aztec-honk

UltraHonk, Aztec's proof system

aztec L2 proof-system final protocol spec BN254

Native status
Alpha mainnet
Enables
UltraHonk, Aztec's PLONKish proof system over BN254, proving private smart-contract execution
Specification
https://docs.aztec.network/aztec/concepts/advanced/circuits

Aztec is a privacy-focused zk-rollup on Ethereum whose Barretenberg backend proves private smart-contract execution with UltraHonk, a PLONKish proof system over the BN254 (alt_bn128) curve. It uses the BN254/Grumpkin curve cycle (Grumpkin is BN254 with its base and scalar fields swapped) to fold expensive non-native group operations into native ones, the basis of its Goblin Plonk recursion. The cross-ecosystem hook is the BN254 curve that Ethereum exposes as the alt_bn128 precompiles (EIP-196, EIP-197) and Solana as the sol_alt_bn128_* syscalls (SIMD-0129); Aztec drives the same curve through a full proving system rather than a pairing precompile, and its verifier is not wired into the parity harness.

Implementations

Relationships

Equivalent to
EIP-196, EIP-197, SIMD-0129

Sources