In the next decade, web services will be everywhere, not only in our browsers. Our private lives have become a public commodity. We will leave the fact that most of us partially did it by choice with all these social media. But now we are starting to realize the real problem.

Today, there is no such thing as private web data.

Services use your data in order to let you use them. Sounds unnecessary but we can live with that. But here is the thing. Service providers must manage sensitive data, and if it is improperly stored, processed, or disclosed (hi Facebook) you are the one who is at risk. Not to mention that someone’s data is easy to access, and it is being sold hundreds of times. This is problematic and should not have to be this way.

And I hope the next era of the Web will be different. Instead of giving up control of your personal data, web services will use it without actually seeing it. Let me explain this process in two words.

Aleo gives the proof that “something” has really happened (or hasn’t) without revealing personal information. Web services will no longer need to store sensitive data and will leave this work back to the user.

Aleo is based on the idea of ​​compositeness. Compositionality is a powerful concept that powers the Ethereum DeFi ecosystem, among other things. While Aleo provides complete privacy, some applications still may use public data sources to make private smart contracts composable.

Also, an Aleo account can be created on an offline machine and available for immediate use. A user can ensure their private key remains offline even for creating transactions.

Let’s summarize a little.

The goal of Aleo is to create a decentralized, open-source network that will offer robust support for building, deploying, and running private applications on the web.

And now let’s go through the concepts and the definitions that are used at Aleo.

An Aleo account is composed of an account private key, view key, and an account address.

• a secret key for the account signature scheme,
• a pseudorandom function seed for transaction serial numbers, and
• commitment randomness for the account commitment scheme.

Account Proving Key

Components of this key are pseudo-generated, some pieces are made up of parts of the private and public keys.

While the account verification key does not allow a prover to arbitrarily waste assets or forge record data, it does allow a prover to access and view account data.

New language

In order to write anonymous and secure web applications, they made their language Leo. Leo has rich functionality that reduces development time as much as possible.

Like any other programming language, Leo has specific features that are best fit for building scalable private applications.

Several days ago I tried it and here is what I have to say. The syntax is kind of close to JavaScript with some Pythonic flavors, but many features are not implemented right now. But hey, it was released to the public on the first of February. So, basically less than a month ago. Take a look at Python. It just recently got pattern matching that made the language cleaner and prettier. There is a long way ahead.

Now let’s take a look at the technical part of Aleo.

Each Program has a self-explanatory ID, input, state, and output.

Program register allows one program to communicate state to another program during execution. In Aleo, program registers are used to encode intermediate program states across records in a transaction.

Records

A record is a fundamental data structure for encoding user assets and application state.

Each account record contains information that specifies the record owner, its stored value, and its application state. Records on Aleo are encrypted to the record owner’s address, ensuring that all records on Aleo are fully private.

An Aleo record has several components such as owner (an address), value (basically the amount of Aleo credits), record payload (encoded arbitrary application information), Commitment Randomness (The commitment that binds all the other attributes of a record without revealing the actual record data) and some other attributes that you should not pay much attention to.

Record Encryption

Thanks to encryption on the ledger, it is possible to make secure and private transfers over the public network. Only the sender and receiver with their corresponding account view keys are able to decrypt these records. Not to mention Dummy Records that mess up with the data.

Block

A block is a fundamental data structure for organizing Aleo transactions over time. Blocks are produced through a process called mining and included as permanent history on Aleo. So, nothing unique.

Components of a Block:

• header
• num_transactions
• transactions

The block header contains components that summarize the state of the specified block, as well as the state of the ledger at this point in history.

These are the steps to verify a block:

1. Validate the block header
2. Verify that there is only one transaction from one account included in the block
3. We check that the sum of the balance of all transactions corresponds to the reward for the block;
4. Verify each transaction included in the block

Consensus

For a new block to be included in the blockchain, the network must reach a consensus. To reach this agreement on Aleo, a consensus mechanism called Proof of Succinct Work is used to achieve this. These algorithms are another topic, so we won’t go deeper right now. Binance perfectly explained everything.

Aleo ecosystem has its own IDE and package manager. In general, building on Leo is quite an interesting process. At least unusual.

Conclusion

Let’s be honest, the vast majority of users do not care so much about their privacy, it is important for them if it is convenient and something “just works”. However, such a segment of the Internet simply must exist.

Website — https://www.aleo.org/
Package manager — https://aleo.pm/

My media: Telegram | Youtube | Podcast | Articles | All links