-
Introduction
On-chain privacy witnessed a massive repricing event in 2025. Notably, Zcash saw substantial price discovery, driven by privacy awareness resurgence within the industry and significant advancements in cryptographic technologies, including Zero-Knowledge Proofs (ZKPs), Multi-Party Computation (MPC), Trusted Execution Environments (TEE) and Fully Homomorphic Encryption (FHE).
-
ZKPs: A method of proving the validity of a statement without revealing anything other than its validity, giving users the ability to publicly share proof of knowledge or ownership without revealing the details.
-
MPC: A cryptographic protocol, involving multiple parties jointly computing data by splitting it into “secret shares.” No single person ever sees the full data.
-
TEE: A hardware-based solution. It’s a secure “black box” inside a processor that isolates data while it’s being used.
-
FHE: An encryption scheme where computations can be made directly on encrypted data without ever decrypting it.
The market has moved away from “anonymity” toward “confidentiality,” a functional necessity in the transparent blockchains.
On-Chain Privacy mindshare surged in Q4 2025
Source: Dexu
1.1. The Privacy Paradox
The history of privacy cryptocurrency could be traced back to 2012, Bytecoin introduced CryptoNote, offering the ring signatures technique which later was used by Monero in 2014. In short, privacy is not a new concept in cryptocurrencies, but, in the early cycles, privacy cryptocurrencies were largely an ideological pursuit or a means of circumvention, and channels for bad actors to evade surveillance. The struggle of on-chain privacy in previous years can be attributed to three primary factors: technological immaturity, liquidity fragmentation and regulatory hostility.
Historically, cryptographic technologies faced scrutiny on high latency and cost inefficiency. Today, a “proliferation” of developer tools (zkDSLs) like Cairo and back-ends like Halo2 have made ZKPs accessible to mass developers. The trend of building zkVM (Zero-Knowledge Virtual Machines) on standard instruction sets like RISC-V is making the technology scalable and composable for a diverse range of application usages. MPC is no longer just for splitting private keys, with MP-SPDZ, it supports Arithmetic Circuits (Addition/Multiplication) and Boolean Circuits (XOR/AND), allowing general computation. Advancement in GPUs further benefit these technologies, for example, H100 and Blackwell B200 now support Confidential Computing, enabling AI models to be operated in a TEE. The biggest bottleneck in FHE, bootstrapping latency (the time to “refresh” the noise in an encrypted calculation so it can continue processing), has reduced from approximately 50ms in 2021 to less than 1ms in 2025, enabling real-time FHE-encrypted smart contract implementation.
The Evolution of zkVMs
Source: Succinct, Brevis
Furthermore, privacy was often isolated on specific blockchains, forcing users to bridge out of the existing vibrant ecosystem to achieve anonymity, which came at a high cost in transaction fees and the opportunity cost of capital. Today, privacy protocols such as Railgun can be integrated directly with DeFi applications, offering privacy as a shield against copy-trading and MEV extraction. Boundless, Succinct, Brevis and similar protocols provide ZKPs-as-a-Service to apps, while Arcium and Nillion help to build privacy preserving apps with MPC, Phala and iExec compute apps data in TEE without leaving their blockchain. Lastly, Zama and Octra empower apps to process FHE computation natively.
Railgun TVL
Source: DefiLlama
In the early days, blockchain needed transparency to gain legitimacy. Real builders had to distance themselves from hackers, money launderers, and other bad actors. In this environment, privacy features quickly became perceived as tools for dishonest players. Projects like Tornado Cash, while gaining traction from users who value privacy, put those same users in the position of commingling funds with illicit actors, unable to prove their own innocence. The result was a regulatory crackdown. Exchanges, in their pursuit of operating licenses, froze funds from cash mixers and delisted questionable privacy tokens. Ventures and institutional funds, wary of compliance officers, refused to hold them. On-chain privacy became the industry’s “criminal” feature. Today, economic sanctions on Tornado Cash have been lifted. The industry has coalesced around the concept of “compliant privacy”, by designing “viewable data” that is able to decrypt users own transactions with the source of funds by providing a “view key” to the auditors or regulators. This approach can be witnessed in both Tornado Cash and Zcash.
Significant changes in Tornado Cash fund flows on sanctions
Source: Dune
-
Current Privacy Use Cases
The early-day hiccups doesn’t mean privacy isn’t vital. Ask yourself a simple question: “Do you want your coffee purchase today to expose your entire 10-year investment history?” The majority of people would say no, yet the current blockchain setup does exactly this. As crypto legislation advances and more institutions are onboarded, these new institutional players are revisiting that question. Fortunately, the adoption of privacy technology in 2025 is driven less by ideology and more by functional utilities.
2.1. Shielded Transactions
Utilising the “viewable data” design, Zcash shielded supply increased from 12% in the beginning of 2025 to approximately 29% now. The demand was raised due to a combination of reasons like the increased speculative interest on ZEC token and organic desire to shield their transaction from the public. The mechanism to shield the transaction is called the Commitment-Nullifier Scheme, where senders can commit a shielded lockbox to a pool, the network will verify the committed fund using ZKPs to prevent double spending and create a new shielded fund lockbox for the receivers.
The shielded ZEC on Zcash
Source: ZecHub
One of the fastest growing sectors, crypto-neobanks, are actively exploring implementing private transactions for their users such as Fuse, Avici and Privily. Although some protocols use different approaches to mask the transactions on-chain.
2.2. High Performance Execution Environment
The ZK-rollups grew by 20% in 2025 based on Total Value Locked (TVL), offering a significantly cheaper execution environment compared to Ethereum layer-1. The rollups will bundle all the transactions on their networks into a tiny data blob and send it to sequencers for generating a proof to the underlying layer-1 for verification.
Major ZK-rollups Adoption: TVL Changes
Source: DefiLlama
ZK-rollups today offer comprehensive built-in privacy features such as private smart contracts on Aztec and ZKsync Interop which unify liquidity between ZK Chains and Ethereum.
2.3. MEV Protection
One of the most pervasive “hidden” use cases for privacy is the protection against Maximal Extractable Value (MEV). The transparent nature of blockchain allows the predatory bots to view transactions in a public mempool before confirmation and front-run or “sandwich” the trades to extract profit. Flashbot SUAVE is decentralising the block-building process by encrypting the mempools, where transactions remain encrypted until the block builder commits to including them. Unichain also launched TEE-based block building to ensure trades on the layer-2 cannot be front-run.
Percentage of transactions landed to Flashbot Protect
Source: Dune
2.4. Other Use Cases
Beside the major use cases mentioned, developers are actively exploring implementing on-chain privacy on their applications for optimisation and better user experience.
-
Orderbook: Hyperliquid whales such as James Wynn and Machi Big Brother are constantly experiencing liquidation hunting. Despite Hyperliquid’s founders arguing that transparency levels the playing field for market makers and leads to tighter spreads, the risk of being front-run or counter-traded is a significant net negative for whale traders. This has created an opening for Aster by providing privacy features such as hidden orders and new Shield Mode by 2026.
-
Identity: Certain activities such as neobank account applications and Initial Coin Offering (ICO) require verification of the identity of the applicants. Protocols such as idOS allows users to upload their KYC once and reuse on other compliant protocols seamlessly, zkPass helps provide users with Web2 credentials without revealing the detail, World ID proves the personhood of the users with hash of their iris, while ZKPassport verifies users’ identity without having the information leave the users’ own devices.SEC Chair Paul Atkins said that many types of ICOs should not be considered securities and thus fall outside the SEC’s jurisdiction. His stance potentially ignites more ICO fundraising in the near future, which increases the demand for encrypted-KYC.
-
Bridge: Cross-chain bridges have been vulnerable for exploitation in the history of blockchain, for example $624 million and $126 million were stolen from the Ronin Bridge and Multichain due to private key compromise. ZK-bridges minimise the trust assumption, instant finality once the proof is generated and verified, and scalable cost efficiency as volume grows. Polyhedra Network connects over 30 chains using zkBridge, and can be plugged-in as a “DVN” in the LayerZero V2 stack.
-
AI: ZK can help verify the outputs are generated based on the intended inputs and were processed by the specific model. Giza enables non-custodial agents to execute sophisticated DeFi strategies based on the verified generated output. While Phala uses Intel SGX enclaves to hold sensitive information like private keys securely in AI agents.
-
Key DeCC Ecosystem Categorisation
On-chain privacy often refers to Decentralised Confidential Computing Network (DeCC). Although the market usually favours categorising the protocols according to the underlying privacy technology, each privacy stack has its trade-offs and an increasing number of protocols adopt a hybrid approach to their privacy solutions. Therefore, it would be better to categorise them into Privacy-Blockchain, Privacy-Middleware and Privacy-Application.
Key DeCC Ecosystem Categorisation
3.1. Privacy-Blockchain
The “Privacy-Blockchain” category encompasses Layer-1 and Layer-2 networks where privacy mechanisms are enshrined to the consensus or execution environment. The core challenge for these networks is the “bridging barrier”. Users and liquidity must be enticed to migrate from established blockchains, and can be extremely difficult if there is no killer-app that makes the migration economically rational. Layer-1 privacy tokens typically are assigned a “Layer-1 premium”, as they are used as the security collateral to secure the network and gas token.
3.1.1 The Legacy and Evolution of Layer-1 Privacy
Zcash has historically been positioned as the Bitcoin with privacy in the sector. The network has a two-address system, offering users to switch between public and private transactions with “view keys” to decrypt the transaction detail for compliance purposes.
The protocol is transitioning from a Proof-of-Work (PoW) consensus to a hybrid model known as Crosslink, which integrates Proof-of-Stake (PoS) elements in 2026, providing faster finality than the original probabilistic finality of Nakamoto consensus. Following the halving in November 2024, the next halving event should be expected in November 2028.
Monero, on the other hand, maintains its default privacy approach, enforcing every transaction using Ring Signatures, Stealth Addresses and Ring CT. The design choice caused the majority exchanges to delist XMR tokens from the platforms in 2024. Additionally, Monero also experienced several hashrate attacks by Qubic in 2025, causing as long as 18-block reorganisation and erased about 118 confirmed transactions.
Secret Network is a TEE-powered privacy preserving Layer-1 built on the Cosmos SDK with viewing keys for access control since 2020. Secret positions itself not just as a standalone chain, but also provides TEE-as-a-Service for EVM and IBC chains. The team also focuses on delivering confidential computing in AI and explores combining Threshold FHE to the network.
Canton Network is backed by Wall Street giants such as Goldman Sachs, JP Morgan, Citi Ventures, Blackstone, BNY, Nasdaq, S&P Global and more. It is a Layer-1 blockchain designed to onboard the trillion-dollar RWA with a unique privacy feature called Daml Ledger Model. The parties in the Daml ledgers can only view a subset of ledgers that connect to their subnets, this model allows only the parties involved in the transactions to validate, non-related parties are literally unaware of the transactions.
Aleo is a ZK Layer-1 that uses proprietary Rust-based language, Leo, to compile code into ZK circuits. Users generate (or pay miners to generate) proofs for transaction executions off-chain then send only the cryptographic proof to the network.
Inco positions itself as a FHE Layer-1, while also providing FHE-as-a-Service to other chains via bridging and messaging protocols. The same feature enables the chain to serve deep liquidity without needing to bootstrap its own DeFi from scratch.
Octra is a high-performance FHE Layer-1. Octra builds its own proprietary cryptography from scratch called Hypergraph FHE (HFHE), allowing parallel processing during computation and achieving a peak throughput of 17,000 TPS on its testnet.
Mind Network utilises restaking protocols such as EigenLayer to secure a network of FHE validators. The protocol aims to create an end-to-end encrypted internet, HTTPZ, and enable AI agents to process encrypted data.
3.1.2. The ZK-Rollups
ZKsync has expanded beyond simple scaling to implement a range of comprehensive solutions like Prividium, ZKsync Interop and Airbender. Prividium allows companies to execute transactions privately while still using Ethereum for final security settlement. Airbender is a high-performance RISC-V zkVM Prover that generates ZK proofs in sub-seconds. While ZKsync Interop allows users to provide collateral on ZK Chains and borrow assets on Ethereum.
Starknet leverages STARKs (Scalable Transparent Arguments of Knowledge) for high-throughput scaling with a native account abstraction feature. Every account is a smart contract on Starknet, allowing stealth transactions to be executed using the account contract. The team also proposed a Layer-2 that settles on Zcash, Ztarknet, introducing a smart contract platform that benefits from the anonymity from Zcash.
Aztec operates as a native-privacy Layer-2 on Ethereum, utilising a UTXO-like note system for encrypted data and an account-based system for public data. Aztec’s Noir-based architecture relies on Client-Side Proving or Private Execution Environment (PXE), where users generate ZK proofs locally in their devices then send them to the network.
Midnight operates as a Partner Chain to Cardano, leveraging Cardano’s Stake Pool Operators (SPOs) for security while running its own execution layer. It is a ZK Layer-1 based on TypeScript and a selective disclosure feature. It uses ADA for security staking, unshielded NIGHT tokens for governance and staking for gas (DUST) generation, and DUST for gas tokens which are shielded by default.
Phala relies on TEEs like Intel SGX for privacy. The protocol has pivoted to an AI coprocessor model, allowing AI agents to run inside TEEs and manage private keys, and migrated from Polkadot Parachain to Ethereum Layer-2 using OP Succinct stack collaborating with Succinct and Conduit.
Fhenix is the first fhEVM Layer-2 on Ethereum, bringing encrypted computation to the Ethereum ecosystem. The transactions performed on the chain are protected from MEV, because the transaction inputs are encrypted in the mempool.
3.2. Privacy-Middleware
The “Privacy-Middleware” protocols operate on a Privacy-as-a-Service (PaaS) model, providing the computational muscle for proof generation, encryption or verification. This sector competes fiercely on latency, cost efficiency and network support.
Boundless is the “Universal ZK Compute Layer” incubated by RISC Zero, a decentralised marketplace for ZK-proving. It allows any blockchain or application to outsource the heavy proving computation to Boundless.
Succinct Labs is the direct competitor to Boundless, positioning itself as the high-performance prover network. It adds specialised circuits for common tasks like hashing and signature verification to its zkVM, SP1, making its proof generation faster and cheaper.
Brevis serves as the ZK Coprocessor that allows smart contracts to query the historical data from any blockchains trustlessly. Today, Brevis expands to general-purpose zkVM with Pico, in addition to precompiling for heavy workload, the coprocessor can be integrated as a specialised circuit as well.
Arcium operates as a tunable performance MPC solution to applications across any chains, despite using Solana for staking, slashing and node coordination.
Nillion also provides high performance MPC services to applications. Its Nil Message Compute (NMC) and Nil Confidential Compute (nilCC) enables sharded data to be computed without messaging each other during the calculation phase and secure inside TEEs.
iExec RLC has been a long-standing DePIN protocol since 2017, providing cloud computing resources. Today, it shifts its focus to TEE-based confidential computing, enables training or querying AI models without revealing data inputs, and provides privacy tasks for chains such as Ethereum and Arbitrum.
Marlin has also undergone a significant pivot from being a CDN for blockchains to a confidential computing layer (Oyster), and a ZKPs marketplace built on top of its compute layer (Kalypso).
Zama is the leading FHE protocol that builds fhEVM, TFHE-rs and Concrete, which are used by protocols such as Fhenix and Inco. Zama also provides FHE-as-a-Service on existing public blockchains. It also plans to integrate FHE into zkVM with the recent acquisition of Kakarot.
Cysic builds the physical hardware (ASICs) to accelerate ZKPs generation, reducing proof generation time from minutes to milliseconds. Users can request proof generation from ZK Air (consumer-grade) or ZK Pro (industrial-grade ASIC).
3.3. Privacy-Application
This is the biggest category among Privacy-Blockchain and Privacy-Middleware, and the listing in this article only shows a fraction of them. The protocols here utilise ZK, MPC, TEE or MPC to improve their products’ user experience. The successful applications will abstract away the privacy preserving complexity and deliver actual product-market fit solutions.
Tornado Cash is the original decentralised and immutable mixer. The protocol was sanctioned by the US Treasury in 2022 and later lifted the sanction in early 2025. Despite that, it remains as a high risk tool for compliant entities.
Railgun is widely known to be endorsed by Vitalik Buterin. It offers a voluntary disclosure shielded transaction solution beyond Tornado Cash by integrating users’ “lockboxes” with DeFi protocols such as Uniswap or Aave. Although its shielded assets are only about 20% of Tornado Cash, it is still widely considered the potential contestant to Tornado Cash.
World (formerly Worldcoin) utilised iris scanning to establish “Proof of Personhood”, where biometric data is encrypted and only the ZKPs are sent to the network. World ID becomes an efficient tool to differentiate from bots and AIs.
zkPass uses a third-party TLS handshake to allow users to generate proofs of their personal identities and media profile data, gaining access to gated applications without revealing the private information.
Privy enables users to seamlessly sign in to decentralised applications with their email or Web2 accounts, creating MPC wallets for users with keys split between users’ devices and a secure server. This essentially removes the cumbersome seed phrase backup and significantly improves user experience.
Aster partnered with Brevis to build its Aster Chain, providing private trading features on top of its current Hidden Orders. The protocol roadmap shows Aster Chain is expected to launch in Q1 2026.
Malda is a unified liquidity lending protocol, leveraging Boundless to prove and manage users’ lending and borrowing positions across multiple blockchains.
Hibachi provides high frequency decentralised perpetual exchange and utilises Succinct to prove its off-chain Central Limit Order Book (CLOB) to be verified on-chain.
Giza brings machine learning to smart contract, allowing smart contract to run verified output from the intended AI models. This enables AI-powered DeFi strategies to be executed on-chain without manipulation.
Sentient is a AI specialised Layer-1 (powered by Polygon CDK) which aims to create an open AGI platform and rewards contributors accordingly. AI model owners upload their specialised AI models to the network and be rewarded depending on the usage. The models on the platform have cryptographic fingerprinting to ensure certain outputs are generated by the specific model. It has also built the Sentient Enclaves Framework, which leverages AWS Nitro Enclaves to enable confidential computation in AI models, masking the users’ prompt and model’s internal state from node operators.
-
The Current Trend and Future Outlook
4.1.1. The Rise of Privacy Middlewares
We are witnessing a shift away from monolithic privacy chains toward modular privacy layers. Instead of migrating to privacy blockchain, protocols can be deployed to any established blockchains such as Ethereum and Solana while accessing privacy services via smart contracts, minimising the barrier to access the protocols. Additionally, as the demand for privacy features increases together with the privacy awareness in the sector, privacy middlewares are the ultimate beneficiaries as it is economically irrational for many startup protocols to run their own computationally heavy confidential computing frameworks.
Number of proofs requested and fulfilled on Succinct
Source: Dune
4.1.2. The Hybrid Solution
The current privacy-enhancing technologies have their own limitations. For example, ZKPs cannot perform computation on encrypted data, MPC may have constrained latency with large number of participants, TEE could be compromised via fault injection and side-channel attacks (where attackers get physical hardware access), and complex calculations could take longer in FHE computation and higher risk of data corruption by accumulated noise. Therefore, more protocols are favoured to hybridise their privacy tools or to design specialised hardware for optimised computation.
4.1.3. Confidential and Verifiable AI
The global AI-related capital expenditures are estimated to hit $3 trillion according to Morgan Stanley. As AI demand is expected to expand in 2026, confidential and verifiable AI has emerged as a massive trend in 2025 and is expected to scale in 2026. Confidential model training on sensitive data such as medical and financial records could be another significant milestone for the decentralised AI sector.
4.1.4. Privacy DePIN
Decentralized Physical Infrastructure Networks (DePIN) utilize privacy techniques to secure user data. For example, a DePIN project collecting mapping data from user dashcams needs to strip personal identifiable information (PII) like faces and license plates.
4.2. Institutional Initiatives
-
Circle launched USDCx on Aleo Testnet, enabling encrypted stablecoin transfer with configurable compliance and minimal trust assumption.
-
Chainlink introduced Confidential Compute within the Chainlink Runtime Environment, allowing institutions to perform private transactions, confidential data distribution, privacy-preserving identity and more.
-
Coinbase is building a private transaction feature on Base with the talents from the acquired Iron Fish team.
4.3. The Regulatory Environment
The European Union’s Anti-Money Laundering Regulation (AMLR) and the Financial Action Task Force (FATF) both mandate Crypto-Asset Service Providers (CASPs) to identify the origin and beneficiary information with a transaction. The “view key” privacy approach is designed to share with the CASPs when transacting with the exchange.
The US Treasury lifted economic sanctions against Tornado Cash, after a US appeals court found that OFAC had overstepped its authority. However, the US Treasury still views crypto mixers as a primary vector for illicit finance activities, Tornado Cash founders’ appeals are still ongoing. The upcoming “innovation exemption” and CLARITY Act might provide better guidance for privacy protocol developers.
-
Ending Thoughts
The era of privacy tokens without “view key” is likely drawing to a close. The industry is betting this “selective disclosure” approach will be accepted as a sufficient compromise. If regulators later reject this approach, it could force networks to opt into “Regulated Permissioned Chains” for anonymity.
The maturation of the privacy-enhancing technologies is the key that unlocks the “trillions” in traditional finance. Bonds, securities, and corporate payrolls cannot live on a transparent chain. As these protocols prove their robustness in 2025, we expect the first major “Private RWA” pilots to launch on one of the networks mentioned previously in 2026.
Google trend on “blockchain privacy” in the past 5 years
Source: Google
The hype of blockchain privacy may cooldown momentarily, but the demand for privacy features on application level is expected to increase steadily, significantly improving the user experience to attract the mass non-crypto native audience. This is the moment on-chain privacy transforms from a “Nice-to-Have” to a “Must-Have.”
-
References
