We formalize a cross-domain "ZK coprocessor bridge" that lets Solana programs request private execution on Aztec L2 (via Ethereum) using Wormhole Verifiable Action Approvals (VAAs) as authenticated transport. The system comprises: (i) a Solana program that posts messages to Wormhole Core with explicit finality; (ii) an EVM Portal that verifies VAAs, enforces a replay lock, parses a bound payload secretHash||m from the attested VAA, derives a domain-separated field commitment, and enqueues an L1->L2 message into the Aztec Inbox (our reference implementation v0.1.0 currently uses consumeWithSecret(vaa, secretHash); we provide migration guidance to the payload-bound interface); (iii) a minimal Aztec contract that consumes the message privately; and (iv) an off-chain relayer that ferries VAAs and can record receipts on Solana. We present state machines, message formats, and proof sketches for replay-safety, origin authenticity, finality alignment, parameter binding (no relayer front-running of Aztec parameters), privacy, idempotence, and liveness. Finally, we include a concise Reproducibility note with pinned versions and artifacts to replicate a public testnet run.

翻译：我们形式化了一个跨域的“ZK协处理器桥”，它允许 Solana 程序使用 Wormhole 可验证操作批准（VAA）作为认证传输，请求在 Aztec L2（通过以太坊）上进行私有执行。该系统包括：（i）一个向 Wormhole Core 发布具有明确最终性消息的 Solana 程序；（ii）一个 EVM Portal，用于验证 VAA、强制执行重放锁、从经过认证的 VAA 中解析绑定的有效载荷 secretHash||m、推导出域分离的字段承诺，并将 L1->L2 消息排入 Aztec Inbox（我们的参考实现 v0.1.0 目前使用 consumeWithSecret(vaa, secretHash)；我们提供了迁移到有效载荷绑定接口的指南）；（iii）一个私有地消费该消息的最小化 Aztec 合约；以及（iv）一个离网中继器，用于传输 VAA 并可在 Solana 上记录回执。我们提出了状态机、消息格式以及关于重放安全性、来源真实性、最终性对齐、参数绑定（防止中继器对 Aztec 参数进行抢先交易）、隐私性、幂等性和活跃性的证明概要。最后，我们包含了一份简明的可复现性说明，其中包含了固定的版本和构件，用于复现公共测试网的运行。