Whitepaper · v2.0 · Chain ID 2800

The non-custodial EVM Layer 1 for settlement

AERE is a public EVM Layer 1 (Chain ID 2800) whose economics are immutable by code, a sealed 37.5% base-fee burn with no admin, no proxy, and no withdrawal path, paired with an on-chain compliance-and-privacy verification layer: a sanctions-enforcing privacy pool, zero-knowledge KYC attributes, and Travel Rule tooling. Every capability below maps to a contract address you can call. 0.5-second deterministic finality (QBFT). Fixed 2.8B supply, zero insider unlocks. The chain no one can rug.

Download the PDF canonical document at aere.network/whitepaper.pdf

Version 2.0 Updated 2026-07-07 Chain ID 2800 ~32 min read
Block finality
0.5s
Throughput ceiling
273k TPS testnet
Max supply
2.8B AERE
Chain ID
2800
Validators today
3 → 7 → 21
Per-tx burn
37.5%

00 · OverviewAbstract

AERE is a public EVM Layer 1 (Chain ID 2800) whose economics are immutable by code, a sealed 37.5% base-fee burn with no admin, no proxy, and no withdrawal path, paired with an on-chain compliance-and-privacy verification layer: a sanctions-enforcing privacy pool, zero-knowledge KYC attributes, and Travel Rule tooling. Every capability below maps to a contract address you can call. The chain finalises in 0.5 seconds with deterministic QBFT (no probabilistic re-orgs), fixes supply at 2.8B with zero insider unlocks, and ships at full Pectra + Fusaka parity with Ethereum mainnet, the RIP-7951 secp256r1 precompile at 0x100 enabling native account abstraction via WebAuthn + ERC-4337 v0.7 + MultiOwnable recovery + EIP-1271 signature validation.

On throughput: the chain delivers 0.5-second deterministic finality and sub-cent fees today. The 273,000 TPS figure is a QBFT-architecture testnet benchmark, a ceiling the multi-layer roadmap scales toward, not a current mainnet rate (full methodology on /benchmarks). Consensus runs on 3 Foundation validators today, with a public path to 7 and then 21.

AERE supply is fixed at 2,800,000,000 at genesis with no further minting possible. The protocol's economic engine is the AereFeeBurnVault: an immutable sealed contract that burns 37.5% of every transaction fee on confirmation, with no admin, no withdraw, no proxy. Combined with the AereSink three-bucket router for protocol revenue (BURN / BUYBACK-AND-BURN / STAKER-YIELD, percentages set at deploy and never changeable) and sAERE (an ERC-4626 receipt token we structure as a receipt instrument, consistent with the SEC's August 5 2025 staking-receipt guidance, our position, not settled law), AERE compounds toward measurable supply contraction at scale.

Cross-chain rails ship via standard Warp Routes (USDC.e / USDT.e / USDe.e / EURC.e sequence through 2026), ERC-7683 intents, pull-oracle price feeds, and verifiable randomness. Settlement-grade primitives shipping through 2026: AereProof v0 (verifiable on-chain compliance primitives, OFAC sanctions registry, Travel Rule SDK, Forta detection bots, all read-only, all public), AERE402 (agentic settlement layer for machine-to-machine payments on Lightning channels), and the 3 → 7 validator transition. Engineered as the chain no one can rug, immutable, admin-less economics independent of validator count.

01 · ChapterIntroduction

1.1 What the chain has to do

Institutional settlement requires three things at the same time: finality that is mathematical (not statistical), execution that is fully Ethereum-compatible (so the existing engineering surface ports without rewrites), and economics that are immutable (so the protocol's monetary policy cannot be changed by a privileged operator with a multisig and a press release).

Most public Layer 1 networks deliver at most two of those three. Probabilistic-consensus chains (Nakamoto-style proof-of-work and most proof-of-stake L1s) trade determinism for openness, every transaction is rewindable until enough blocks have stacked on top to make the rewind economically painful. Permissioned BFT chains deliver determinism but at the cost of EVM compatibility and a static, operator-controlled validator set. Custodial wrappers (centralised settlement layers, tokenised-deposit ledgers) wrap the determinism around a custodian, and a custodian is a single point of permission, capture, and political risk.

The settlement gap

A non-custodial public Layer 1 that runs the same EVM as Ethereum, finalises in 0.5 seconds with deterministic QBFT, and enforces its monetary policy through immutable contracts, no admin, no upgrade proxy, no withdraw. That is the gap AERE fills.

1.2 How AERE solves it

AERE pairs Hyperledger Besu QBFT consensus (deterministic finality, no probabilistic re-orgs, sub-second confirmation) with the full Pectra + Fusaka EVM ruleset (every Ethereum mainnet opcode, every precompile, every account-abstraction primitive). The result is an EVM L1 that institutional teams can adopt without rewriting any contract, while end-users get finality fast enough to feel like a card swipe.

02 · ChapterTechnical architecture

2.1 Key equations

The AERE architecture rests on a handful of explicit relations. They are stated here so a technical reader can check the claims rather than take them on faith.

Transaction throughput (single-chain QBFT)

TP = B / Tblock

TP = transactions per second; B = effective transactions per block (gas-limit / avg-tx-gas); Tblock = block time (0.5s on AERE). AERE executes on a single QBFT chain, there is no sharding. Higher throughput surfaces are delivered via L2 rollups (§2.4), not base-layer shards.

Gas calculation

Gtotal = Gbase + Gdata × Size + Gexec

Gtotal = total gas; Gbase = base gas (21,000 for a standard transfer); Gdata = gas per data byte; Size = data size in bytes; Gexec = contract-execution gas. Gas costs match the Pectra + Fusaka schedules.

Staking reward (fee-share, no emission)

Rstaker = (S / Stotal) × Tf × β

Rstaker = staker reward over the epoch; S = individual stake; Stotal = total stake in the sAERE pool; Tf = fees routed through AereSink during the epoch; β = STAKER-YIELD bucket share of Tf (set immutably at AereSink deploy time). AERE has no block subsidy, staking yield is paid entirely from fee flow.

Network security threshold

Tsecurity = ⌊(n − 1) / 3⌋

Tsecurity = maximum Byzantine validators the network tolerates; n = total validators. With n = 3 today, tolerance is 0 faulty nodes; the transition to 7 validators raises it to 2.

2.2 Consensus mechanism

AERE runs Hyperledger Besu QBFT (Quorum Byzantine Fault Tolerance), a BFT consensus with immediate finality and 0.5-second block production. QBFT is chosen for its predictable latency and deterministic finality (no probabilistic confirmations), the property that makes it suited to settlement, where a transaction must not be rewindable once confirmed. AERE runs 3 Foundation-operated validators today, with a public path to 7 and then 21 (§6). The network is not yet decentralised; this is stated plainly, not implied away.

2.3 Single-chain QBFT execution

AERE is a single-chain QBFT network, there is no base-layer sharding, no beacon chain, no parallel shard execution. All transactions execute on one canonical chain with deterministic 0.5-second finality. Higher aggregate throughput targets are addressed via Layer-2 anchors (§2.4 / §6.3), not by partitioning the base layer. This is intentional: shared single-chain state composes natively with EVM tooling, removes cross-shard atomicity edge cases, and matches the settlement use case AERE targets.

2.4 Multi-layer scaling architecture (forward-looking targets)

AERE's scaling roadmap stacks Layer-2 systems above the QBFT base chain. The list below is a forward-looking target stack with explicit per-line dates; current deployments are tracked in §6. See /benchmarks for methodology behind the up-to-273,000 TPS aggregate test result.

2.5 EVM compatibility

AERE ships full Pectra + Fusaka EVM parity. Solidity, Vyper, and any EVM-compatible language compile and execute identically to Ethereum mainnet, with no source modifications required for existing contracts. Compatible with Foundry, Hardhat, Remix; full integration with web3.js, ethers.js, viem, and all Ethereum client libraries; native support for MetaMask, Ledger, Trezor, WalletConnect, and every major Ethereum wallet.

Current EVM ruleset: Pectra + Fusaka (both activated 2026-05-31)

Chain 2800 runs the Pectra + Fusaka hardfork rulesets, functional parity with Ethereum mainnet's current EVM specification, both activated the same day via coordinated rolling validator restart on Hyperledger Besu v26.4.0. Zero downtime, no rollback.

Pectra-activated EIPs (block 2,075,363):

Fusaka-activated additions:

QBFT-specific notes: EIP-4788 parent_beacon_block_root is set to zero on every block (AERE has no separate consensus-layer beacon chain). EIP-4844 blob header fields are present but no blob transactions are produced or accepted; the point-evaluation precompile at 0x0A is present and is used by the on-chain KZG opening verifier (§5.7). Fusaka EIPs that are consensus-layer-only or rollup-only (PeerDAS, FOCIL, EOF) are no-ops on QBFT.

Cancun opcode set proven live on-chain

A canary contract, AereCancunCanary (0x8DbF…5498), demonstrates the full Cancun opcode set executing correctly on chain 2800: TSTORE/TLOAD (EIP-1153, including the cross-transaction auto-reset of transient storage), MCOPY (EIP-5656), PUSH0 (EIP-3855), and BLOBHASH / BLOBBASEFEE. Each returns the correct value under eth_call, and the deployed bytecode is inspectable via eth_getCode.

03 · ChapterTokenomics & burn engine

3.1 AERE token overview

AERE is the native token of chain 2800 and the only token on the chain, there is no wrapped stablecoin, no governance token, no liquidity-mining token. AERE pays gas, secures stake, and earns variable staking yield from protocol fee flow. AERE has no mining, no proof-of-work, and no block subsidy on QBFT. Total supply is fixed at 2.8 billion at genesis; no further minting can occur. Distribution is fully transparent on-chain, every AERE sits at one of six genesis-allocated reserve addresses, queryable via eth_getBalance.

3.2 Token distribution

The 2.8 billion supply was allocated at genesis-v2 (2026-05-07) to six reserve addresses, all visible on-chain and queryable in real time on the public RPC.

Verification: all six reserve addresses are listed on docs.aere.network and balances can be queried via eth_getBalance on rpc.aere.network at any block. The supply math is verifiable to the wei: total of all six reserves + burns + circulating EOAs = exactly 2,800,000,000 AERE.

3.3 Burn engine + sAERE flywheel

AERE's monetary policy is enforced by immutable on-chain contracts, not by a multisig with discretion. Every transaction fee that lands in the protocol passes through these contracts on confirmation; the percentages are set at deploy and cannot be changed by any operator, validator, or Foundation address. The Foundation cannot pause them, withdraw from them, or upgrade them, they have no admin role, no upgrade proxy, and no rescue function.

04 · ChapterDAO governance

4.1 Governance model

AERE's target governance design is a token-weighted DAO framework that lets AERE holders propose, vote on, and execute protocol-level changes. Decisions are bound by on-chain timelocks and supermajority thresholds rather than off-chain coordination. Votes are weighted by sAERE balance at snapshot block; holders may delegate voting power to a representative address, revocable per-block. Approved proposals are executed by the governance contract automatically after the 48-hour timelock expires, with no manual operator step. Security rests on NIST-grade cryptographic primitives (FIPS 186-4 ECDSA P-256, FIPS 180-4 SHA-256) plus mandatory timelock delays.

Honest status: on-chain governance is not yet operational

Token-weighted on-chain governance is not yet live. The network runs on 3 Foundation-operated validators, and protocol parameters plus Foundation-held reserves are administered by the Foundation today. Like the consensus set (3 validators, not yet decentralised, §2.2), governance is on the decentralisation path, not a claim it is already operational. The staking and delegation contracts are deployed, but binding token-weighted proposal execution is a roadmap item, not a shipped capability. The parameters below describe the target design.

4.2 Governance parameters (target design)

Note: the governance surface is scoped to protocol parameters. It cannot alter the immutable burn/router economics (§3.3), those contracts have no admin path, by design.

05 · ChaptersAERE · AereProof · AERE402

5.1 sAERE flywheel, non-custodial staking receipt

sAERE is the canonical staking receipt for AERE. Stakers deposit AERE and receive sAERE at deposit time; the conversion ratio drifts upward as protocol revenue accrues through AereSink. sAERE follows ERC-4626, the standard for tokenised vault shares. We structure it as a receipt instrument, consistent with the SEC's August 5 2025 staking-receipt guidance (the analysis applied to stETH); this is our position, not settled law. It is the one approved exception to the AERE-only-token rule.

Why a receipt token, not a new asset

Our position is that a non-rebasing ERC-4626 share is best characterised as a deposit receipt rather than a new asset, it is not a wrapped stablecoin or a governance token. It represents the depositor's underlying claim on the staking position and accrues real protocol revenue via the immutable AereSink, not via emission or inflation. This is a characterisation, not a legal determination; the regulatory status of staking receipts is unsettled and jurisdiction-dependent.

5.2 AereProof v0, verifiable on-chain compliance

AereProof v0 is a stack of verifiable on-chain compliance primitives, positioned as a public good and operated by the Foundation as a read-only service. The goal is to make institutional compliance integration verifiable from the chain itself, without requiring a centralised attestor or custodian intermediary.

Frontier: private ML and DePIN compute (honest status)

zkML Production, a real MNIST digit classifier: a 784→256→10 MLP running integer inference inside the SP1 zkVM, proving a classification while the input image stays fully private. It reaches 97.98% accuracy measured on the full 10,000-image MNIST test set, and a real Groth16 proof is verified on-chain. Deployed AereZKMLVerifier (0xf1BF…783c). Honest scope: this is an MLP, not a CNN; the 97.98% accuracy is measured off-chain across the 10,000-image test set, and one image is proven on-chain per proof.

AERE's on-chain post-quantum cryptography suite (Falcon-512, Falcon-1024, WOTS+, XMSS, ML-DSA / Dilithium-44, a hybrid ECDSA+Falcon authorizer, and a Falcon-512 finality-attestation layer that runs alongside QBFT) is detailed in §5.4.

DePIN compute market Production, AereComputeMarketV2 (0x33E3…ca32) is a fully operational compute marketplace paired with a real reference provider daemon: providers stake native AERE, requesters escrow payment, compute happens off-chain, results confirm (or auto-confirm after a window) and pay out; disputes go to Foundation arbitration with stake slashing. Three real jobs have been posted, claimed, run, and settled end-to-end on-chain with verifiable determinism. Honest scope: the rail is operational and anyone can run the provider daemon and earn, but large-scale GPU and compute supply is adoption-gated, growing as real hardware operators choose to join, the same way the validator set decentralizes over time.

5.3 AERE402, agentic settlement and AI infrastructure

AERE402 extends HTTP 402 (Payment Required) into a production settlement primitive for machine-to-machine economic interactions. Where REST APIs today rely on out-of-band API keys and centralised billing, AERE402 lets any HTTP-402 client or autonomous agent pay per call directly on-chain, with sub-second confirmation and the same execution guarantees as settlement, a standard payment interface, not a partnership with any specific model provider. The companion AereAgent runtime provides a Lightning-channel-style payment-channel layer for sub-cent settlement of high-frequency agent interactions. Off-chain ticks net to on-chain settlement at channel close, preserving full atomicity and dispute resolution. Deployed: AERE402Facilitator (0xbA6e…4E56), AereAgent (0xE963…3536).

Around that payment rail, AERE ships an agent-trust and AI-accountability layer, additive registries with no new token:

5.4 Post-quantum cryptography suite

AERE runs an unusually broad set of NIST post-quantum signature verifiers directly on-chain. We are not aware of any other public chain that verifies all of these signature schemes on-chain; we state this as a hedge, not an unqualified "world first". The honest distinction throughout is recording (a state-changing verifyAndRecord transaction fits under the L1 EIP-7825 per-transaction gas cap of 224) versus view-only (verification is correct and demonstrable through eth_call, but a recording transaction would exceed that per-tx cap). View-only does not mean simulated: each view-only verifier is validated bit-for-bit against official NIST vectors and returns true for valid signatures and false for tampered ones via eth_call on chain 2800.

Post-quantum finality attestation (not consensus PQC)

AereConsensusPQCAttestor (0xf368…87dD) is a post-quantum finality-attestation layer that runs alongside Besu QBFT. It does not replace ECDSA block signing: AERE blocks are still produced and signed by Besu validators with secp256k1 ECDSA exactly as today, so this is explicitly not "post-quantum consensus". What it adds is an independent, quantum-resistant record that a supermajority of validators vouched for a block, whose validity does not rest on the discrete-log problem. Each validator signs the block hash with its own Falcon-512 key; the contract verifies that signature in full on-chain via the live Falcon-512 verifier (about 10.1M gas per attestation) and marks the block post-quantum finalized at the two-thirds threshold. Authorship is the on-chain-verified Falcon signature, not the transaction sender (which is only an untrusted relayer paying gas). With three Foundation validators today the attestation is exactly as centralized as consensus is today, and it decentralizes as the validator set grows. A reference per-validator attestor daemon is provided.

5.5 Confidential compute via threshold MPC

AereConfidentialCompute (0x2120…c287) anchors a threshold multi-party-computation layer that evaluates an agreed arithmetic circuit over parties' private inputs. It uses real Shamir secret sharing over the BN254 scalar field and a real BGW multiplication gate (local degree-2d product, then re-share and reduce back to degree-d with the public Lagrange reduction vector), so no single node, and no colluding minority below the reconstruction threshold, ever learns any input; only the agreed public outputs are revealed. The deployed committee is 5 nodes with MPC reconstruction threshold 3 and an on-chain signature quorum of 4.

Honest threat model

The MPC runs off-chain. The contract verifies a quorum of committee ECDSA signatures over the EIP-712 canonical result and records it; the chain does not re-execute the MPC and does not itself verify input confidentiality (that comes from the secret sharing). The threat model is semi-honest (honest but curious): secure against a colluding minority below the threshold, but not malicious-secure, there are no SPDZ-style MACs or cheater detection, so a node that deviates is not cryptographically caught. No owner backdoor can forge a result. The committee is Foundation-run initially, as centralized as consensus is today, and decentralizes as it grows. This is a confidential arithmetic primitive (the demonstration circuit is a confidential quadratic-voting tally revealing only sum(v) and sum(v2)), not a general confidential VM or fhEVM. A TEE path is not built: the host is an AMD EPYC-Rome cloud guest with no usable SEV-SNP / TDX / SGX attestation, so the pure-software secret-sharing path is used, which needs no trusted hardware. Verified end-to-end on chain 2800 with a real committee session plus an on-chain adversarial probe (valid quorum accepted; insufficient or forged signatures rejected, shown both by eth_call and by transactions that mined with status 0).

5.6 Parallel execution, rollup validity, and token-bound accounts

Block-STM parallel executor. AERE ships a real Block-STM optimistic-concurrency parallel executor, written from scratch in Rust with no external crates (multi-version memory, dynamic dependency detection, abort and re-execute, keccak256 state root). It is benchmarked at about 8.6x to 9.3x on 16 cores for low-to-medium-conflict batches, and its correctness is proven: across 1200 randomized batches run at 1/2/4/8/16 threads, the parallel result equals sequential execution in every case. Honest scope: this does not make AERE's Layer-1 base execution parallel. The L1 runs Hyperledger Besu and executes transactions sequentially; parallelizing Besu itself is a Java execution-client fork and is out of scope. The executor is wired into the rollup sequencer instead: a rollup batch is a pure, well-defined, parallelizable workload, and the sequencer refuses to emit a state root unless the parallel and sequential runs agree. An opt-in read/write slot-hint registry for the scheduler, AereBlockSTMRegistry (0x98E2…8A28), is deployed on-chain (advisory only, no admin over others).

Rollup validity proof (proof of concept). AereRollupValidity (0x3877…7fbd) is the on-chain settlement anchor for SP1 Groth16 validity proofs of the rollup executor. Epoch 0 was recorded from a real SP1 v6 Groth16 proof, verified through the SP1 verifier gateway on-chain (submission under the per-tx gas cap), and its post-state root is byte-identical to the production Block-STM executor's root for the same batch. Honest scope: this is a proof of concept that proves the current bounded-VM executor (Transfer, Sweep, Increment, AmmSwap over a balance and storage map), not a full-EVM validity rollup. The contract has no owner; the verifier, program key, and genesis root are immutable, and epoch submission is permissionless, gated only by the zk proof and prevRoot continuity. The honest next step toward a full validity rollup is replacing the guest VM with a full EVM (revm), a separate multi-quarter effort.

ERC-6551 token-bound accounts. A canonical ERC-6551 registry (0x7fFd…EF68) and token-bound-account implementation (AereTokenBoundAccount 0xBc5e…F9E2) are live: an AereNFT can own a smart-contract wallet that holds assets, signs via EIP-1271, and executes calls (also ERC-4337 through the V2 EntryPoint). These are account and registry primitives, not tokens.

Verified contract source. Contract source is published and verified Sourcify-style: 34 contracts are source-verified, browsable on a public verified-contracts page, so anyone can match on-chain bytecode to the exact source and compiler settings.

5.7 Modular accounts, interoperability v3, and application-level building blocks

Modular ERC-7579 smart accounts (session keys and social recovery). A modular account factory, AereModularAccountFactory (0xE3f4…440E), deploys ERC-7579-style accounts with pluggable validator modules. Two modules are live: AereSessionKeyValidator (0x6e03…0D26) authorizes scoped, time-bounded session keys (a delegated key limited to specific targets and selectors, with an expiry), and AereSocialRecoveryModule (0x0775…D812) rotates the account owner through guardians behind a 48-hour timelock. Proven live: a userOp signed only by a scoped session key executed through the live AereEntryPointV2.

Hyperlane v3 interoperability with a working quoteDispatch. A real Hyperlane v3 deployment is live on the AERE side: a Mailbox (0x7BF1…605a) and an InterchainGasPaymaster (0x5e4B…744c), both owned by the Foundation multisig. quoteDispatch returns a real interchain gas quote and dispatch is wired end-to-end, upgrading the earlier Mailbox-compatible AereMessenger / AereIGP bus.

USDC.e Warp Route on Hyperlane v3. AereWarpRouteV3 (0x1f44…E098) rides the v3 mailbox above. Honest scope, stated plainly: the AERE side is live and proven (deployed, wired, reserve invariant tested end-to-end), while the Ethereum L1 leg still needs an L1 deployment and real ETH gas, so cross-chain flow is pending that bring-up. The two legs are separate.

Multi-prover ZK substrate (KZG and Halo2). Alongside the SP1 (Groth16 + Plonk) and RISC Zero routes, AereKZGVerifier (0x6596…C862) verifies a KZG polynomial-commitment opening by calling the live EIP-4844 point-evaluation precompile at 0x0A, and AereHalo2Verifier (0x414C…dC55) is a real on-chain Halo2 (PLONKish, KZG-backed) verifier. Recursion has been demonstrated at scale: the AereProofAggregator flow has folded 8 or more real SP1 child proofs into one Groth16 proof, gateway-verified on-chain; the guest and contract accept any N, so the limit is prover time and memory, not the design.

Application-level building blocks (honest scope)

Threshold-encrypted mempool. AereShutterMempoolV2 (0x1351…9310) is an application-level, opt-in anti-MEV proof of concept. A Besu QBFT L1 has no protocol-level encrypted mempool, so this is not an L1 base-layer feature: it is an app-level commit/reveal (encrypt to a keyper set, order the ciphertext, decrypt after a reveal delay) that dApps choose to use, not wired into consensus.

Storage-proof canonicity anchor. AereStateRootAnchor (0x78b4…57cb) anchors state and storage roots whose canonicity is derived from the BLOCKHASH opcode. Honest scope: BLOCKHASH reaches back only 256 blocks (about 128 seconds at 0.5-second blocks), and EIP-2935 (the historical-block-hash system contract) is not deployed on chain 2800, so there is no extended lookback window today; anchoring roots older than 256 blocks trustlessly would require EIP-2935 or an equivalent, which is not live here yet.

06 · ChapterDevelopment roadmap

6.1 Phase 1: Foundation, completed (May, Jul 2026)

6.2 Phase 2: Expansion (Jun 2026, Q1 2027), in progress

6.3 Phase 3: Innovation (Q2, Q4 2027), base-layer anchors live, scaling out

This tier distinguishes shipped contract from planned network. Live today: the base-layer anchor contracts, one production ZK-rollup anchor, one reference ZK system, and the Lightning / state-channel primitives. The multi-instance networks (8 optimistic rollups, 6 plasma chains, a full Lightning routing mesh, 15-operator ZK scale-out) are not yet built; they are ยง2.4 forward-looking targets with per-line dates, not a claim they run at target scale in production today.

6.4 2026 roadmap

6.5 Q4 2026, agentic + cross-chain

6.6 Q1 2027, scale + decentralisation

07 · ClosingConclusion

AERE is an EVM Layer 1 with 0.5-second deterministic QBFT finality, full Pectra + Fusaka parity, passkey-native account abstraction via the RIP-7951 secp256r1 precompile, and an immutable 37.5% per-transaction burn enforced at the protocol layer. Total supply is fixed at 2,800,000,000 AERE at genesis with no further minting possible. Distribution flows transparently through the scheduled, contract-mediated release of the reserves, ecosystem grants from the 560M AERE Ecosystem Reserve, team vesting, and airdrops, every reserve address is on-chain and queryable via the public explorer.

Through 2026 and into 2027, AERE ships the settlement-grade primitives that turn a fast EVM L1 into a public settlement layer with verifiable on-chain compliance: sAERE (an ERC-4626 receipt token we structure as a receipt instrument, consistent with the SEC's August 5 2025 staking-receipt guidance, our position, not settled law), AereSink (the immutable three-bucket revenue router), AereProof v0 (verifiable on-chain compliance primitives operated as a public good), cross-chain Warp Routes for USDC.e / USDT.e / USDe.e / EURC.e, and AERE402 (the agentic settlement layer for machine-to-machine payments).

Faster than thought. Final as math. Open as air.
The chain no one can rug.

08 · DisclosuresRisk factors & forward-looking statements

This whitepaper and all marketing communications referencing AERE Network contain forward-looking statements regarding the network's architecture, performance targets, validator decentralisation, custody model, ecosystem partners, and product roadmap. These statements reflect current expectations as of the date of publication and are subject to risks, uncertainties, and assumptions. Actual outcomes may differ materially. AERE Foundation undertakes no obligation to update forward-looking statements except as required by applicable law.

8.1 Current network state

8.2 Custody model

AERE Network itself is a non-custodial settlement layer. The chain does not custody user assets; AERE balances and contract state are controlled exclusively by private-key holders. Applications built on AERE may offer additional services, including custodial fiat services such as IBAN accounts, through licensed third-party partners (e.g. EMI-licensed BaaS providers). Where applicable, custodial services are subject to the partner's own authorisations and disclosures. Bank28 (a non-custodial neobank application built on AERE) is independently branded and operates under its own terms.

8.3 Regulatory status

AERE Network is a permissionless EVM Layer 1 blockchain. The AERE token is the network's native utility and gas token. Nothing in this whitepaper constitutes investment advice, an offer to sell, or the solicitation of an offer to buy any security or financial instrument. Token holders should independently verify the legal status of AERE in their jurisdiction before acquiring, holding, or transacting. For European users, AERE is communicated in accordance with Regulation (EU) 2023/1114 (MiCA); for UK users, communications follow the FCA's Cryptoasset Financial Promotions regime. AERE Foundation does not solicit users in jurisdictions where the offering or promotion of AERE would be prohibited.

8.4 Technology risks

8.5 Updates & contact

Material updates to this whitepaper, the contract registry, the validator set, and the custody model are published at aere.network/legal. Inquiries regarding regulatory status, audit reports, or partnership disclosures may be directed to the AERE Foundation at [email protected].

AppendixDeployed contract addresses (chain 2800)

Canonical mainnet addresses. All Ownable contracts are owned by the Foundation 0x0243A4f47D44b40b65D33f20329dE20D00c6f3C3. The immutable economic contracts (AereFeeBurnVault, AereSink) have no admin role, no upgrade proxy, and no withdrawal path by construction. Source of truth: docs.aere.network. Every address below is queryable on rpc.aere.network and explorer.aere.network.

Genesis reserves

AllocationAddressAmount
Strategic Investor0xaee2f3989f0AB23296Fa3b92247fe67587141311100M · off-chain
Foundation0x0243A4f47D44b40b65D33f20329dE20D00c6f3C3180M · chain admin / contract owner
Reserve (scheduled distribution)0x038f59A40ceeCd599A4588E4B0ff4642a0fbfFB81.4B
Ecosystem Reserve0xB6a364F47d21DC2CbEB803565c111c1026e11C75560M
Team Reserve0x7968C438204a78B4e032fcFFd9A56Edb15fdCCdf420M
Airdrop Reserve0x261913fA73D6F109382F1aE98Ff6822ff03628B1140M

Core & immutable economics

ContractAddressNote
WAERE0x7e84d7d66d5da4cfE46Da67CDEeB05B323e1f5e8ERC-20 wrapper for DEX integration
AereFeeBurnVault0x696afDF4f814e6Fd6aa45CE14C498ed9375fB2c637.5% per-tx burn; stateless, no admin
AereCoinbaseSplitter0xb4b0eCe9011613A5b84248a9B42a0f309E6F01Ec37.5% → burn vault, 62.5% → validator
AereSink0x69581B86A48161b067Ff4E01544780625B231676Immutable 3-bucket router 15/40/45
sAERE0xA2125bE9C6fd4196D9F94757Df18B3a2A5e650b0ERC-4626 receipt, 7-day drip
AereLockedStaking0x21108c28A849b05aE6b7a3a5bc435C9Bc897E7AdFixed-term staking (30/90/180/365d), holder yield, not delegation, not validation
AereLockedStaking0x21108c28A849b05aE6b7a3a5bc435C9Bc897E7Ad30d/90d/180d/365d locks
AereGovernanceStaked0x8D77C888e439C4fADb2e23F1567a0A1965F80bCbStake-weighted governance
AereMiningSubscription0xDad25d2163187DF8AAEcf9EA31b6355315Bb69f1On-chain name; scheduled reserve distribution, not PoW mining; 4 tiers, 30-day periods

Compliance & privacy (AereProof v0)

ContractAddressStatus
AereSanctionsRegistry0xb7d235718D99560F6EA4Fc5eAea2F8a306A3CacfProduction
ChainalysisOracleWrapper0x1B7Be82C80f368f75Cb3807B1bc05E86A498f85cProduction
AereTravelRuleHashRegistry0xcF0E2e010E6e4506672019b1e570874AEeBC4c84Production
AereZKScreen (v3)0x3A097A459FD26aC79573aCB5adB51430e473C2f1Production · zk allow-list + attributes
AereCompliancePoolV20xB144c923572E5Ac1B6B961C4ccfec36917173465Production · sanctions-enforcing privacy pool (V2; supersedes deprecated V1 0x7973…D41d)
AereCompliancePoolSP1Verifier0xE2D3fa91b680E835c971761ba75Fde0204AEF95ESP1 circuit vkey
AereAIProof0xFf92c669AbF4C1DAE31eBFCC017764036d9D97e6Production · EIP-712 model attestation
AereForensicEventRegistry0x4a7526A068e5DDE9788f6571E4A99095b14C6fffProduction

Post-quantum and frontier cryptography

ContractAddressStatus
AerePQCVerifier0x1cE2949e8cE3f1A77b178aF767a4455c08ec6F82Production · WOTS+ hash-based PQC (recording)
AereFalcon512Verifier0x4E8e9682329e646784fB3bd01430aA4bA54D8fFCProduction · NIST Falcon-512 verifier, KAT-validated (verify-only, recording ~10.5M gas)
AereFalcon1024Verifier0xF0aFA59BaB2058e4B6e6B424b7f76750F1F66e36NIST Falcon-1024, KAT-validated · VIEW-ONLY (recording exceeds per-tx gas cap)
AereXmssVerifier0x77b14E264D0bb08d304d4e0E527F0fCdFc88B112Production · RFC 8391 XMSS many-time hash-based (recording ~1.56M gas)
AereMLDSA44Verifier0xf1F7A6Acd82D5DAf9AF3166a2F736EE52C5F85AENIST ML-DSA-44 / Dilithium2 (FIPS 204), ACVP-validated · VIEW-ONLY
AereHybridAuth0xc20390C9656ECe1AE37603c84E395bC898b3FAA1Production · hybrid ECDSA + Falcon-512 authorizer (recording ~10.3M gas)
AereConsensusPQCAttestor0xf3681Aa6444F79562683C26f9d5c369A479c87dDFalcon-512 finality attestation ALONGSIDE QBFT (not consensus PQC; ECDSA still signs blocks)
AereZKMLVerifier0xf1BF15d5018a35D21FBB4Ec868f062DF7C06783cProduction · zkML MNIST classifier, 97.98% (one image per proof)
AereProofAggregator0x6a260238890E740dB12b371E0C5d17a2470F84C5Production · recursive proof aggregation, N=3 today
AereComputeMarketV20x33E3B06A7344f0B201fdD11B18bC244c84dbca32Production · DePIN compute marketplace (supply adoption-gated)

Confidential compute, parallel execution & token-bound accounts

ContractAddressStatus
AereConfidentialCompute0x2120350c124e4Cae2C9FfBB6E4942DB1d380c287Production · threshold-MPC result verifier (semi-honest; MPC off-chain; TEE not built)
AereRollupValidity0x38772063572DF94E90351e44ccbBEefD5F497fbdReal SP1 Groth16 validity proof anchor, epoch 0 · PoC (bounded-VM executor, not full EVM)
AereBlockSTMRegistry0x98E2C3e615841919d173D8FF642514c5902E8A28Opt-in r/w slot-hint registry for the Block-STM scheduler (advisory; L1 stays sequential)
ERC6551Registry0x7fFdA0AcDeB919938dB91dbEa779D841c833EF68Canonical ERC-6551 token-bound-account registry
AereTokenBoundAccount0xBc5e24180f3F75DC6b1965E4aaD3D4F184b6F9E2ERC-6551 account implementation (owned by the bound NFT)
AereCancunCanary0x8DbFC002bB23124cBeCd7B4916c179D2AFd65498Proves the Cancun opcode set live: TSTORE/TLOAD (incl cross-tx reset), MCOPY, PUSH0, BLOBHASH/BLOBBASEFEE
AereShutterMempoolV20x135100D523edA8D0AdC70e08af905dE5042A9310Application-level, opt-in anti-MEV threshold-encrypted mempool PoC (not a protocol-level QBFT feature)
AereStateRootAnchor0x78b40a983E89c91Aefd8A62Be709bDF25ABB57cbStorage-proof canonicity anchor · BLOCKHASH 256-block window; EIP-2935 not deployed, no extended lookback

zk-verifier stack (multi-prover)

ContractAddressNote
SP1VerifierGateway0x9ca479C8c52C0EbB4599319a36a5a017BCC70628Stable route target (SP1)
SP1VerifierGroth16_v6_1_00xb5456d48bFdA70635c13b6CBE1Ad0310Dc0171aDCurrent production Groth16
RiscZeroVerifierRouter0x3f7015BC3290e63F7EC68ecF769b00aB296a249CStable route target (RISC Zero)
AereKZGVerifier0x6596307BD8f54d9A91FE364EBC3e594F200AC862KZG point-evaluation opening verifier (uses the live EIP-4844 precompile at 0x0A)
AereHalo2Verifier0x414Cfe640B2770856d3D7262a7a3729f5c07dC55Real on-chain Halo2 (PLONKish, KZG-backed) verifier
AereProofRegistry0x0A9b09677DbE995ACfC0A28F0033e68F068517EeMulti-prover attestation log

Account abstraction & paymasters

ContractAddressNote
AereEntryPointV20x8D6f40598d552fF0Cb358b6012cF4227B86aF770ERC-4337-shaped EntryPoint
AerePasskeyAccountFactoryV20x5FFa9a6487DA4641a1A1e7900ff2bD4525D34fdAMulti-owner passkey accounts
AereModularAccountFactory0xE3f45Ed4a81f982fF25ad172A72456a1833a440EERC-7579 modular smart-account factory (pluggable validators)
AereSessionKeyValidator0x6e03A3D7A4c90d6f8dD6F0BA1F6e8aB1F8990D26ERC-7579 module: scoped, time-bounded session keys (proven via a session-key-only userOp)
AereSocialRecoveryModule0x077514DB2a85F239145537e8334CC99d42c9D812ERC-7579 module: guardian social recovery, 48h timelock
AereOnboardingPaymaster0x4058E406475Dbed7056Aee0c808f293F05fEa879Foundation-funded, hard-capped
AereTokenPaymaster0x217f56a5b0C7f35abe4D2fff924A6c13B85d7243Pay gas in whitelisted ERC-20
AereStakeQuotaPaymaster0xE50464ca7E8E7F542D1816B3172a2330cFE384E8Stake → daily free-tx quota
AereAppPaymasterFactory0xEC22603E8712cBc5c31E53370D10f1a80CcB4DF0Permissionless per-dApp paymaster

Cross-chain, oracle & randomness

ContractAddressNote
AereMessenger0xe54c2329f0786CFE3420c566B646148D25477325Mailbox-compatible message bus
AereIGP0x61B48615F490A23945988c92835eF35fdD86E837Interchain Gas Paymaster
Hyperlane v3 Mailbox0x7BF113Ab1BCd2b6da01804764065776e3057605aLive Hyperlane v3 mailbox, working quoteDispatch (owner = Foundation multisig)
Hyperlane v3 IGP0x5e4B8e9b196B1c7b3Be86148769aB0047c79744cHyperlane v3 Interchain Gas Paymaster (owner = Foundation multisig)
AereWarpRouteV30x1f44573684aB6bC617e7200A19b940b05e4EE098USDC.e Warp Route on Hyperlane v3 · AERE side live+proven, Ethereum L1 leg pending
AereSpokePool0xCAB1DBA5f6F06198000C20a974d675f1B3181AbDERC-7683 / Across-v3 compatible
AereERC76830x67Fb9830e3a2BC06cEb641cfF3beD87b273ccb29IOriginSettler
AerePyth0xb7F3354C1E0C5ef89D8b1072a3CEa7FFEf2FfE3FIPyth-compatible pull oracle
AereRandomnessBeacon0x25b6317efD8C7d425210F56Ee1E204852CD8213CThreshold-BLS drand consumer

DeFi, settlement & agentic

ContractAddressNote
AereSwapFactory0xf0a8df7BDc25721892475B21271e52D77B0e84DCV2 AMM factory
AereSwapRouter0x7526B2E5526EfA84018378b60F2844Dad77523D8V2-style periphery
AereSettlement0x9C2957b1622567B4802E4AFd4c42FB2ec70dE875CoW-style batch settlement
AereSettlementHub0x2a02fD80c16293D2B5D8a295F31D1a6E6a582c02Tokenized-asset rails
AereLendingMarket (sAERE/WAERE)0x2C2d39dB711C0A33De04Dc74b1E22f4760FD4bb0Engine proof market (no new token)
AereLendingOracle0xc0f18A567067F1B84BDf75eDEbFaDdCBb70A4C49Multi-source lending oracle
AERE402FacilitatorV20xFC2f7FAa94919caF1126b3c995F0F6AcCef291deHTTP-402 machine payments (V2; supersedes deprecated V1 0xbA6e…4E56)
AereAgentV20x3FAcb997eb4252341052e7c84a86fCa0513c4490Agent runtime / machine-account registry (V2; supersedes deprecated V1 0xE963…3536)
AereAgentBond0x32E0015F622a8719d1C380A87CE1a09bcd0cB86ASlashable agent bond; slashed WAERE burns via AereSink
AereAIReputation0x781ef746c08760aa854cDa4621d54db6734bfeBFComposable 0-10000 agent reputation
AereAgentMemoryVault0x309b56BDf0E3F6C10783eB76c0C02127F933D641Portable user-owned agent memory (no admin)
AereInferNet0xba76891DB84B9755613dE3A1c7F3902BB6bbf856EU AI Act Art.12 inference-log Merkle commitments (no PII)
AereFeeMonetizationV20xb560bdFB8b8B918012e6481e3bcF473c79c2a850Developer fee-share NFTs (V2; supersedes deprecated V1 0x6b62…dd98)
AereInsuranceFund0x5Ab95C549c2A2b07913Df7edD4a16fd108B7CAAC7-day cooldown, bad-debt coverage

© 2026 AERE Network · Whitepaper v2.0 · Foundation domiciled in Seychelles · Chain ID 2800 · RPC rpc.aere.network · This document contains forward-looking statements; see §8.

← Interactive whitepaper  ·  Open explorer  ·  LLM reference (llms-full.txt)  ·  Source on GitHub