Step 1: Import the aztec.js package

Firstly, the aztec.js package must be imported and the desired proof destructured from the import object.

const { JoinSplitProof } = require('aztec.js');

Step 2: Prepare the inputs for the proof

Five inputs are required to construct a joinSplit proof:

inputNotes — notes to be destroyed

— notes to be destroyed ouputNotes — notes to be created

— notes to be created sender — sender of the proof transaction

— sender of the proof transaction publicValue — number of ERC20 tokens involved in the proof

— number of ERC20 tokens involved in the proof publicOwner —owner of any ERC20 tokens involved in the proof

All AZTEC proofs are fundamentally proving that

So the input, output notes and publicValue must balance. Note that the sender designated in the proof construction, must be the same address as that used to ultimately send the proof to the blockchain — it is mixed into the proof to prevent front-running.

Step 3: Construct the proof

The next step is to pass these parameters to the proof construction API:

const proof =

new JoinSplitProof(

inputNotes,

outputNotes,

sender,

publicValue,

publicOwner

);

This returns a JavaScript class, containing the various variables and methods required for using the proof — the most important of which is described next.

Step 4: Generate the cryptographic proof data

The final step in proof construction is then to then use this proof class to generate the cryptographic proof data:

const data = proof.encodeABI();

data is a hexadecimal string containing various cryptographic parameters outputted by the AZTEC commitment function and sigma protocol. It has also been automatically ABI encoded into a standard AZTEC format, such that the AZTEC Cryptography Engine (ACE) is able to understand and process it.

It is this data that will ultimately be sent to the ACE and validator smart contracts, via the confidentialTransfer() or confidentialTransferFrom() method of a ZkAsset .

And that’s it.

Standardised API

It’s easy to use the API to construct the other types of proof. For example:

const { DividendProof, SwapProof } = require('aztec.js'); const dividendProof = new DividendProof();

const swapProof = new SwapProof();

Wrap-up

In this post we’ve explored the AZTEC proof construction API, learning how to construct zero-knowledge proofs. To see an example of these proofs in action, checkout the aztec-ganache-starter-kit.

If you’d like to talk through your implementation of AZTEC proofs, feel free to reach out over email or Twitter.

Back to the AZTEC Content Library

Join the discussion: Discord | Twitter | Telegram