# build a private smart contract app

> Aztec is the direct fit for private smart contracts because it provides a privacy-first L2 with private functions, private state, and hybrid public/private execution. Railgun and Privacy Pools are better for token shielding on existing EVM chains, while MACI is specialized for private voting.

## Recommended stack

- **Aztec** (settlement_or_execution) — readiness 70/100, difficulty high — Use Aztec for private smart contracts, private functions, private state, and hybrid private/public execution.
- **Semaphore** (wallet_and_identity) — readiness 85/100, difficulty medium — Use Semaphore when the app also needs anonymous group membership or private access/signaling outside core Aztec contract state.
- **Helios** (indexing_and_data) — readiness 89/100, difficulty medium — Use Helios or a user-controlled RPC strategy for privacy-sensitive Ethereum-side reads where local verification matters.

## Considered and excluded

- railgun — Good for private token flows and private DeFi on existing EVM chains, but not for writing new private smart contracts.
- maci — Best for private voting, not general private application state.

## Risks

- Aztec is not EVM compatible; teams must learn Aztec.nr, aztec.js, PXE, and Aztec deployment flows.
- Private/public state boundaries need explicit design or metadata can leak through public calls, timing, events, or L1/L2 messages.
- Tooling and network status should be verified against current Aztec alpha/testnet documentation before production planning.
- Private UX needs account recovery, note management, proof generation, and user education beyond ordinary EVM app UX.

## Next steps

- Write the privacy model: which state is private, which state is public, and which metadata can still leak.
- Set up the Aztec local network and deploy a minimal token or counter contract to validate toolchain compatibility.
- Prototype private functions, public functions, and L1/L2 messaging separately before composing them into the app.
- Decide whether Semaphore is needed for anonymous membership/access outside Aztec contract state.
- Add tests that assert privacy boundaries, not only functional correctness.

## What the agent receives

```json
{
  "intent": "I want to build an app with private smart contracts and private state",
  "matched_intent": "build-private-smart-contract-app",
  "recommended_stack": [
    {
      "slug": "aztec",
      "name": "Aztec",
      "role": "settlement_or_execution",
      "readiness_score": 70,
      "integration_difficulty": "high",
      "reason": "Use Aztec for private smart contracts, private functions, private state, and hybrid private/public execution."
    },
    {
      "slug": "semaphore",
      "name": "Semaphore",
      "role": "wallet_and_identity",
      "readiness_score": 85,
      "integration_difficulty": "medium",
      "reason": "Use Semaphore when the app also needs anonymous group membership or private access/signaling outside core Aztec contract state."
    },
    {
      "slug": "helios",
      "name": "Helios",
      "role": "indexing_and_data",
      "readiness_score": 89,
      "integration_difficulty": "medium",
      "reason": "Use Helios or a user-controlled RPC strategy for privacy-sensitive Ethereum-side reads where local verification matters."
    }
  ],
  "excluded_candidates": [
    {
      "slug": "railgun",
      "reason": "Good for private token flows and private DeFi on existing EVM chains, but not for writing new private smart contracts."
    },
    {
      "slug": "maci",
      "reason": "Best for private voting, not general private application state."
    }
  ],
  "risks": [
    "Aztec is not EVM compatible; teams must learn Aztec.nr, aztec.js, PXE, and Aztec deployment flows.",
    "Private/public state boundaries need explicit design or metadata can leak through public calls, timing, events, or L1/L2 messages.",
    "Tooling and network status should be verified against current Aztec alpha/testnet documentation before production planning.",
    "Private UX needs account recovery, note management, proof generation, and user education beyond ordinary EVM app UX."
  ],
  "next_steps": [
    "Write the privacy model: which state is private, which state is public, and which metadata can still leak.",
    "Set up the Aztec local network and deploy a minimal token or counter contract to validate toolchain compatibility.",
    "Prototype private functions, public functions, and L1/L2 messaging separately before composing them into the app.",
    "Decide whether Semaphore is needed for anonymous membership/access outside Aztec contract state.",
    "Add tests that assert privacy boundaries, not only functional correctness."
  ],
  "generated_with": "composewith.eth",
  "registry_version": "2026.06.10-8752c9d"
}
```

---
Canonical: https://composewith.eth/intents/build-private-smart-contract-app