Aztec Bridge Proposal: Privacy-Preserving Intent-Based Framework

# Proposal: Privacy-Preserving Intent-Based Framework with Aztec This is implemented in https://github.com/substance-labs/aztec-evm-bridge # Introduction: We propose an intent-based framework leveraging Aztec's privacy features while maintaining the speed and user experience of traditional intent-based solutions. This framework introduces a modified version of the ERC7683 contract, now referred to as noir7683, which is written in the Noir programming language. The noir7683 contract is a privacy-enhanced adaptation of the ERC7683 standard, designed to facilitate secure and private intent-based transactions across Ethereum Virtual Machine (EVM) chains and Aztec's privacy-focused Layer 2 (L2) ecosystem. ## System Overview: The framework is built on top of existing L1 <> L2 Portal contracts and token bridge contracts. It offers two distinct intent types: Public Intent and Private Intent, catering to different privacy and transparency requirements. ## Glossary 1. noir7683 Contract: The noir7683 contract is a modified version of the ERC7683 standard, rewritten in Noir to enable privacy-preserving functionality. It supports intent-based transactions across EVM chains and Aztec, ensuring compatibility with popular intent solvers like Across and Hyperlane, as well as L2 solutions such as Optimism and Arbitrum. ## Public Intent ### From EVM Chain ![Aztec-intent-bridge-architecture-PublicIntent-EVM.drawio](https://hackmd.io/_uploads/SkBI0i3KJl.png) 1. A user opens an intent on an ERC7683-compatible smart contract and transfers tokens to the contract. 2. A solver listens for the event and fulfills the intent on Aztec if conditions are met. 3. The solver generates an AuthWit to allow the noir7683 contract to transfer tokens from the solver to the recipient address on Aztec. 4. The solver calls the noir7683 contract to fill intent by performing token transfer, and settlement process. It will generate a L2-to-L1 message, with the claimer being the solver on L1. 5. The solver completes the settlement process by calling the ERC7683.settle function, which will validate the intent fulfillment by checking with Outbox contract. The contract will release tokento the solver if settlement is valid. ### From Aztec ![Aztec-intent-bridge-architecture-PublicIntent-Aztec.drawio](https://hackmd.io/_uploads/ByPD0s2Ykx.png) 1. A user generate AuthWit for noir7683 contract and opens an intent on the contract. Token is locked in noir7683 contract. 2. The solver calls token.approve(ERC7683) and ERC7683.fill to transfer tokens to the recipient, followed by settlement via the Inbox contract. 3. Solver calls noir7683.settle function for claiming the token on Aztec. ## Private Intent: The private intent mechanism is designed to enable users to perform cross-chain intent actions without disclosing the recipient address on Aztec (or the sender address on Aztec if the intent is initiated from Aztec). To achieve this, a secure and privacy-preserving communication channel between the User and Solver is required. ## From EVM Chain ![Aztec-intent-bridge-architecture-PrivateIntent-EVM.drawio](https://hackmd.io/_uploads/S1ruAohKJg.png) ### Proposed Solution: Solver Market A solver market is introduced to facilitate the secure exchange of information between users and solvers. In this market: **Solver Participation** Solvers can publicly express their willingness to fulfill intent orders without knowing the recipient address upfront. Solvers post quotes or bids indicating their terms (e.g., fees, execution speed) for fulfilling the intent. **User Selection** Users have the flexibility to manually select a solver based on the quotes provided or automate the selection process by specifying their preferences (e.g., first-come-first-served, best price, fastest execution). **Secure Address Exchange** Once a solver is selected, the user securely communicates the recipient address to the solver off-chain. This exchange can be facilitated through encrypted communication channels, ensuring that the recipient address remains confidential. **Market Dynamics** The solver market can operate on various models, such as a first-come-first-served basis or an auction-based system, depending on the desired trade-offs between speed, cost, and user preference. **Off-Chain Communication** All interactions related to solver selection and address exchange occur off-chain to maintain privacy and efficiency. The specific implementation details of the secure communication mechanism (e.g., encrypted messaging, zero-knowledge proofs) are open for discussion and can be tailored to meet the security and usability requirements of the system. Generally, the workflow is below: 1. A user creates an intent on ERC7683 contract with the recipient address set to secret(can be address(0) or hash(recipient)) 2. The solver verifies token availability on Aztec and posts a quote on an encrypted intent solver market. 3. Upon user acceptance, the solver receives the recipient's Aztec address and transfers tokens privately. 4. The solver calls the noir7683 contract to fill the intent, generating an L2-to-L1 message and initiating the settlement via the Outbox contract. 5. Solver calls ERC7683.settle function to settle the intent order and claim the token. ### From Aztec ![Aztec-intent-bridge-architecture-PrivateIntent-Aztec.drawio](https://hackmd.io/_uploads/BJEtCj3Yyx.png) In this case, the privacy of the intent is based on private token transfer to noir7683 contract. `User` address is not disclosed , `Solver` who claims back the AzToken on Aztec receive the token publicly by default. 1. A user creates an intent on the noir7683 contract and transfers tokens privately to the contract. 2. The solver fulfills the intent on the EVM chain, calling approve and fill on the ERC7683 contract. 3. The solver call noir7683.settle function on Aztec, where noir7683 check with Portal contract for settlement and releasing funds eventually. ## Security Considerations: The L1 <> Aztec message-passing mechanism is initially permissioned by the bridge operator. Future iterations may explore additional security options, such as integration with Aztec's canonical bridge. The framework ensures that solver pools and markets do not leak recipient address information, maintaining privacy throughout the process. ## Technical Questions 1. Solver Pool Privacy: How can the solver pool and address exchange be designed to prevent leakage of recipient address information? ## Future Roadmap: 1. Integration with Open Intent Frameworks: Extend noir7683 as an Aztec plugin to support open intent frameworks like Hyperlane and Across. 2. Advanced Settlement Mechanisms: Explore additional settlement options, such as zero-knowledge proofs (zk-proofs) and trusted execution environments (TEEs). 3. Enhanced Privacy Features: Further refine the private intent mechanism to support more complex privacy-preserving use cases. ## Conclusion: The proposed framework combines the efficiency of intent-based solutions with Aztec's privacy capabilities, offering users a seamless and secure experience. By introducing the noir7683 contract, we enable privacy-preserving transactions while maintaining compatibility with existing intent-based infrastructure. This framework lays the foundation for a more private and efficient decentralized ecosystem.