Aleo is a blockchain project that focuses on privacy protection, achieving higher privacy and scalability through zero-knowledge proof (ZKP) technology. Aleo’s core concept is to allow users to verify their identity and process data without revealing personal data.
This article provides an overview of Aleo’s project and its latest developments, with a detailed explanation of the puzzle algorithm updates that the market is highly concerned about.
Latest Algorithm Sneak Peek
Aleo network generates a random ZK circuit every hour; miners need to try different nonces as inputs to the circuit within that hour, calculate the witness (i.e., all variables in the circuit, also known as synthesis), and determine if it meets the mining difficulty requirement after obtaining the Merkle root of the witness. Due to the randomness of the circuit, this mining algorithm is not GPU-friendly, posing significant challenges in terms of computational acceleration.
Funding Background
In 2021, Aleo completed a $28 million Series A funding round led by a16z and raised $200 million in a Series B funding round in 2024, with investors including Kora Management, SoftBank Vision Fund 2, Tiger Global, Sea Capital, Slow Ventures, and Samsung Next. This round of funding valued Aleo at $14.5 billion.
Project Overview
Privacy
Aleo’s core is zero-knowledge proofs (ZKPs) technology, enabling transactions and smart contract execution while maintaining privacy. By default, transaction details such as sender and transaction amount are hidden. This design not only protects user privacy but also allows for selective disclosure when necessary, making it suitable for the development of DeFi applications. Its main components include:
Leo programming language: Based on the Rust language, specifically designed for developing zero-knowledge applications (ZKApps), reducing the developer’s cryptography knowledge requirements.
snarkVM and snarkOS: snarkVM allows off-chain execution of calculations, with on-chain verification of results, thereby improving efficiency. snarkOS ensures the security of data and computations, allowing for permissionless functionality.
zkCloud: Provides a secure, private off-chain computing environment, supporting programming interactions between users, organizations, and DAOs.
Aleo also offers an integrated development environment (IDE) and software development kit (SDK) to support developers in quickly writing and deploying applications. Additionally, developers can deploy applications in Aleo’s program registry without relying on third parties, thereby reducing platform risk.
Scalability
Aleo adopts an off-chain processing approach, where transactions are first computed on users’ devices and then only the verification results are uploaded to the blockchain. This significantly improves transaction processing speed and system scalability, avoiding network congestion and high fees similar to Ethereum.
Consensus Mechanism
Aleo introduces AleoBFT, a hybrid consensus mechanism that combines instant finality of validators and computational power of provers. AleoBFT not only increases network decentralization but also enhances performance and security.
Block Fast Finality: AleoBFT ensures that each block is immediately confirmed after generation, improving node stability and user experience.
Decentralization Guarantee: By separating block production from coinbase generation, validators are responsible for block generation, while provers perform proof calculations to prevent network monopoly by a few entities.
Incentive Mechanism: Validators and provers share block rewards, encouraging provers to become validators through token staking, thereby increasing network decentralization and computational power.
Aleo allows developers to create applications without gas restrictions, making it particularly suitable for long-running applications such as machine learning.
Current Progress
Aleo will launch its incentivized testnet on July 1st, with the following important updates:
ARC-100 Vote Passed: The vote for ARC-100 (“Aleo developers’ and operators’ best practices for compliance,” involving compliance aspects, locking funds on the Aleo network, and delayed arrival of funds) has ended and has been approved. The team is making final adjustments.
Validator Incentive Program: The program will launch on July 1st to validate the new puzzle mechanism. The program will run until July 15th, during which 1 million Aleo points will be allocated as rewards. The percentage of points generated by nodes will determine their reward share, and each validator must earn at least 100 tokens to receive a reward. Specific details are yet to be finalized.
Initial Supply and Circulating Supply: The initial supply is 15 billion tokens, with the initial circulating supply being approximately 10% (yet to be finalized). These tokens primarily come from the Coinbase mission (75 million) and will be distributed over the first six months, including staking, running validators, and validator rewards.
Testnet Beta Reset: This is the final network reset, after which no new features will be added, and the network will be similar to the mainnet. The reset is to add ARC-41 and new puzzle features.
Code Freeze: The code freeze was completed a week ago.
Validator Expansion Plan: The initial number of validators is 15, with the goal of increasing to 50 within the year and eventually reaching 500. To become a delegator, 10,000 tokens are required, and to become a validator, 10 million tokens are required, with these amounts gradually decreasing over time.
Algorithm Update Interpretation
Aleo recently announced the latest testnet news along with an update to the latest version of the puzzle algorithm. The new algorithm no longer focuses on generating zk proof results and has removed the MSM and NTT (both are computational modules heavily used in zk proof generation, with participants in the previous testnet optimizing this algorithm for mining efficiency). Instead, the new algorithm focuses on generating the witness data before producing the proof. After referencing the official puzzle spec and code, we will provide a simple introduction to the latest algorithm.
Consensus Process
At the consensus protocol level, the process involves the prover and validator respectively generating the computational result solution and aggregating and packaging the solution for the next new block. The process is as follows:
Prover computes puzzle and builds solutions, broadcasting them to the network
Validator aggregates transactions and solutions for the next new block, ensuring that the number of solutions does not exceed the consensus limit (MAX_SOLUTIONS)
The legitimacy of the solution needs to be verified, ensuring that its epoch_hash matches the latest_epoch_hash maintained by the validator, its proof_target computed meets the latest_proof_target maintained by the network’s validator, and the number of solutions in the block is less than the consensus limit
Valid solutions can receive a consensus reward
Synthesis Puzzle
The core of the latest algorithm is called Synthesis Puzzle, which involves generating a common EpochProgram for each epoch. This is achieved by building an R1CS proof circuit for the input and EpochProgram, producing the corresponding R1CS assignment (i.e., the witness) and using it as the leaf node of a Merkle tree. After calculating all the witness data, these witnesses will be converted into the corresponding merkle tree leaf node sequence, with the merkle tree being an 8-depth 8-element K-ary Merkle tree. The merkle root is then calculated and converted into the proof_target of the solution, which is checked against the latest_proof_target of the current epoch. If it meets the requirement, the computation is successful, and the reward address, epoch_hash, and counter are submitted as the solution and broadcasted.
Mining Changes and Impact
After this update, the puzzle has shifted from generating proof to generating witness. While the logic for computing all solutions within the same epoch is consistent, there are significant differences in the computing logic for different epochs. From the previous testnet, we observed many optimization methods focused on using GPUs to optimize the MSM and NTT calculations for proof generation, thereby improving mining efficiency. This update completely eliminates this computation. Additionally, due to the generation of the witness data occurring within an epoch-specific program, with certain instructions having serial execution dependencies, parallelization presents a significant challenge.