Accounts. Aleo Concepts.

An Aleo account is a meticulously designed construct composed of three fundamental components: the account private key, the account view key, and the account address. Together, these components form the bedrock of user engagement within the Aleo blockchain, each playing a distinct yet interdependent role in the ecosystem:
Account Private Key
The account private key serves as the paramount authorization mechanism within the Aleo network. It functions as the digital equivalent of a personalized signature, granting the user the power to validate and initiate transactions. This key plays a pivotal role in updating the global state of account records, ensuring the legitimacy and security of transactions across the network.
APrivateKey1zkp4X9ApjTb7Rv8EABfZRugXBhbPzCL245GyNtYJP5GYY2k
Account View Key
In contrast to the account private key, the account view key acts as a decryption tool, enabling the user to unlock and access encrypted account records. It is instrumental in deciphering sensitive information, providing users with the ability to privately view their transaction history and data without exposing it to unauthorized entities. Additionally, third-party auditors can utilize account view keys to authenticate the entirety of a user’s account history, enhancing transparency and accountability.
AViewKey1nKB4qr9b5gK8wQvmM5sTPEuBwshtDdkCZB1SPWppAG9Y
Account Address
The account address serves as the outward-facing identity and communication channel for Aleo users. It is a unique identifier that allows users to interact with the network and each other.
This address facilitates value transfers and data recording through transactions, enabling users to exchange records containing both numerical values and application-specific data.
aleo1dg722m22fzpz6xjdrvl9tzu5t68zmypj5p74khlqcac0gvednygqxaax0j
New Aleo account can be created here
Safeguarding User Assets and Data Integrity
The paramount importance of safeguarding user assets and the integrity of record data cannot be overstated. Consequently, it is imperative that the account private key remains confidential and is not disclosed to any third parties.
In real-world applications within the Aleo ecosystem, users have the capability to derive a compute key from their account private key. This compute key empowers trusted third parties to execute applications and generate transactions on behalf of the user, all while maintaining trustlessness and security.
Account Prefixes
Throughout this discourse, the concept of prefixes has been emphasized, providing vital contextual information about the nature of these components.

The account private key, for instance, bears the prefix “APrivateKey1,” denoting its confidential and sensitive nature. The account address, with its “aleo1” prefix, distinguishes itself as a unique identifier within the Aleo ecosystem.
In summary, Aleo’s account architecture embodies a thoughtful and secure approach to user engagement in blockchain technology. These components work in harmony, providing users with the tools they need to interact with the network while maintaining the utmost security, privacy, and integrity of their assets and data.
Offline Accounts
In certain scenarios, especially within enterprise environments where security is paramount, it is strongly advisable to handle sensitive keys and data on isolated, offline devices. The practice of creating an Aleo account on an offline machine presents a highly secure approach that offers immediate usability while minimizing exposure to potential threats. By coupling this procedure with account proving keys, users can ensure the offline status of their private key even when engaging in transaction activities.
While perfection in security is challenging to achieve, the decision to establish a new Aleo account on a disconnected device demonstrates a wise and cautious approach to mitigating the risk of inadvertently disclosing one’s account private key to unauthorized parties. This proactive measure not only enhances the overall security posture but also contributes to the preservation of the user’s digital assets and privacy within the Aleo blockchain ecosystem.
Account Commitment Outputs
The account commitment output is a crucial component within the Aleo blockchain system, and it serves as a foundational element in the generation of an account view key. This view key includes an encryption secret key, which is derived from the account commitment output, ultimately resulting in a scalar field element. To maintain the authenticity and effectiveness of the account view key, it is of paramount importance that the account commitment output remains representable within the scalar field.
In simpler terms, here’s what this means:
- Account Commitment Output: This is a critical piece of data in Aleo’s cryptographic framework. It’s used to create the account view key, which is responsible for decrypting and accessing certain account-related information securely.
- Encryption Secret Key: The encryption secret key is a key that enables the decryption of specific data within the blockchain. It’s derived from the account commitment output.
- Scalar Field Element: In cryptography, scalar fields are mathematical structures used for various operations. In this context, the encryption secret key needs to be represented as a scalar field element to ensure compatibility and effectiveness in cryptographic operations.
- Maintaining Authenticity and Effectiveness: Ensuring that the account commitment output can be correctly represented within the scalar field is essential for maintaining the security and reliability of the account view key. If this representation were to be compromised or invalid, it could impact the ability to securely access and decrypt account-related data.
In summary, the account commitment output and its compatibility with the scalar field are critical components of Aleo’s cryptography. They are essential for ensuring that the account view key functions as intended, allowing users to securely access and manage their data within the blockchain while maintaining the highest levels of security and authenticity.
Creating an Aleo account
Creating an Aleo account is the initial step to engage with the Aleo blockchain and start participating in its ecosystem. It involves generating a private key, a view key, and an address, all of which play critical roles in securing and managing your assets and data within the Aleo blockchain.
Generate a Private Key
Creating a private key is the first step in establishing your Aleo account’s security.
- Sample a 32-byte Seed: To begin, a 32-byte seed is sampled randomly. This seed serves as the foundation for your private key.
- Construct Private Key Components: Your private key consists of several components that are concatenated together.
Private_key = (seed, sk_sig, sk_prf, r_pk)
- seed: The original seed you sampled.
- sk_sig: A component derived from the seed, which is used for the account’s signature scheme.
- sk_prf: Another component derived from the seed, used in generating transaction serial numbers.
- r_pk: This component is generated iteratively, starting with a counter of 2 and incremented until a valid view key can be derived. It is used in the account’s commitment scheme.
Generate a View Key
The view key is essential for decrypting and accessing certain account-related information securely.
- Construct pk_sig: This involves generating the public key for the account’s signature scheme.
pk_sig = AccountSignature.GeneratePublicKey(ppaccount_sig, sk_sig)
2. Generate the View Key: The view key is created using the account commitment function.
view_key = AccountCommitment.Commit(ppaccount_cm, (pk_sig, sk_prf), r_pk)
Generate an Address
The address is the public-facing identifier for your Aleo account.
- Construct the Address: Your address is generated using the public key associated with the account’s encryption scheme.
address = AccountEncryption.GeneratePublicKey(ppaccount_enc, view_key)
In summary, the private key is the foundation of your account’s security and is generated from a random seed. The view key is derived from the private key and is crucial for securely accessing your account’s data. Finally, the address is derived from the view key and serves as your public identifier for participating in the Aleo blockchain network. Together, these components provide a robust framework for managing your assets and data within the Aleo ecosystem while maintaining privacy and security.
Account Diagram
The diagram you’ve created illustrates the process of generating an Aleo account, starting from the seed and culminating in the account address.
graph TD
A["Seed (32 Bytes)"]
A --> |"BLAKE2s(Seed, 0)" | B(sk_sig)
A --> |"BLAKE2s(Seed, 1)" | C(sk_prf)
A --> |"BLAKE2s(Seed, counter)" | D(r_pk)
B --> E(Account Private Key)
C --> E(Account Private Key)
D --> E(Account Private Key)
E --> F(Account View Key)
F --> G(Account Address)
Refer this link to learn more about BLAKE2s.
Here’s a breakdown of the elements and their relationships in the diagram:
- Seed (32 Bytes): This is the initial random seed used as the foundation for creating the Aleo account.
- BLAKE2s(Seed, 0): The seed undergoes a BLAKE2s hashing operation with a counter value of 0, resulting in the generation of sk_sig, one of the private key components used for the account’s signature scheme.
- BLAKE2s(Seed, 1): Similarly, another BLAKE2s hashing operation with a counter value of 1 is applied to the seed, producing sk_prf, another private key component used for generating transaction serial numbers.
- BLAKE2s(Seed, counter): This part of the process involves an iterative BLAKE2s hashing operation where the counter value is incremented until a valid r_pk is derived. This r_pk is used as a component in the account’s commitment scheme.
- Account Private Key (E): This represents the combination of components sk_sig, sk_prf, and r_pk, forming the complete private key of the Aleo account.
- Account View Key (F): The account view key is derived from the private key (E) and is essential for decrypting and accessing account-related information securely.
- Account Address (G): Finally, the account address is generated from the account view key (F), serving as the public identifier for the Aleo account, allowing participation in the network.
The diagram visually illustrates how each step in the process contributes to the creation of a secure and functional Aleo account, emphasizing the importance of cryptographic operations and the interconnectedness of the key components.