Aztec 2.0 Updates —Increasing transaction limits ($100,000), UI improvements and more…
Aztec 2.0 has been live for 6 months. Since launch, $5.5 million dollars has been sent through the system, giving users affordable privacy. Over 21,000 transactions have been sent, despite a 1 ETH cap, designed to protect against the experimental nature of the cryptography.
Today we are thrilled to announce the next set of updates for the Aztec Network. These improvement move Ethereum’s first private rollup out of the experimental phase and into the primetime.
- Verifier Upgrades and bug mitigations
- Increasing the Transaction cap
- zk.money private key changes
- UI updates
Verifier upgrades and bug mitigations:
Since launch, Aztec has retained controls on the rollup smart contract to allow us to upgrade the verifier contract in the case of bugs.
Our approach has been to continuously internally audit the protocol alongside a public bug bounty. As a result, we have have fixed 5 issues with the ZK-SNARK circuits. More details can be found here. Thanks to the upgrade controls, all bugs have been mitigated without any loss of funds.
This burn in phase has increased confidence in the security of the system and we are immensely thankful to all users who used the system during these early months. Creating an environment where the code could be publicly reviewed, with live funds at stake, has improved the security of the network for everyone.
Increasing the Limit — $100,000 per transaction!
Today we are very excited to increase the cap to $100,000 per transaction. Our team is confident in the cryptography and contracts, and we are ready for much larger sums to be sent via the system. We have increased the caps for all supported assets as follows.
- 30 ETH
- 100,000 DAI
- 2 renBTC
Private Key Changes
To reflect the larger amounts that will now be sent via the network, we are making a changes to the interface site zk.money. The goal; better protect the security of user funds.
Changing the signing messages for users
Previously zk.money asked users to sign a hexadecimal string to generate an Aztec private key. This is bad practice. Many thanks to Franziska Heintel for calling us out on it publicly at ETHCC. 🙏🏻
Users will now be asked to sign a human readable message as below. We will be improving the transparency further over the coming months.
Not storing spending keys in the browser
Previously zk.money stored your Aztec Spending key in the browser. These keys will now be derived before each transaction for security. Deriving keys on each transaction is far safer in case of device loss, or malicious access, even if the user experience is a little worse.
Within the next 6 months, your Aztec Spending Key will become your Ethereum Private Key improving the UX significantly.
To facilitate these changes, all zk.money users will have to migrate their accounts. We are making migration transactions and private send transactions free for the next 3weeks to facilitate this.
UI Updates — zk.money
Based on popular feedback in our Discord, we have made some small tweaks to the send to L1 functionality on zk.money. The goal; better inform the user and prevent common privacy mistakes.
The Aztec network has internal transactions, so the privacy set for un-shields to Layer 1, is the set of shield transactions that an un-shield transaction could have come from. To make this easier, users will now be prompted to un-shield in convenient privacy sets — other amounts are possible, but may reduce privacy.
Secondly the UI will flag to the user if they are un-shielding to an address that has been used before, as well as rounding amounts to 2 decimal places to prevent dusting attacks when un-shielding.
