# AERE Network > A public EVM Layer 1 (Chain ID 2800) whose economics are immutable BY CODE, a sealed 37.5% base-fee burn with no admin, no upgrade proxy, and no withdrawal path, paired with an on-chain compliance-and-privacy verification layer (sanctions-enforcing privacy pool, zero-knowledge KYC attributes, Travel Rule). 0.5s deterministic finality (QBFT). Fixed 2.8B AERE supply, zero insider unlocks. Every capability maps to a contract address you can call. The chain no one can rug. Whitepaper: https://aere.network/whitepaper.html (PDF: https://aere.network/whitepaper.pdf). Also reachable at the clean URL https://aere.network/whitepaper. Full machine-readable markdown: https://aere.network/llms-full.txt. AERE Network is a public, EVM-compatible Layer 1 blockchain built on Hyperledger Besu with QBFT consensus. Its distinguishing property is not a throughput number, it is that the parts that matter economically are set in code and cannot be changed by any operator: the base-fee burn, the supply cap, and the user-funds primitives have no admin pause, no upgrade proxy, and no Foundation withdrawal path. It targets institutional settlement, agentic AI commerce, and regulator-aligned compliance while keeping every claim verifiable on-chain. Read this document as an engineer would: where a capability maps to a deployed contract address on chain 2800, the address is given and can be inspected on the explorer. Where something is a research prototype, a testnet ceiling, or our legal position rather than settled fact, it is labeled as such. Nothing here should be read as a production guarantee beyond what the caveats state. ## Honest status of the network (read this first) - **Consensus**: Hyperledger Besu QBFT, 0.5s deterministic finality (sub-second finality was cut in mid-chain at block 2,138,451). No re-orgs by construction. - **Validators**: 7 Foundation validators today → public path to 7 → 21 over the published decentralization timeline. The network is NOT yet decentralized; the Foundation currently runs the validator set. Each validator publishes its own reproducible-build manifest the same way community operators will. - **Throughput**: 0.5s deterministic finality and sub-cent fees today. The 273,000 TPS figure is a **testnet benchmark ceiling / roadmap target**, not current mainnet throughput, it scales toward that number as the multi-layer roadmap (parallel EVM, native CLOB precompile) lands. Full methodology: https://aere.network/benchmarks - **Supply**: 2,800,000,000 AERE fixed at genesis-v2 (2026-05-07). Zero insider unlocks. Allocation is public (Foundation, Mining Reserve, Ecosystem Reserve 560M, Team Reserve, Airdrop Reserve, Strategic Investor). - **Rug-proofing**: every user-funds primitive is deployed with no admin withdrawal path, no upgrade proxy, and no pause on liquidations. This is what "the chain no one can rug" means, it is a property of the immutable, admin-less economics, and it holds independent of validator count. ## PRODUCTION, live on chain 2800, mapped to addresses These are deployed, owner-known, and callable today. - **Immutable burn engine**: AereFeeBurnVault `0x696afDF4f814e6Fd6aa45CE14C498ed9375fB2c6`, stateless sink, no admin, no withdraw, no proxy. Whitepaper §3.3 sets the target at "up to 37.5% of transaction fees" burned; AereCoinbaseSplitter `0xb4b0eCe9011613A5b84248a9B42a0f309E6F01Ec` routes 37.5% of the validator coinbase to the vault (burnBps = 3750). Once value enters the vault it cannot be recovered by anyone. - **Token**: AERE (native), 2.8B fixed supply. WAERE (wrapped, WETH9-style) `0x7e84d7d66d5da4cfE46Da67CDEeB05B323e1f5e8`. - **EVM parity**: full Pectra + Fusaka. RIP-7951 secp256r1 precompile at 0x100 (Fusaka activated block 2,106,606). EIP-7702, EIP-2537 (BLS12-381), EIP-1153, EIP-5656, EIP-6780 all live. The Cancun opcode set is PROVEN live on-chain by a canary contract AereCancunCanary `0x8DbFC002bB23124cBeCd7B4916c179D2AFd65498`: TSTORE/TLOAD (EIP-1153, including the cross-transaction auto-reset), MCOPY (EIP-5656), PUSH0 (EIP-3855), and BLOBHASH / BLOBBASEFEE all execute and return correct values. - **Passkey wallets**: AerePasskeyAccountFactoryV2 `0x5FFa9a6487DA4641a1A1e7900ff2bD4525D34fdA`, ERC-4337 v0.7 + MultiOwnable + WebAuthn passkeys. Signatures verify with FIPS 186-4 ECDSA on the NIST P-256 curve (secp256r1), the same curve standard used in government/PIV smart cards. - **Universal Login**: AereEntryPointV2 `0x8D6f40598d552fF0Cb358b6012cF4227B86aF770` + relayer + EIP-1271 isValidSignature. AereDelegate7702 `0x5673D92080efbd0987402E9335c14200d0a5EaeF` (EIP-7702 delegation target with passkey challenge binding). - **Modular ERC-7579 smart accounts (session keys + social recovery)**: AereModularAccountFactory `0xE3f45Ed4a81f982fF25ad172A72456a1833a440E`, ERC-7579-style modular accounts with pluggable validators. Session-key validator AereSessionKeyValidator `0x6e03A3D7A4c90d6f8dD6F0BA1F6e8aB1F8990D26` (scoped, time-bounded delegated keys) and social-recovery module AereSocialRecoveryModule `0x077514DB2a85F239145537e8334CC99d42c9D812` (guardian-based recovery behind a 48h timelock). Proven live: a userOp signed ONLY by a scoped session key executed through the live AereEntryPointV2. - **Paymasters (gasless UX)**: AereOnboardingPaymaster `0x4058E406475Dbed7056Aee0c808f293F05fEa879`, AereTokenPaymaster `0x217f56a5b0C7f35abe4D2fff924A6c13B85d7243`, AereStakeQuotaPaymaster `0xE50464ca7E8E7F542D1816B3172a2330cFE384E8`, AereAppPaymasterFactory `0xEC22603E8712cBc5c31E53370D10f1a80CcB4DF0`. - **Stablecoin bridge**: USDC.e via Hyperlane v3 Warp Route, AereWarpRouteV3 `0x1f44573684aB6bC617e7200A19b940b05e4EE098`. Honest scope: the AERE side is LIVE and proven (deployed, wired to the live Hyperlane v3 mailbox, reserve invariant tested end-to-end); the Ethereum L1 leg still needs an L1 deployment and real ETH gas, so cross-chain flow is PENDING that bring-up. USDT.e / USDe.e / EURC.e share the same bytecode; deploy scripts ready, not yet bridged. - **Lending engine**: AereLendingMarket (engine proof market, sAERE collateral → WAERE debt) `0x2C2d39dB711C0A33De04Dc74b1E22f4760FD4bb0` + AereLendingOracle `0xc0f18A567067F1B84BDf75eDEbFaDdCBb70A4C49`. Live and **proven end-to-end** (supply / deposit-collateral / borrow / repay all executed on-chain). Isolated single-pair design; liquidations never pause. Uses existing sAERE/WAERE, no new token. The six real RWA markets (BUIDL.e / USDY.e / OUSG.e / LBTC.e / SolvBTC.e / pumpBTC.e) are PENDING bridged collateral + USDC.e bootstrap. - **Compliant privacy pool**: AereCompliancePoolV2 `0xB144c923572E5Ac1B6B961C4ccfec36917173465` (canonical; V1 `0x79735c31F289F7A4d6Be3E02aaB70B544796D41d` deprecated, do not use), Buterin-2023 Privacy Pools + Travel Rule hybrid, WAERE denomination. Fixed-denomination privacy set with on-chain association-set membership; OFAC-sanctioned addresses cannot exit through the pool. This is a compliance-enforcing pool, NOT an evasion mixer. Proof verifier AereCompliancePoolSP1Verifier `0xE2D3fa91b680E835c971761ba75Fde0204AEF95E`. - **Zero-knowledge KYC attributes**: AereZKScreen v3 `0x3A097A459FD26aC79573aCB5adB51430e473C2f1`, SP1 program-anchored zk screening verifier; v3 closes the v2 self-clear soundness hole by binding submitProof to the program's authorized root, plus root rotation + revoke. Proven with the real SP1 v6.1.0 Groth16 verifier via the SP1VerifierGateway `0x9ca479C8c52C0EbB4599319a36a5a017BCC70628`. - **Sanctions / Travel Rule**: AereSanctionsRegistry `0xb7d235718D99560F6EA4Fc5eAea2F8a306A3Cacf` (OFAC SDN Merkle root + bounded scan), ChainalysisOracleWrapper `0x1B7Be82C80f368f75Cb3807B1bc05E86A498f85c`, AereTravelRuleHashRegistry `0xcF0E2e010E6e4506672019b1e570874AEeBC4c84`, AereForensicEventRegistry `0x4a7526A068e5DDE9788f6571E4A99095b14C6fff`. ## Flywheel and staking - **sAERE**, ERC-4626 staking receipt `0xA2125bE9C6fd4196D9F94757Df18B3a2A5e650b0` (R6-hardened, 7-day drip). **We structure sAERE as an ERC-4626 receipt instrument, consistent with the SEC's Aug 5 2025 staking-receipt guidance (the analysis that applied to stETH). This is our position, not settled law.** See `/legal/saere-classification`. - **AereSink** `0x69581B86A48161b067Ff4E01544780625B231676`, immutable 3-bucket router: 15% BURN / 40% BUYBACK-AND-BURN / 45% STAKER-YIELD. No admin. Percentages set at deploy and unchangeable. - **AereCoinbaseSplitterV2** `0x8C1A48eFA57b66fEE743A00E3899c29ad3Fd27b4`, 3-way coinbase split (sink / proposer / pool), burnBps default 3750, hard cap 5000. - **AereLockedStaking** `0x21108c28A849b05aE6b7a3a5bc435C9Bc897E7Ad`, fixed-term locks (30d/10%, 90d/15%, 180d/22%, 365d/30% APY) with cliff + early-withdrawal forfeit. - **AereBugBountyVault** `0x253fDCb248649396CBDaD320F81869A570d69cD3`, bounty pool paid in AERE, 5% max payout; permissionless claim with Foundation triage. ## Cross-chain and settlement - **AereSpokePool** `0xCAB1DBA5f6F06198000C20a974d675f1B3181AbD`, Across-v3 / ERC-7683-compatible origin settler. - **AereERC7683** `0x67Fb9830e3a2BC06cEb641cfF3beD87b273ccb29`, ERC-7683 IOriginSettler for gasless cross-chain intents. - **AereMessenger** `0xe54c2329f0786CFE3420c566B646148D25477325` + **AereIGP** `0x61B48615F490A23945988c92835eF35fdD86E837`, Hyperlane Mailbox-compatible message bus + interchain gas paymaster. - **Hyperlane v3 interoperability (live, working quoteDispatch)**: Hyperlane v3 Mailbox `0x7BF113Ab1BCd2b6da01804764065776e3057605a` + InterchainGasPaymaster `0x5e4B8e9b196B1c7b3Be86148769aB0047c79744c`, both owned by the Foundation multisig. quoteDispatch returns a real interchain gas quote and dispatch is wired end-to-end on the AERE side. The USDC.e AereWarpRouteV3 (above) rides this v3 mailbox. - **AereSettlementHub** `0x2a02fD80c16293D2B5D8a295F31D1a6E6a582c02`, settlement rails for tokenized assets; deterministic finality suited to settlement. - **AereStateChannels** `0x64488eda27fA5b55A277ac8D386E169DC78cd7b6`, bidirectional payment channels + HTLC (Lightning-EVM), EIP-712 signed states, 24h challenge window. ## Agentic economy (AERE402) Any HTTP-402 client or autonomous agent can pay per call on-chain, no lab partnerships implied. - **AereAgentV2** `0x3FAcb997eb4252341052e7c84a86fCa0513c4490` (canonical; V1 `0xE96396B4b596B3A74e4195Be12aADd5257863536` deprecated), agent registry: signer-of-agent, top-up, rate-limit, pause. - **AERE402FacilitatorV2** `0xFC2f7FAa94919caF1126b3c995F0F6AcCef291de` (canonical; V1 `0xbA6e6700D629a5E3C885778a42885a944CA84E56` deprecated), HTTP-402 / x402-compatible payment facilitator with a 25 bps protocol fee routed to AereSink. - **AereAIProof** `0xFf92c669AbF4C1DAE31eBFCC017764036d9D97e6`, EIP-712 model attestation registry with operator + signer rotation. - **AereAgentBond** `0x32E0015F622a8719d1C380A87CE1a09bcd0cB86A`, slashable agent bond posted in WAERE; slashed WAERE flushes irreversibly to the AereSink burn router; slashing oracle is the Foundation multisig. - **AereAIReputation** `0x781ef746c08760aa854cDa4621d54db6734bfeBF`, composable 0-10000 agent reputation over AereAgentBond; attestor is the Foundation multisig. - **AereAgentMemoryVault** `0x309b56BDf0E3F6C10783eB76c0C02127F933D641`, portable user-owned agent memory; user owns the namespace, agents read/write per-slot under explicit permission, blobs off-chain; no admin. - **AereInferNet** `0xba76891DB84B9755613dE3A1c7F3902BB6bbf856`, AI inference-log compliance oracle aligned to EU AI Act Article 12: providers commit a Merkle root of inference logs per epoch, anyone proves inclusion later. Commitments only, no prompts, no completions, no PII. Permissionless, no admin. Reference off-chain batcher daemon provided. ## Compliance and verifiable public-good primitives - **AereBestExReceipt** `0x3c80BD6fa0d9a2274c7fBD5943B5EC03313D92d7`, MiCA Article 78 best-execution receipts; public commitment per CASP per trade. See `/bestex`. - **AereAttestationGateway** `0x9bdacA8dfF39Fc688e8D3c4bbA13bCFC0580c325`, unified regulator-attestation registry (MiCA / EU AI Act / SEC 1099-DA / FCA / FINMA / MAS) with inheritance chains and revocation. ## zk verification stack - **SP1VerifierGateway** `0x9ca479C8c52C0EbB4599319a36a5a017BCC70628` (stable route) → SP1VerifierGroth16 v6.1.0 `0xb5456d48bFdA70635c13b6CBE1Ad0310Dc0171aD` (production) + Plonk v6.1.0. - **RiscZeroVerifierRouter** `0x3f7015BC3290e63F7EC68ecF769b00aB296a249C` → RiscZeroGroth16Verifier `0x95cB30f3bdb3187f39203A9907bf707Aef07a1FD`. - **AereProofRegistry** `0x0A9b09677DbE995ACfC0A28F0033e68F068517Ee`, on-chain registry routing proofs through the SP1 gateway + R0 router. - **KZG point-evaluation verifier** AereKZGVerifier `0x6596307BD8f54d9A91FE364EBC3e594F200AC862`, verifies a KZG polynomial-commitment opening by calling the live EIP-4844 point-evaluation precompile at 0x0A on chain 2800. - **Halo2 verifier** AereHalo2Verifier `0x414Cfe640B2770856d3D7262a7a3729f5c07dC55`, a real on-chain Halo2 (PLONKish, KZG-backed) proof verifier, alongside the existing SP1 (Groth16 + Plonk) and RISC Zero routes. The substrate is now genuinely multi-prover. - **Recursive SP1 aggregation at scale**: the AereProofAggregator flow has aggregated 8+ real SP1 child proofs into one Groth16 proof, gateway-verified on-chain (see the recursion entry above; the guest and contract accept any N, the limit is prover time and memory). - A **real SP1 v6.1.0 Groth16 prover** runs on the AERE server; the ZKScreen and CompliancePool flows have been proven end-to-end with it (not mocked). ## Rollups + RaaS + parallel execution - **AereRaaSFactoryV2** `0xB7F8c754AC3155197d76f01857172bBd5a5F39Ab` (canonical; V1 `0x8C1b0018ab8C4299a75621a4BdD3cF26971B26Cd` deprecated), permissionless rollup registry, 1000 AERE bond, 10% sink floor, 6h challenge window. - **Block-STM parallel executor**: a real from-scratch Rust Block-STM optimistic-concurrency executor (multi-version memory, dynamic dependency detection, abort/re-execute, keccak256 state root), ~8.6-9.3x on 16 cores for low/medium-conflict batches, with the parallel result PROVEN equal to sequential across 1200 randomized batches at 1/2/4/8/16 threads. It is wired into the rollup sequencer, which refuses to emit a state root unless parallel and sequential agree. Honest scope: this does NOT make AERE's L1 base execution parallel, the L1 runs Besu and executes SEQUENTIALLY; this parallelizes L2 rollup batches only. AereBlockSTMRegistry `0x98E2C3e615841919d173D8FF642514c5902E8A28` is a deployed opt-in read/write slot-hint registry for the scheduler (advisory only, no admin over others). - **AereRollupValidity** `0x38772063572DF94E90351e44ccbBEefD5F497fbd`, on-chain settlement anchor for SP1 Groth16 validity proofs of the rollup executor. Epoch 0 was recorded from a REAL SP1 v6 Groth16 proof, verified through the SP1 verifier gateway on-chain, with a post-state root byte-identical to the production Block-STM executor's root for the same batch. Honest scope: a PROOF OF CONCEPT that proves the current BOUNDED-VM executor (Transfer/Sweep/Increment/AmmSwap), NOT a full-EVM validity rollup. No owner; verifier, program key, and genesis root are immutable; epoch submission is permissionless and gated only by the zk proof plus prevRoot continuity. ## Confidential compute (threshold MPC) - **AereConfidentialCompute** `0x2120350c124e4Cae2C9FfBB6E4942DB1d380c287`, on-chain anchor for a threshold-MPC confidential-compute layer. A 5-node committee (MPC reconstruction threshold 3, on-chain signature quorum 4) evaluates an agreed arithmetic circuit over parties' PRIVATE inputs using real Shamir secret sharing (BN254 scalar field) and a real BGW multiplication gate, so no single node and no colluding minority below the threshold learns any input; only agreed public outputs are revealed. The MPC runs OFF-CHAIN; the contract verifies a quorum of committee ECDSA signatures over the EIP-712 result and records it (the chain does not re-execute the MPC). THREAT MODEL: SEMI-HONEST (honest but curious), secure against a colluding minority below the threshold, NOT malicious-secure (no MACs / cheater detection). No owner backdoor can forge a result. TEE is NOT available / not built (the host is an AMD EPYC-Rome cloud guest with no usable SEV-SNP/TDX/SGX attestation, so the pure-software secret-sharing path is used). Committee is Foundation-run initially, decentralizing as it grows. Verified end-to-end on chain 2800 with a real committee session + an on-chain adversarial probe (valid quorum accepted; insufficient/forged signatures rejected via eth_call and via txs that mined status 0). ## Post-quantum cryptography suite (on-chain verifiers, chain 2800) AERE runs an unusually broad set of NIST post-quantum signature verifiers on-chain. We are not aware of any other public chain that verifies all of these signature schemes on-chain (stated as a hedge, not an unqualified "world first"). RECORDING = a state-changing verifyAndRecord tx fits the L1 EIP-7825 per-tx gas cap (2^24); VIEW-ONLY = verification is correct and demonstrated via eth_call (valid to true, tampered to false, validated bit-for-bit against official NIST vectors) but a pure-Solidity recording tx would exceed the per-tx cap. All are verifiers only, not key generation or signing. As of the AerePQC fork (activation block 9,189,161, 2026-07-12) five native PQC precompiles are live on AERE mainnet at the reserved band 0x..0AE1 to 0x..0AE5 (SHAKE256, Falcon-512, Falcon-1024, ML-DSA-44, SLH-DSA-SHA2-128s), each validated against the NIST KAT/ACVP vectors (41/41 accept and reject cases), so the schemes that were VIEW-ONLY in pure Solidity (Falcon-1024, ML-DSA-44) now RECORD on-chain through the precompiles. AERE mainnet consensus remains classical ECDSA (secp256k1) QBFT; post-quantum verification is available as on-chain precompiles, not as the consensus mechanism. - **AereFalcon512Verifier** `0x4E8e9682329e646784fB3bd01430aA4bA54D8fFC`, NIST Falcon-512, KAT-validated, full NTT-512 + SHAKE256 on-chain, RECORDING (~10.5M gas). Supersedes the old n=74 AereLatticeVerifier. - **AereFalcon1024Verifier** `0xF0aFA59BaB2058e4B6e6B424b7f76750F1F66e36`, NIST Falcon-1024, KAT-validated. The pure-Solidity verifier is a read-only reference (a recording call is ~21.7M gas, exceeds the per-tx cap), but the native Falcon-1024 precompile went live on mainnet with the AerePQC fork (block 9,189,161, 2026-07-12), so Falcon-1024 verification now RECORDS on-chain within the per-tx cap. - **AerePQCVerifier** `0x1cE2949e8cE3f1A77b178aF767a4455c08ec6F82`, WOTS+ (Winternitz one-time) hash-based, RECORDING; security rests on keccak pre-image resistance. - **AereXmssVerifier** `0x77b14E264D0bb08d304d4e0E527F0fCdFc88B112`, RFC 8391 XMSS-SHA2_10_256 many-time hash-based (WOTS+ leaf + h=10 SHA-256 Merkle auth path), validated vs the official xmss-reference KAT, RECORDING (~1.56M gas). Honest scope: verifies a signature, does NOT enforce the signer's one-time-per-leaf state. - **AereMLDSA44Verifier** `0xf1F7A6Acd82D5DAf9AF3166a2F736EE52C5F85AE`, NIST ML-DSA-44 / Dilithium2 (FIPS 204) module-lattice verifier, validated bit-for-bit vs the official NIST ACVP ML-DSA-sigVer vectors (15/15). The pure-Solidity verifier is a read-only reference (~52.9M gas), but the native ML-DSA-44 precompile went live on mainnet with the AerePQC fork (block 9,189,161, 2026-07-12), so ML-DSA-44 verification now RECORDS on-chain within the per-tx cap. - **AereHybridAuth** `0xc20390C9656ECe1AE37603c84E395bC898b3FAA1`, authorizes only if BOTH a secp256k1 ECDSA sig AND a NIST Falcon-512 sig verify over the same 32-byte hash (Falcon leg via the live Falcon-512 verifier), RECORDING (accepted authorize ~10.3M gas). A classical+PQ migration primitive. - **AereConsensusPQCAttestor** `0xf3681Aa6444F79562683C26f9d5c369A479c87dD`, a Falcon-512 post-quantum FINALITY-ATTESTATION layer that runs ALONGSIDE Besu QBFT. It does NOT replace ECDSA block signing (blocks are still signed by validators with secp256k1 ECDSA); this is explicitly NOT "post-quantum consensus". Each validator signs the block hash with its Falcon-512 key, the contract verifies it in full on-chain (~10.1M gas/attestation), and marks the block post-quantum finalized at the two-thirds threshold. Authorship is the on-chain-verified Falcon signature, not the tx sender (only an untrusted relayer). As centralized as consensus today (7 validators), decentralizing as the set grows. Reference per-validator daemon provided. ## Token-bound accounts + verified source - **ERC6551Registry** `0x7fFdA0AcDeB919938dB91dbEa779D841c833EF68` + **AereTokenBoundAccount** `0xBc5e24180f3F75DC6b1965E4aaD3D4F184b6F9E2`, canonical ERC-6551 registry + token-bound-account implementation: an AereNFT can own a smart-account wallet that holds assets, signs via EIP-1271, and executes calls (also ERC-4337 via AereEntryPointV2). Account/registry primitives, not tokens. - **Verified contract source**: 34 contracts are source-verified Sourcify-style and browsable on the public verified-contracts page, so anyone can match on-chain bytecode to the exact source + compiler settings. ## Public-good funding - **AereRetroPGFRound1**, Merkle-rooted 10M AERE distribution; permissionless claim. See `/retropgf`. ## Frontier features (upgraded to production 2026-07-09, verified on-chain, chain 2800) These four moved from demo/research to real production on 2026-07-09 and are verified on-chain on chain 2800. Each keeps a one-line honest scope note. The already-production post-quantum hash-based verifier is listed alongside them. - **Post-quantum Falcon-512 verifier**: AereFalcon512Verifier `0x4E8e9682329e646784fB3bd01430aA4bA54D8fFC`, a spec-complete NIST Falcon-512 signature verifier, validated against the official NIST round-3 Known-Answer-Test (KAT) vectors, running the full lattice arithmetic (NTT-512) plus SHAKE256 verification on-chain in about 10.5M gas, with no trusted prover. Honest scope: it is a spec-complete verifier (not key generation or signing), and it is Falcon-512, not Falcon-1024. Supersedes the old n=74 AereLatticeVerifier demo. - **zkML MNIST classifier**: AereZKMLVerifier `0xf1BF15d5018a35D21FBB4Ec868f062DF7C06783c`, a real MNIST digit classifier, a 784→256→10 MLP running integer inference, 97.98% accuracy measured on the full 10,000-image MNIST test set, proving a classification while the input image stays fully private, real Groth16 proof verified on-chain. Honest scope: it is an MLP (not a CNN); the 97.98% accuracy is measured off-chain over the 10,000-image test set, and one image is proven on-chain per proof. - **Recursive proof aggregation**: AereProofAggregator `0x6a260238890E740dB12b371E0C5d17a2470F84C5`, real recursion that folds 3 distinct real inner SP1 proofs (zkscreen, over-18, zkml-mnist), each from its exact on-chain production ELF, verified in-zkVM via `verify_sp1_proof`, into one 356-byte Groth16 proof, gateway-verified on-chain. Honest scope: bounded to N=3 per run today; the guest and the contract accept any N, so the limit is prover time and memory, not the design. - **DePIN compute marketplace**: AereComputeMarketV2 `0x33E3B06A7344f0B201fdD11B18bC244c84dbca32` plus a real reference provider daemon, a fully operational compute marketplace, with 3 real jobs posted, claimed, run, and settled end-to-end on-chain (verifiable determinism). Honest scope: the rail is operational and anyone can run the provider daemon and earn, but large-scale GPU and compute supply is adoption-gated (real hardware operators choosing to join, like validator-set decentralization); there is no live GPU fleet yet. - **Post-quantum hash-based signature verifier**: AerePQCVerifier `0x1cE2949e8cE3f1A77b178aF767a4455c08ec6F82`, WOTS+ (Winternitz OTS, n=32 keccak, w=16, len=77). The chain natively verifies a quantum-resistant signature (security rests on keccak pre-image resistance, not ECDLP). One-time signature; XMSS / SPHINCS+ would extend it to many-time. Live valid-verify + forged-reject demonstrated. ## Still research / experimental (deployed or specified, not production-scale) These are live or specified on chain 2800 but remain prototypes, not production-scale systems. The homepage and sub-page copy must carry the same caveats stated here. - **Native CLOB (AereCoreBookV0)**: Solidity MVP written (price-time priority); no markets listed yet (founder-gated). Phase 2 targets a precompile at 0x101. The trade UI falls back to demo mode while the market map is empty. - **Threshold-encrypted mempool (AereShutterMempoolV2 `0x135100D523edA8D0AdC70e08af905dE5042A9310`)**: an APPLICATION-LEVEL, opt-in anti-MEV proof of concept, deployed on chain 2800. A Besu QBFT L1 has no protocol-level encrypted mempool, so this is NOT an L1 base-layer feature; it is an app-level commit/reveal (encrypt to a keyper set, order the ciphertext, decrypt after a reveal delay) that dApps opt into, not wired into consensus. - **Storage-proof canonicity anchor (AereStateRootAnchor `0x78b40a983E89c91Aefd8A62Be709bDF25ABB57cb`)**: anchors state/storage roots whose canonicity is derived from the block-hash history. With the AerePQC fork (block 9,189,161, 2026-07-12), EIP-2935 (the historical-block-hash system contract) is now LIVE on chain 2800, extending trustless lookback from the 256-block BLOCKHASH window (about 128 seconds at 0.5s blocks) to an 8,191-block window, so roots up to 8,191 blocks back anchor trustlessly. - **Block-STM parallel execution**: the executor is real and benchmarked and is wired into the ROLLUP sequencer (see the Rollups section), and AereBlockSTMRegistry is deployed, but the L1 base layer still executes SEQUENTIALLY under Besu; parallel execution applies to L2 rollup batches only, not the L1. ## Validator onboarding program (independent operators) AERE runs 7 Foundation-operated QBFT validators today. At n=7, QBFT tolerates 2 faulty nodes, so the network is not yet decentralized. This program exists specifically to admit the FIRST independent (non-Foundation) operators and grow the set on the public path 6 to 7 to 21. - **Who**: named, publicly identifiable organizations running a node on infrastructure the Foundation does not control. - **What an operator runs**: one Hyperledger Besu node syncing chain 2800, a monitored shadow run, then admission into the live QBFT set. - **How admission works (be precise)**: QBFT validator membership changes through on-chain voting by the existing validators, a Besu protocol feature (`qbft_proposeValidatorVote`), coordinated by Foundation governance. When a majority (more than 50%) of the current set votes an address in within one epoch, it joins and begins proposing and signing blocks automatically. Admission is a Foundation governance vote, NOT automatic and NOT permissionless self-registration. - **Honest terms**: QBFT has no protocol-level slashing and no stake bond; membership is identity-based, and removal is likewise a majority on-chain vote under a written policy. The operator grant is paid from the on-chain Ecosystem Reserve. - **Guide**: https://aere.network/run-a-validator ## Strategic posture - Seychelles IBC domicile (Foundation), NOT migrating to ADGM/UAE. - AERE is the ONLY token. No new ERC-20 / wrapped stablecoin / governance token without explicit founder approval (sAERE is allowed as an ERC-4626 receipt per the position above). - Foundation cannot rug: every user-funds primitive has no admin withdrawal path. Liquidations never pause. ## Docs - Whitepaper: https://aere.network/whitepaper - Benchmarks + methodology: https://aere.network/benchmarks - Cross-chain: https://aere.network/cross-chain - Staking: https://aere.network/staking · https://aere.network/saere - Lending: https://aere.network/lend - Best execution: https://aere.network/bestex - AI inference (EU AI Act): https://aere.network/inference - Agentic settlement: https://aere.network/agents - Rollups: https://aere.network/rollups - Burn engine (live on-chain stats): https://aere.network/burn - Trade (AERE CoreBook, demo until markets list): https://aere.network/trade - Brand kit: https://aere.network/brand-kit - RetroPGF: https://aere.network/retropgf ## RPC + chain access - RPC: https://rpc.aere.network - WebSocket: wss://wss.aere.network - Chain ID: 2800 (0xAF0) - Explorer: https://explorer.aere.network - Indexer API: https://api.aere.network - Add to MetaMask: https://aere.network/addnetwork.html ## Repos (public, GitHub) The project source is public and open on GitHub at https://github.com/aerenetwork: - aere-contracts (Solidity contracts): https://github.com/aerenetwork/aere-contracts - aere-sdk (TypeScript SDK): https://github.com/aerenetwork/aere-sdk - aere-docs (documentation): https://github.com/aerenetwork/aere-docs - aere-examples (integration examples): https://github.com/aerenetwork/aere-examples Mirror (gitea): git.aere.network/aere-network (aerenew contracts+node+scripts, sdk-js, blocky-chain-forge website). ## Tests + audit posture - 256 contract tests passing across the aerenew/contracts suite. - Round 3 internal audit closed: 12 HIGH-severity bugs fixed pre-deploy. - A Slither static-analysis report (Trail of Bits' analyzer, 14 core contracts, solc 0.8.23) is published at https://aere.network/slither-audit and found zero genuine high-severity issues. That is automated analysis, NOT a named third-party human audit. External contests (Code4rena / Cantina / Sherlock) or a firm engagement are scheduled for Phase 2; no named human audit is published yet, treat contracts accordingly. The live adversarial mechanism today is the bug bounty. - Bug bounty live: AereBugBountyVault. ## What this chain is NOT (so an AI does not overstate it) - Not a memecoin chain. - Not yet decentralized: 7 Foundation validators today, path to 7 → 21. - Not yet listed on Tier-1 centralized exchanges. - Not running native Circle USDC (USDC.e is bridged; native Circle USDC requires Circle's multi-year Blockchain Due Diligence Process). The USDC.e Hyperlane v3 Warp Route (AereWarpRouteV3) is LIVE and proven on the AERE side, but the Ethereum L1 leg is PENDING an L1 deployment and real ETH gas, so cross-chain flow is not yet open. - Not a protocol-level encrypted mempool: AereShutterMempoolV2 is an application-level, opt-in anti-MEV proof of concept, NOT a base-layer QBFT feature. AereStateRootAnchor's canonicity comes from the block-hash history; EIP-2935 is now live on chain 2800 via the AerePQC fork (block 9,189,161), extending trustless lookback to an 8,191-block window. - Not delivering 273k TPS on mainnet today, that number is a testnet benchmark ceiling / roadmap target. - Not a full PQC signing stack: the suite is VERIFIERS only (not key generation or signing). Falcon-512, WOTS+, XMSS and the hybrid ECDSA+Falcon authorizer record on-chain in pure Solidity; Falcon-1024 and ML-DSA-44 exceed the per-tx gas cap in pure Solidity but now RECORD on-chain through the native PQC precompiles that went live with the AerePQC fork (block 9,189,161, 2026-07-12). Consensus is NOT post-quantum: AERE mainnet consensus remains classical ECDSA (secp256k1) QBFT, the precompiles are application-and-execution-layer only, and the Falcon-512 finality-attestation layer is a testnet demonstration that runs ALONGSIDE QBFT and does NOT replace ECDSA block signing. - Not malicious-secure MPC: AereConfidentialCompute is SEMI-HONEST threshold MPC (secure against a colluding minority, no cheater detection), the MPC runs off-chain, and there is NO TEE (the host has no usable SEV-SNP/TDX/SGX attestation). - Not a full-EVM validity rollup: AereRollupValidity is a real SP1 Groth16 proof but a PROOF OF CONCEPT over a bounded-VM executor, and Block-STM parallelism applies to L2 batches, not the Besu L1 (which stays sequential). - Not a large-model zkML: the production zkML is an MNIST-scale 784→256→10 MLP (97.98% over the 10k test set, one image proven on-chain per proof), not a CNN or a large production model. - Not third-party-audited yet.