusk, and we're thinking, can we just extend
it? Can we just make this a Rust library that people
can write in? And what we realized as well,
we'd have to extend
the Rust language so much,
add our own stuff in so much,
that it wouldn't be Rust anymore.
So we might as well do it from the ground up.
And the analogy I like to use is so that it's, you know, Ethereum shows its own language, because it had all this custom stuff it needed to do.
It needed to handle, like, you know, you need to know who your message sender is through the block, what the block hash is.
Like, you know, you need this concept of a contract.
And you have all of that with Aztec, but with privacy in general, you also have similar things to do with private state.
You know, if you want to, if you want to handle private information, you'd like non-inclusion checks in Merkel trees, you need that everything is encrypted.
You need to perform like weird, like, encryptive, primitives, have.
function algorithms, you need a lot of macro-pice meta-programming.
Another thing is, you know, you likely want to split your program into kind of two sections.
One where you're performing checks on the results of a computation, which does need to be ZK,
and then you're actually performing the computation itself, and maybe that actually doesn't
need to be proven.
Like, there's parts of your program you can not prove and just check the results of, which means
you need, well, different keywords.
For example, we have utility functions in noir, which perform its purpose.
And so we just basically thought, we want control over the semantics of this language so that we can create an abstraction layer that's as easy as possible to use.
And we felt we couldn't get that by extending an existing language.
And it was better to do it all from scratch.
Okay.
And I saw, so I was a little bit confused because I think I saw a tweet saying that it was going to reach, it's 1.0 or you were going to release the 1.0 in Q1 of 2026.
Yes.
So that makes it sound like that's the first version, but you have already built this chain.
Well, I mean, there's version 0.0.0.0.2 after 0.26, 0.7.
So we've just been a little bit conservative about what we're calling version 1 because version 1 is audited.
And therefore, we can say, yeah, it's audited. Everyone can use this.
Whereas right now we need to put some health warnings on going, yeah, you can use it, but it's not audited.
So if it breaks, don't come about us.
We've told you it's, but so, yeah, version one is it'll be audited and that's when we're
confidence in it.
So we've had it at each set, so like the kind of like 1.0 release candidates for I think
four months now.
So like all the features are there.
We're now, I think for the first time putting a new language through audit.
And so we're being cautious on the timeline.
The audit's underway already.
So it's kind of just how long that's going to take, which is where it's going to get, get to.
I think just to add to some of Zach's points earlier, like we ran into this problem building Aztec itself, like our speed of iteration and development.
Like, Aztec used to be ridden in C bus plus.
Like all of our circuits were in C bus plus.
And we had some tooling that Zach wrote and the team wrote.
And like it was like very hard for people to like move quickly because it was like, it was custom tooling for I guess a language that wasn't fully fit for purpose.
And midway through like the noir journey, we switched to writing Aztec itself in noir.
because Noir is a generic language for any ZK application.
And the speed of iteration just went up.
Like, there was like, probably we doubled the amount of people within the company who could write noir circuits.
And I think there was an original estimate of like how long it would take to rewrite what we're done in C++ in Noir.
And I think the team did it in like 10 days or something crazy.
Yeah.
So it was amazing to see like this actually come into fruition.
So I think the tooling side of it is the other side.
It's not just like the features of the language.
the tooling you need when you're dealing with like encrypted state and private state is very different to kind of like a normal language.
So you need a whole ecosystem that develops around the language for it to be successful.
And so it's one thing having kind of the features, but then it's also the tooling, the libraries and, yeah, the community.
And so we had our third NoirCon at DevCon.
And so we have this whole amazing ecosystem with people who they're building things with Noir.
They could be for just off-chain applications.
you can make proofs for anywhere.
People deploying on Ethereum,
there's applications on Ethereum that use Noir.
And then Aztec obviously is like the natural home
for deploying those applications
because it's designed for it.
And it's just amazing to see kind of it exploding,
I think, as people start going down the noir rabbit hole.
Yeah.
Yeah, I like listening to you talk,
it just reminds me of even learning about how Vatala came up with Ethereum.
You know, it was like he, his unlock was realizing,
oh, I need to write a programming language.
So it's just, yeah, it just feels so similar.
So does this mean that like all of the apps built on Aztec need to use Noir?
Or like, can some of them use solidity or like?
So they all need to use Noir because everything needs to compile down into ZK proofs.
And right now, Noir is the only way of doing that.
You know, in theory, one could write another language.
So because we have the separation of concerns with Noir
because we wanted it to be a public good that anyone could use,
so we didn't want Noir itself to be too closely tied with Aztec.
Noir has a separation where we call it like a language front end.
So it doesn't, noir itself doesn't like produce zero knowledge circuits.
It produces something we call Asir, abstract circuit intermediate representation.
And it's very similar to LLVM for computers,
where the idea is you can take a cryptography backend and turn
the Assyr into ZK,
Sarker ZK Bruce.
So we do that with our software
we call Boressenberg.
And so in theory,
somebody could write another language
that compiles down into Asseer
and you could then use that
to create Aztec smart contracts.
And I'd love it if
I'd have to be amazing
if somebody took on that challenge
because diversity of options
is always a very good thing.
But right now it's only Noirba can do that.
Okay.
So I absolutely have to ask you
about some regulatory stuff because as you were building this,
I'm sure you were watching all this stuff happening with tornado cash.
Yeah.
So what was that like?
You know, what were you thinking?
Were you worried about what you were building?
Was there a certain point where you finally felt comfortable releasing this?
Or like, yeah, what was that like along the way?
Yeah, maybe I can take it to start with.
I think it definitely, so we had like products live during that whole period.
We had a previous product called Aztec Connect.
And it definitely was like, no, it was kind of jarring to see something that people took as like a normal thing being challenged by like a government.
I think for us, it didn't cause any any kind of like immediate issues other than like a decision we had to make, which was should we like, could we keep running this thing as we were or did we have to decentralize it?
And so it kind of maybe accelerated our timeline to, I guess, like moving on from that iteration of Aztec to building this fully decentralized.
centralised programmable version. I do think that, like, as an industry as a whole, it had,
it put the brakes on a little bit of, like, people's appetite to develop with privacy. Like,
we've been very convicted for seven years. So, like, we were able to kind of convince a team and,
like, just, like, build through this. Like, what we're, what we're building is legal. It makes
sense. Like, it actually lets you build more compliant applications. But we did see as a whole, like,
a lot of developers outside of Aztec, kind of maybe shy away from, yeah, from the ecosystem. But I
think, yeah, in terms of like compliance in general, like the whole, the whole thinking behind
building a kind of private execution environment is that it can actually be more compliant.
If you can tie your identity to a cryptocurrency account, you can actually kind of build
like applications where sanctioned people can't take part because you know who everyone is
in a private world. And so I think we unfortunately existed for a few years in this,
in this period where privacy was kind of being attacked. But I hope in the next.
kind of like three years, we'll see applications that can take advantage of like the expressiveness
of like a chain like Aztec to build, you know, compliant applications if they need it and
still uphold strong privacy guarantees.
Yeah, I can share my experience as well.
I mean, I remember this all going down right and the arrests happening.
And I think my initial reaction, it was just anger, you know, because, you know, I know these people.
Yeah.
And, you know, when you see public figures on like TV saying that these people are terrorists or
they're helping terrorists.
I'm like, no, they're not.
So it made me very angry.
Maybe want to double down on what we're doing.
And, you know, I think, obviously it was a challenging time to develop and, as Joe said,
but even if Genza was director of the SEC, we were still launched.
We just probably wouldn't be, the token sale wouldn't be, probably not open to the US people.
And we, Joe and I would probably stay away from America, but we were still lost because we
are permissionist decentralized network.
there is no valid legitimate ground to have a go of what we're doing.
And so we're willing to fight that battle.
But I also think, you know, at the time, it didn't slow us down.
Not really.
Because I guess this is where online narratives and reality call it a little bit.
We're not Americans.
We're based in the UK.
And despite, you know, you might think, oh my God, that's the worst place to be.
No, no, it's been fine for us.
it's been absolutely fine, you know.
And similarly, you know, like, oh man, you know, this industry is going to have a lot of historical
chore about the Givesett era because, for example, if you look at the spectrum of noir developers
and people write to ZK, a lot more Europeans than Americans.
Wow.
Because the Americans for a long time have been scared.
So, yeah, that's, yeah, the SEC was not doing its part for American dynamism.
That's for God damn sure.
But it just highlights how important this stuff is to execute.
on in build and ship because, you know, if certain powerful incumbents believe this technology
to be a threat, that means we're onto a good thing. You know, I don't believe for a second
that the attacks against these individuals were because of North Korea. Like, North Korea
was the justification. It wasn't the motivation, I think. Oh, interesting. All right. Well,
last question. And I don't even know if it's too early to ask.
ask this question, but are there any specific apps that are being built on Aztec that you're
already excited about? And if it's too early to ask, then just tell us whatever it is that
you're excited about for the next, I don't know, six months or, you know, new milestones.
I got some apps that I'm excited about. I think the obvious one is kind of this idea of like
private intent, so bridging kind of assets privacy to all of Ethereum. I think people
don't quite understand, like, you know, if you ask someone what percentage of
transactions on base or arbitram or hyperliquid would like to have privacy.
I think the answer is pretty high.
And like we now have a system that will be able to kind of like deal with those transactions
and give users a form of privacy that they've been craving.
In terms of like Aztec specific applications, so like things that will be deployed on
Aztec, for a long time we've had over-crasterized lending as like the only source of
lending on blockchains.
There's been some products trying to do RWAs, but there's nothing.
for kind of like retail consumers. And if you look at your kind of like traditional web to
alternatives, you can get a loan that's secured by who you are, your salary, your bank account.
And we don't have that on crypto today because that's very sensitive information. Like I'm not
going to put my bank statement into an Ethereum transaction so everyone can see it. There's those of
people kind of exploring this idea of like consumer finance on Aztec. And in Europe we have this standard
called Open Banking and all of the bank data is signed by the bank institution. And so you can
basically feed your bank statement into a zero knowledge proof and start to prove things about it.
You can say my salary is above X, my outgoings are below Y. So I'm credit worthy and you can
give me a loan. And so I think we're going to see like an exposure of, I guess, real world finance
being built that I find very exciting. And then like the other basic ones are just payments in
general. Like you had a podcast, I think we recently about X402.
I think X402 without privacy is incredibly dystopian.
And so being able to...
Not going to get used for it.
Yeah, just being able to see every website I pay for things on, like, is in the real
world as well, like, whether it moves kind of out of, kind of like, just websites and into
like shops and commerce is fairly terrifying if you can see, like, the balances associated
with that.
So I think actual private payments is really exciting.
I don't know if you remember this.
I mean, this was a long time ago.
like maybe 2014 or something,
but there was this New York Times Magazine article
about how there was some teenager who was pregnant
and Target figured out that she was pregnant
before her dad knew and sent like a coupon.
And you're like, oh, for your baby or whatever.
And the dad was so mad, but then it turned out that it was right.
And so, yeah, just what you're saying.
Like, I'm like, oh, my God, it's like that.
Yeah. Yeah, it's gonna be crazy.
And like, especially in like,
in a world where we now have like AI models that like your browser is an AI model with like
chatGBT's new kind of browsers all of that data is being hoovered up without people even knowing it's
yeah i think we need to kind of fight back a little bit against a lot basic privacy uh standards yeah so
and your apps that you're excited about yeah so i think um i mean we lost 16 teams building on our
sick right for for test net for launch um so oh man you did ask me at the start of the conference my brain
wouldn't be so adult. I mean, like, the base, honestly, I'm excited for just the most basic
stuff, because, you know, you start at the grand layer with basic cryptocurrency transfers,
grace of payments. And so, like, the obsidian and the Asgard wallet teams building on Aztec,
they're really pioneering. They're doing trail-based stuff, you know, they're doing account
abstraction where you all throw you log in with a pass key, you know, and like very other,
like, novel ways of authenticating yourself. And building the seeds of a deep bank, you know,
where you can do your basic trades, but also eventually want to get that connected to lending
protocols and eventually
might take a bit more time, get this plugged into real-world
assets so it's not just synthetic instruments.
I think private
stable coins, private
stable coins, issuance as well and
on and offboarding
as well as private transfers
is very, very important
because it leaks so much information.
If you're using stable coins and settle
expensive trades, for example, it's all tied
up with needing private portfolio management
and
this can all be done on Aztec.
It might take a little bit of time to execute on,
but I'm very excited by the prospects
and something we're determined to make sure how to...
What about games? You've been tinkering out with some games?
Oh, yeah, oh yeah, like ZK and chess, yeah.
I'm too boomer to make a bit, like,
to pick actual compelling games.
So there's a big problem with...
Games I like the games that everyone else likes,
but... Yeah, ZK gaming,
on chain, I think is going to be a very important growth sector
because, like, games without a formation in symmetry are boring.
And if you want to do things that are really on chain,
then you need privacy for that information asymmetry.
Even something as basic is, you remember Cryptokitties?
You know, there's the first thing that really came up.
And you can't do Crypto Gitties today on a transparent blockchain
because they relied on code obfuscation to create certain like types of combinations
of cats that were rare or valuable.
But now that stuff gets reversed and engineered instantly because it's just,
yeah, it's easy to figure that stuff out now where the sector is more advanced.
But you can bring that back to the CK and privacy and things like,
Tetsayo, which we're partnering with to get like
trust us like random number generation in a secure way,
which means you can genuinely
create NFTs where you have information in symmetry
where you can get an outcome on chain
where you don't know what that outcome's going to be when you send the transaction.
And I think that's going to be quite a powerful primitive.
All right. Well, this has been so fun
discussing this all with you and congrats again on launching the chain.
Thank you so much.
Such a pleasure. Thank you so much.
Thanks, everyone.
Unchained is produced by Laura Shin with help from Matt Pilchard, Juan Oranovich, Margaret Curia, and Pam Majumdard. Thanks for listening.