State of Privacy on Ethereum for Enterprise

State of Privacy on Ethereum

for Enterprise

Privacy Working Group

Mapping financial institution requirements to Ethereum privacy solutions — a cross-institutional analysis by 17 experts across 11 organizations.

Organization

Enterprise Ethereum Alliance

Edition

Version 1 · April 2026

solutions reviewed

addressable market

$700T+

Contributing Organizations

Consensys

COTI

Kaleido

Polygon

ZKsync

Applied Blockchain

Ethereum Foundation

Opening Statement

Evidence-Based
Version 1

This is Version 1 of a recurring report series from the Enterprise Ethereum Alliance (EEA) Privacy Working Group. It maps the current landscape of enterprise privacy on Ethereum, drawing on six months of work — beginning November 2025 — by experts across 8 organizations: Applied Blockchain, Consensys, COTI, EY, Kaleido, Polygon, ZKsync/Matter Labs, the Ethereum Foundation and the EEA. The work synthesized technical documentation and deployment evidence.

The privacy space on Ethereum is evolving rapidly. New implementations launch and existing ones mature almost weekly. This document is therefore a snapshot, with a defined scope: the major privacy implementations contributed by EEA member organizations, where solution characteristics can be supported by live pilots or named enterprise deployments. The same evidence rubric applies to every member.

This report aims to stay as non-technical as practical — but the topic resists oversimplification. At the EEA we believe the only way to arm a reader against buzzwords is through education. The report links throughout to reference work from neutral organizations such as the Ethereum Foundation's Institutional Privacy Task Force (IPTF), whose IPTF Privacy Map offers a near-holistic mapping of known institutional privacy work.

Implementations outside this version exist — non-member projects, academic primitives, and recently launched solutions still being evaluated. The most prominent are listed in Additional Privacy Solutions at the end of the report. Future versions will expand coverage as the space matures, as more evidence accumulates, and as additional organizations engage with the working group. Inclusion is a function of evidence and engagement, not endorsement. Participation in the Privacy Working Group is open to EEA member organizations. If you are interested in joining, apply for EEA membership →

Executive Summary

Key
Findings

The Challenge

Financial institutions are increasingly deploying tokenized assets on Ethereum, but public blockchains expose all transaction data by default—amounts, counterparties, and business relationships are visible to anyone monitoring the network. This transparency creates a critical barrier: enterprises cannot move trillion-dollar bond markets, derivatives positions, or proprietary trading strategies onto infrastructure where competitors and adversaries can observe every move.

Privacy and confidentiality are not features — they are prerequisites for enterprise adoption.

What This Report Provides

The Enterprise Ethereum Alliance Privacy Working Group mapped the current enterprise privacy landscape on Ethereum. Seven member organizations contributed their solutions, creating the first evidence-based view of privacy capabilities aligned to enterprise requirements:

COTI

Garbled Circuits for programmable privacy

Linea Enterprise (Consensys)

Private Validium with ZK proofs

Nightfall

Open-source ZK protocol for confidential tokens

Paladin

Modular privacy framework

Prividium

Permissioned ZK Layer 2

Polygon CDK

Configurable privacy spectrum

Silent Data (Applied Blockchain)

TEE-based programmable privacy

Key Findings

Privacy has multiple dimensions – transaction amounts, counterparty identities, business logic, and regulatory access all require different technical approaches. No single solution covers all requirements. Different solutions protect different aspects of operations using distinct trust models: cryptographic proofs (ZK), secure hardware (TEEs), multi-party computation (MPC), or organizational controls.

Who Should Read This

This paper is designed for CIOs, compliance officers, and digital asset leads who need to evaluate privacy options for tokenized asset deployments. It provides a practical framework to understand what exists, how each approach works, what trust assumptions apply, and what implementation requires – enabling institutions to make informed decisions for their specific regulatory and operational needs.

Bottom Line

The enterprise privacy landscape on Ethereum is maturing rapidly , with live deployments and pilots already covering tokenized funds, central bank programs, and private trading platforms. This report maps the territory so institutions can navigate from experimentation to implementation.

Research Methodology

Our
Approach

Before examining the solutions themselves, it is important to understand how this assessment was conducted. The following methodology explains how each privacy solution was evaluated and how readiness classifications were determined.

The findings in this report were developed within the EEA Privacy Working Group over six months, beginning November 2025, in collaboration with leading cryptographic and enterprise blockchain organizations. The methodology drew on vendor-provided technical documentation and publicly verifiable deployment evidence. The working group sought to cross-check vendor claims where possible, and to establish a shared, precise language for describing privacy capabilities — one that means the same thing across vendors and can be applied consistently in future editions.

The working group was led by a steering committee comprising:

Applied Blockchain / Silent Data

Consensys / Linea

COTI

Kaleido

Polygon

ZKsync / Matter Labs

01 — Input

Technical documentation

Vendor-provided documentation and publicly verifiable deployment evidence.

02 — Process

Cross-institutional review

Cross-review of privacy primitives and vendor claims across all working group members.

03 — Output

Shared language

A common vocabulary for describing privacy capabilities consistently across vendors and future editions.

Scope and Approach

This is Version 1 of a recurring report series. It is an ecosystem mapping and overview — not independent testing, benchmarking, or vendor validation. Assessments are based on publicly available information, including provider documentation, case study announcements, and verifiable deployment references. Solution profiles reflect provider-stated capabilities.

Enterprise Privacy Problem:

The Barriers to Public Blockchain

The
Challenge

With the methodology established, we now turn to why privacy matters in the first place. Understanding the specific barriers that prevent enterprise adoption is critical to evaluating which solutions address real business needs.

For enterprises, the transparency that defines public blockchains is a "double-edged sword." While it provides immutable trust, it simultaneously creates a critical confidentiality deficit. The primary issues include:

Exposure of Business Logic

On a public ledger, smart contract interactions can reveal sensitive business logic, trade secrets, and proprietary algorithms to competitors.

Lack of Financial Discretion

Publicly visible transaction amounts and wallet balances are incompatible with corporate treasury requirements and high-stakes financial maneuvers.

Regulatory Non-Compliance

Regulations such as GDPR and MiCA require strict controls over data access and the "right to be forgotten," which are fundamentally at odds with a permanent, public, transparent ledger.

Impact on Financial Strategy

Visibility into transaction flows allows for front-running and "MEV" (Maximal Extractable Value) exploitation, which erodes the profitability of institutional trading strategies and introduces unacceptable threat actors.

Institutional Trust Requirements

Institutions require an infallible level of trust in their financial products and instruments. The option for confidentiality is a requisite to preserve this trust in the process of tokenized assets. Without robust privacy, the public blockchain remains a "read-only" experiment for the world's largest enterprises.

Privacy Addressable Market

Market
Opportunity

Having identified the barriers, it's important to quantify the opportunity. The following sectors represent the economic scale that privacy-preserving technology can unlock on Ethereum.

The transition of institutional assets to the blockchain represents a multi-trillion-dollar opportunity. Privacy is not just a feature, it is the key that unlocks these sectors:

bond market

$100T+

Global Finance (TradFi)

The total addressable market for private decentralized finance (DeFi) includes the $100T+ global bond market and the $600T derivatives market, both of which require strict transaction privacy.

derivatives

$600T

Supply Chain & Logistics

Protecting the identity of suppliers and the pricing of raw materials is essential for maintaining competitive advantages in global trade.

healthcare

Multi-T

Healthcare & Data Sovereignty

The secure, private exchange of patient records and genomic data requires a "Privacy-First" architecture to meet global compliance standards.

Taxonomy of Privacy Approaches

in the Ethereum Ecosystem

Technical

Foundations

A common vocabulary for understanding how enterprise privacy on Ethereum is implemented across six foundational approaches.

FHE

Fully Homomorphic Encryption

Computation on encrypted data without ever decrypting it.

Garbled Circuits

Secure computation over encrypted inputs without exposing data to any party.

MPC

Multi-Party Computation

Compute jointly over private inputs without any party seeing all data.

tee

Trusted Execution Environments

Hardware-secured enclaves for isolated computation.

ZKP

Zero-Knowledge Proofs

Prove a statement is true without revealing underlying data.

Privacy Groups

Sub-networks visible only to designated participants.

06.b

Privacy-Related Ethereum Standards

Interoperable

Building Blocks

Beyond cryptographic primitives, the Ethereum ecosystem has standardized interoperable interfaces for privacy-preserving transactions. These standards define building blocks upon which enterprise privacy solutions are constructed — they do not provide end-to-end privacy on their own.

Standards in this section sit at different levels of deployment readiness — think of them as a railway.

ERC-5564 and ERC-6538 are rails. They are laid on Ethereum mainnet, but not on ZKsync, Polygon CDK, COTI, Linea, Silent Data, or Prividium — those chains' documentation does not reference them. Adding them on EVM-equivalent L2s is light work. Even on mainnet, the rails are only half the system: a usable stealth-address experience also needs wallet and SDK software on top — that's the train, and it's a separate, larger build.

ERC-7984 is a train design. It only runs if the chain has installed the right engine — today, Zama's fhEVM — which is currently configured for Ethereum mainnet and must be ported chain by chain.

EIP-8105 is not rails or a train. It changes the railway itself — Ethereum's underlying transaction layer. It is a draft, not live anywhere, including mainnet.

ERC-5564

Stealth Addresses

Generates one-time addresses for private transfers. Enables recipient privacy without prior interaction.

Spec Implementation

ERC-6538

Stealth Meta-Address Registry

Provides a registry to discover stealth recipients. Enables senders to generate private addresses without direct contact.

Spec Implementation

ERC-7984 Draft

Confidential Fungible Token

Supports confidential balances and transfer amounts. Enables privacy-preserving tokens using FHE, ZK, or TEEs.

Spec Reference Implementation Discussion

EIP-8105 Draft

Encrypted Mempools

Encrypts transactions before inclusion to reduce front-running and MEV exposure. Particularly relevant for institutional execution.

Spec Hegotá Proposal Announcement

The Ethereum Foundation's

Privacy Roadmap

Foundation
Initiatives

While member solutions address immediate enterprise needs, the Ethereum base protocol is also evolving. Understanding where the Ethereum Foundation is heading with privacy infrastructure helps contextualize these enterprise solutions within the broader roadmap.

Track 01

Private Proving

Application Layer

Enabling users to prove facts about themselves without revealing underlying data.

Track 02

Private Writes

Transaction Layer

Enabling confidential actions on Ethereum mainnet. Developing infrastructure for private transfers, precompiles, and SDK integrations for privacy-first wallets.

Track 03

Private Reads

Network Layer

Tackles metadata leakage from reading state. Developing Private Information Retrieval (PIR). Target: privacy alternatives across major RPC providers within 12 months.

The Institutional Privacy Task Force

The Institutional Privacy Task Force (IPTF) is a team within the Ethereum Foundation that studies the privacy requirements of institutions using or evaluating Ethereum. Its outputs are public: a map of patterns, approaches, use cases, vendors, and jurisdictions; a set of open-source proof-of-concepts and writeups that document the design choices and tradeoffs for each implementation. Everything is released under CC0 and maintained in public GitHub repositories.

IPTF and the Ethereum Foundation's PSE team work in parallel. PSE focuses on protocol-level privacy primitives: private proving, private writes, and private reads. IPTF starts from specific institutional requirements such as, but not limited to, regulated payments, tokenized bonds, identity attestation, and cross-border settlement, and compares them against what the current ecosystem can deliver.

Evaluations in the map apply four properties the Ethereum Foundation treats as requirements for public infrastructure: Censorship Resistance, Open Source and Free Software, Privacy, and Security (CROPS). The same framework is applied to EF-adjacent work and to third-party vendor work. Patterns and approaches also distinguish between Institution-to-Institution (I2I) and Institution-to-End-User (I2U) contexts, since the power dynamic between counterparties changes what "privacy" should mean in each case.

Contributors include researchers and engineers from inside and outside the Foundation.

iptf.ethereum.org ↗ IPTF Map ↗ IPTF PoCs ↗

Trust Models of Enterprise

Privacy Solutions

Security
Foundations

Privacy technologies rely on different security assumptions. Before selecting a solution, enterprises must understand who or what they are trusting, under what conditions that trust can fail, and how those risks align with their regulatory and operational requirements.

Trust models of enterprise privacy solutions

Reference Implementations · IPTF

Proof-of-concepts illustrating each trust model

Cryptographic Trust · ZK

DIY Validium PoC

A ZK-based institutional payment system on RISC Zero, illustrating cryptographic trust without third-party execution.

iptf.ethereum.org/diy-validium ↗

Hardware-Anchored Trust · TEE

Private Cross-Chain Atomic Swap

A TEE-based coordination implementation using AWS Nitro Enclaves, with documented attestation assumptions and failure modes.

iptf.ethereum.org/private-crosschain-atomic-swap-part-2 ↗

Organizational Honesty · FHE

FHE Bond on fhEVM

A regulated fixed-income instrument implemented on Zama's fhEVM, illustrating FHE with decentralized co-processors.

iptf.ethereum.org/private-bonds-with-fhe ↗

Readiness Matrix with Evidence

Production
Readiness

With the foundational concepts established, this matrix provides a practical comparison of each solution's production readiness. The following assessment is evidence-based: classifications use three stages — Pilot, Early Production, and General Availability — each defined by independently verifiable criteria.

Pilot — Demonstrable system; named participant or partnership; no live regulated traffic required

Early Production — ≥1 named customer live in production; ≥3 months continuous operation; ≥1 third-party security audit (last 18 months); handles real-money or regulated traffic

General Availability — ≥3 named customers across ≥2 institution categories; ≥12 months continuous operation; ≥2 third-party audits within last 24 months; public volume/TVL or transaction count.

COTI

Garbled Circuits

General Availability

Private RWAs on Testnet with Zonqix, Privex live on mainnet (June 2025); StaTwig VaccineLedger deployed in Bangladesh.

Mandatory Disclosures

Named customers + tierPrivex (COTI-native DEX, $25bn aggregate volume); StaTwig with UNICEF + Bangladesh Government (national-scale supply chain, 10M private computations); ECB (central bank — Digital Euro Pioneer Partner, partnership stage)

Months in production~14 months COTI mainnet (since Mar 2025 — block 0); Privex DEX live June 2025

Last audit firm + dateSayfer — Mar 2026 (Private ERC-20; MetaMask Snap); prior: Sayfer Nov 2025 (Redeemer), Aug 2025 Hacken (Go-Ethereum), Apr 2025 Sayfer (Account Onboard, gCOTI), Mar 2025 Hacken (MPC). Published audit index

Regulatory engagementECB Digital Euro (Pioneer Partner, partnership stage)

Public volume / TVL$25bn aggregate volume on Privex

LicenseApache 2.0 (coti-contracts, coti-sdk-typescript, coti-full-node, coti-snap)

Commercial modelOpen-source SDK and contracts; use of COTI L2 network required

Mainnet Explorer Docs Privex Announcement StaTwig Partnership

Linea Enterprise (Consensys)

ZK-Proofs

Pilot

Enterprise pilot program; SWIFT collaboration on private testnet.

Mandatory Disclosures

Named customers + tierSWIFT pilot (financial market infrastructure — September 2025, private testnet) — 12+ banks including BNP Paribas, BNY Mellon

Months in productionNot applicable — Linea Enterprise still in pilot. Public Linea mainnet since July 2023, but is a different product.

Last audit firm + dateNot disclosed.

Regulatory engagementNone disclosed for Linea Enterprise specifically.

Public volume / TVLNot applicable for the Enterprise variant.

LicenseApache 2.0 / MIT (dual license, linea-monorepo). Enterprise-specific gating and RBAC not disclosed as open-source.

Commercial modelCommercial engagement with Consensys for the Enterprise variant; public Linea governed by Linea Consortium and Linea Association (Swiss non-profit, since 2025)

Consensys

Nightfall

Zero-Knowledge Proofs

Pilot

Nightfall_4 released April 2025; open source on GitHub; integrated into EY OpsChain.

Mandatory Disclosures

Named customers + tierPlume Network (L3 — institutional RWA, integration announced); Celo Foundation (payments, integration announced); Starknet (ecosystem integration). All announcements / integrations, not verified live regulated production.

Months in productionNot applicable — no named live production customer; Nightfall_4 released April 2025

Last audit firm + dateNot disclosed.

Regulatory engagementNone disclosed.

Public volume / TVLNot applicable.

LicenseCC0-1.0 (public domain) — EY explicitly disclaims warranty and ownership

Commercial modelCommunity-only; no commercial entity backing the product

GitHub EY Blockchain Press Release

Paladin (Kaleido / LFDT)

Privacy Groups (ZK/Notary)

Pilot

Bank of Indonesia Digital Rupiah (Project Garuda) — PoC report published by central bank. HKMA eHKD & Bank of Brazil Drex — references available on request.

Mandatory Disclosures

Named customers + tierBank of Indonesia (central bank — Project Garuda, PoC); HKMA (Hong Kong central bank — eHKD Phase 2); Banco Central do Brasil (central bank — Drex, with Mastercard and Banco BV)

Months in productionNot applicable — all references are PoCs

Last audit firm + dateNot disclosed.

Regulatory engagementThree central bank programs: Project Garuda (BI), eHKD (HKMA), Drex (BCB)

Public volume / TVLNot applicable — PoCs

LicenseApache 2.0 (LFDT-Paladin/paladin)

Commercial modelOpen-source community; commercial enterprise support available from Kaleido

Kaleido Blog BI Official Report (PDF)

Polygon CDK

Zero-Knowledge Proofs

Pilot

Recommended fit: institutions that need configurable privacy, structural compliance, and Agglayer connectivity on a private EVM chain. The named pilot is T-REX Ledger: Apex Group has committed $100B in tokenized RWAs, using Zama FHE on ERC-3643 for confidential settlement.

Mandatory Disclosures

Named customers + tierT-REX Ledger: Apex Group committed $100B in tokenized RWAs. The pilot uses ERC-3643 with Zama FHE for confidential settlement and was announced in March 2026.

Months in productionPolygon CDK has been live as production infrastructure since 2024 across multiple deployments. T-REX Ledger with Zama FHE was announced in March 2026. CDK Shield, also called CDK OP Succinct, is OP Succinct with Agglayer as the bridge instead of Optimism's 7-day bridge; it uses SP1 Hypercube proving.

Last audit firm + dateOP Succinct has a 2025 Spearbit audit. Agglayer security reports list 2025 audits by Sigma Prime, Hexens, and Spearbit. See OP Succinct audit and Agglayer security reports.

Regulatory engagementGateway regional node hosting supports data residency for EU and APAC frameworks. Role-based access gives regulators and auditors read-only views without exposing the full dataset. T-REX Ledger uses ERC-3643 with Zama FHE.

Public volume / TVLDeployed public volume/TVL for the privacy configuration hasn't been disclosed. Apex Group has committed $100B in tokenized RWAs.

LicenseOpen source: cdk-erigon is LGPL-3.0 / GPL-3.0; op-reth, op-succinct, AggLayer node, and AggKit are MIT OR Apache-2.0; AggLayer contracts are AGPL-3.0.

Commercial modelPolygon CDK is delivered as chain as a service through Polygon Labs and implementation providers such as Conduit and Gateway. There are no protocol fees or token-gated licenses. Production deployments run under Conduit and Gateway enterprise SLAs.

Product Page CDK Docs

Prividium (ZKsync)

Zero-Knowledge Proofs

Pilot

Deutsche Bank Project Dama 2 — live institutional L2 for asset tokenization (MAS Singapore).

Mandatory Disclosures

Named customers + tierMemento Blockchain + Deutsche Bank (Tier 1 bank — DAMA 2, live); Cari Network (US regional / community banks — testnet); 35+ Global FIs (interoperable pilot, unnamed)

Months in productionNot disclosed. (DAMA 2 litepaper June 2025; go-live not stated)

Last audit firm + dateNot disclosed.

Regulatory engagementMAS Project Guardian (DAMA 2)

Public volume / TVLNot disclosed.

LicenseProprietary — commercial license required. Some satellite SDK tooling open-source.

Commercial modelCommercial license required for production; managed-service option available from Matter Labs

Product Page Deutsche Bank Litepaper Memento Report

Silent Data (Applied Blockchain)

TEE

Early Production

Archax tokenised funds (Aberdeen, BlackRock, Fidelity, State Street) live Feb 2026; CRYOPDP/DHL — SAP Award winner Dec 2025; Bank of England Digital Pound Lab Phase 1.

Mandatory Disclosures

Named customers + tierArchax (FCA-regulated digital securities exchange — funds from Aberdeen, BlackRock, Fidelity, State Street); CRYOPDP (DHL Group — healthcare logistics, SAP Award winner); Shell (energy trading); Bank of England (central bank — Digital Pound Lab Phase 1)

Months in production~5 months (CRYOPDP since Dec 2025); ~3 months (Archax since Feb 2026)

Last audit firm + dateNot disclosed.

Regulatory engagementBank of England Digital Pound Lab (Phase 1); operating with FCA-regulated counterparty (Archax)

Public volume / TVLNot disclosed.

LicenseMixed — ancillary tools MIT (silent-data-rollup-providers, silentdata-polkadot, confidential-erc-20); core Silent Data Rollup is proprietary / commercial

Commercial modelCommercial / SaaS engagement with Applied Blockchain

Archax Funds CRYOPDP Case Study BoE Digital Pound Lab Demo Video

Methodology: Status classifications follow the principle: "No public evidence, no production claim." Solutions without verifiable public deployment references are classified accordingly. Private references verified by the EEA are noted where applicable.

Solution Profiles

Detailed
Analysis

The matrix provides a high-level overview, but enterprise decision-makers need deeper technical detail. This section offers comprehensive profiles for each solution, including privacy approaches, integration requirements, case studies, and provider-stated characteristics.

Click on each solution to expand and view detailed information.

COTI

COTI Group Garbled Circuits Cryptographic

Summary

COTI is the programmable privacy layer for Web3. Powered by high-performance Garbled Circuits, it delivers fast, low-cost, flexible, and compliant privacy across blockchains, and natively on its Ethereum Layer 2. COTI's architecture enables enterprises and developers to build privacy-preserving applications with end-to-end confidentiality and cost-efficiency at scale. It unlocks a wide variety of use cases in private DeFi, tokenized real-world assets (RWAs), trading, payments, and decentralized identity.

Privacy Approach

COTI uses Garbled Circuits (GC), an advanced multi-party computation (MPC) technique, to enable encrypted computation within workflows. Sensitive data including inputs, balances, on-chain state, and smart contract logic, remains encrypted end-to-end across storage, computation and transmission. Programmable smart contracts allow selective disclosure for audits, compliance, or permissions via permissioned view-keys.

Institutions can granularly select, on a per party basis, which participants have access to decryption rights. Further they may decide which parties may run computation on data that stays encrypted but provides decrypted outputs.

Integration Requirements

Deploy on COTI network or bridge existing assets
Standard Solidity (Fully EVM compatible) with parameters specifying confidential data elements
TypeScript, Python, Hardhat tooling available
MCP, SKILL.MD and agentic support

Case Studies

Central Bank of Europe — Digital Euro: Pioneer Partner with the ECB to establish confidential consumer applications on top of a Euro CBDC settlement layer.
Privex: A COTI native privacy-preserving perpetual exchange processing over $25bn in aggregate volume.
Unicef, Bangladesh Government, StaTwig: National-scale rollout completing 10 million private computations on encrypted IoT-enabled vaccine data for approximately $7.00 in total gas fees (computation cost).

Solution Characteristics

Extends confidential tokens, concealing transaction values and account balances
Real-time, scalable, confidential computations; private transactions at $0.0000007
1000× faster & 250× lighter than alternative privacy solutions (FHE)
Roadmap: Multichain expansion to 70+ chains (planned 2026)

Documentation

Documentation GitHub

Linea Enterprise

Consensys Zero-Knowledge Proofs Cryptographic

Summary

An Ethereum Layer 2 solution that can be deployed as a private, permissioned "Validium" where the state remains private. Zero knowledge proofs are used to prove the validity of the state while keeping transaction data confidential as well as to enable trustless interoperability with Ethereum.

Privacy Approach

Uses a Private Validium architecture combined with an Access Control Engine. Transaction data and ledger state stay within the operator-controlled infrastructure and are never published externally. Only zero-knowledge validity proofs (ZKPs) and commitments to these data are posted to Ethereum. Role-Based Access Control (RBAC) restricts data visibility so that participants only see the specific transaction data they are entitled to view.

Integration Requirements

Existing Smart Contracts: Full EVM equivalence — existing contracts deploy without modification
Tokens: Native support for all ERC standards (ERC-20, ERC-721, ERC-1155, ERC-3643)
Tooling: Compatible with Hardhat, Foundry and standard Ethereum tools
Identity: Linea Enterprise Gateway integration (OAuth2, wallet signing)

Case Studies

SWIFT September 2025 pilot: 12+ banks including BNP Paribas, BNY Mellon
SharpLink Gaming: $170M ETH with Anchorage Digital custody
Total value secured on Linea Mainnet: up to +$2.5B

Solution Characteristics

Throughput: ~1000 TPS for simple transfers, roadmap to 30,000+ TPS
Finality: Instant/single-slot finality on L2
Cost: Sub-$0.01 per transaction

Documentation

GitHub Documentation

Nightfall

Public Domain Zero-Knowledge Proofs Cryptographic

Summary

Nightfall_4^* is an open-source zero-knowledge-based privacy protocol originally developed by EY and released to the public domain that enables confidential token transfers on Ethereum-compatible networks. It is designed for enterprise and institutional use cases, supporting selective disclosure for compliance and audit without introducing global decryption keys or protocol backdoors.

Nightfall_4 focuses on practical privacy for regulated environments, balancing confidentiality, auditability, and interoperability with public blockchain infrastructure.

Disclaimer: Nightfall is not owned by EY and EY provides no warranty and disclaims any and all liability for use of this code. Users must conduct their own diligence with respect to use for their purposes and any and all usage is on an as-is basis and at your own risk.

Privacy Approach

Converts tokens (ERC-20, ERC-721, ERC-1155, ERC-3525) into cryptographic 'commitments' using ZK-ZK rollup architecture. Validity proofs verify correctness without revealing amounts, parties, or transfer details.

Integration Requirements

Tokens deposit to receive private commitments
Supports decentralized permissioning and KYC-gating
X.509 enterprise identity certificates supported for deposit/withdrawal
Gas fee abstraction available for ERC-20 tokens

Case Studies

Starknet Ecosystem: Integration for high-throughput privacy-preserving payments
Plume Network: L3 deployment for privacy-enabled institutional RWA tokenization, combined with Plume's sequencer-level AML policy
Celo Foundation: First payments-focused blockchain to deploy Nightfall ($180T B2B payments market)

Solution Characteristics

Cost: 3.5× cost reduction vs. public ERC-20 transfers
Development history: Since 2019
Open source: Fully public domain, no commercial licensing

Documentation

GitHub

Paladin

Kaleido / LFDT ZK/Notary (Privacy Groups) Crypto + Organizational

Summary

Paladin, a top-level project of the Linux Foundation Decentralized Trust (LFDT), is a unified framework for "Programmable Privacy" designed to bring enterprise-grade confidentiality to any EVM-compatible blockchain. Its standout feature is atomic, all-or-nothing transactions across multiple privacy domains (e.g., Delivery vs. Payment) where different legs of a trade might use different privacy models.

Privacy Approach

Paladin achieves confidentiality via Privacy Domains. Each domain consists of a module that generates proofs from private data and an on-chain smart contract that verifies them. The three built-in protocols implement their proof systems using a mix of Java, Go, and Rust/WebAssembly:

Pente: private smart contract execution through "ephemeral EVMs" with state commitments recorded on-chain
Zeto: a ZKP-based token implementation
Noto: a notary-based token implementation for regulated assets

Integration Requirements

Deployment: Each participant hosts a Paladin Node as sidecar to any EVM client
Privacy Domain: Admins deploy "Domains" (Zeto, Noto, Pente) with cryptographic rules
Identity & Key Management: Enterprise KMS/HSM integration built-in
Peer-to-Peer Connectivity: Secure mTLS for off-chain exchange
Off-chain State Store: Each node uses a dedicated database

Case Studies

Central Bank of Brazil, Drex Project: Mastercard, Banco BV phase 2 use cases
Bank Indonesia, Digital Rupiah: Cash Ledger
Hong Kong Monetary Authority, eHKD Phase 2: Zeto tested as Privacy Enhancing Technology

Solution Characteristics

Programmable Privacy & Atomic Interoperability
High-Performance UTXO-based privacy tokens
Pluggable Cryptography

Documentation

Source code Documentation

Prividium

ZKsync / Matter Labs Zero-Knowledge Proofs Cryptographic

Summary

Enterprise-grade private, permissioned Layer 2 infrastructure combining institutional privacy controls with native Ethereum connectivity. Transactions execute privately within and across enterprise-controlled Zones while ZK proofs anchor integrity to Ethereum — enabling compliant tokenization with access to public liquidity.

Privacy Approach

Permissioned ZKsync L2 architecture with zero-knowledge proofs. Transaction data executes off-chain within operator-controlled infrastructure. Only ZK validity proofs and state root commitments post to Ethereum. No transaction details, amounts, or counterparty information ever reach outside the Prividium. Role-based access controls define granular permissions at the smart contract function level.

Integration Requirements

Full EVM equivalence with standard tooling (Hardhat, Truffle, Foundry)
Deployment options: Matter Labs managed, customer cloud, or on-premises
Enterprise SSO integration (Okta, Azure AD)
Native interoperability to other ZKsync chains and Ethereum
Commercial agreement with Matter Labs required

Case Studies

Cari Network: Tokenized deposit network for US regional/community banks (testnet)
Memento Blockchain + Deutsche Bank DAMA 2: Tokenized fund infrastructure in production
35+ Global Financial Institutions: Interoperable Prividium pilot

Solution Characteristics

Cost: Sub-$0.001 per transaction including L1 settlement
Performance: up to 15,000 TPS per Prividium; target sub-1 second ZK proof generation
Ecosystem: Cross-chain privacy within ZKsync ecosystem + direct L1 interop

Documentation

Docs Product Page

Polygon CDK

Polygon Zero-Knowledge Proofs Cryptographic

Summary

Recommended fit: institutions launching private EVM chains secured by ZK proofs, with configurable privacy and Agglayer connectivity. Polygon Labs and providers such as Conduit and Gateway co-design the chain architecture with the institution, then tune privacy mechanisms to the regulatory environment and the threat model.

Privacy Approach

Institutions can tune privacy across chain, application, and wallet layers.

Private validium (CDK Shield): Also called CDK OP Succinct, this uses OP Succinct with Agglayer as the bridge instead of Optimism's 7-day bridge. It keeps SP1 Hypercube proving and an institution-operated AltDA layer.
FHE: Homomorphic computation keeps balances and transfers encrypted during settlement. Reference deployment: T-REX Ledger with Zama on ERC-3643.
TEE: Trusted execution environments seal selected workloads from the chain operator.
Permissioned access: Enterprise identity gates RPC, mempool, and explorer access.

Integration Requirements

Delivery: Chain as a service, co-designed with Polygon Labs and providers such as Conduit and Gateway.
Configurations: zkRollup, Validium, CDK Shield, or Sovereign mode. CDK Shield is CDK OP Succinct: OP Succinct with Agglayer as the bridge.
Execution: Full EVM equivalence with multiclient options including cdk-erigon and CDK OP Stack.
Identity: Azure ID SSO and other enterprise SSO; native support for ERC-3643.
Interop: Native Agglayer connectivity reaches OP Stack, cdk-erigon, and Miden testnet.

Case Studies

T-REX Ledger: Apex Group, a $3.5T administrator, committed $100B in tokenized RWAs. The pilot uses Polygon CDK + Zama FHE on ERC-3643 and was announced in March 2026.
Katana: Mainnet CDK OP Stack chain generating Succinct SP1 validity proofs in production.
Conduit G3: Sequencer infrastructure for high-throughput Polygon CDK chains, with 3 Ggas/s sustained throughput.
CDK ecosystem: Live deployments include Katana, OKX, Immutable, and others.

Solution Characteristics

Privacy: FHE, private validium, TEE, and permissioned access.
Settlement: Validity proofs and cryptographic finality.
Throughput: Conduit G3 provides 3 Ggas/s sustained throughput and 25K TPS.
Cross-chain: Native Agglayer settlement across heterogeneous stacks.
Maturity: Polygon CDK has been production-ready since 2024; T-REX Ledger entered pilot in March 2026.

Documentation

Polygon CDK Docs GitHub Agglayer GitHub CDK Shield Docs

Silent Data

Applied Blockchain TEE HW-Anchored

Summary

Silent Data is an Ethereum Layer 2 developed by Applied Blockchain that provides full Turing-complete programmable privacy for smart contract execution and transaction data. Privacy is enforced at the execution layer using trusted execution environments (TEEs), enabling regulated applications to control disclosure while maintaining standard EVM execution and connectivity to Ethereum.

Privacy Approach

Uses Trusted Execution Environments (TEEs) — specialized chips that process data in encrypted form. Infrastructure operators cannot observe processing. Privacy guarantees derive from hardware properties. Privacy controls are applied at the execution layer, allowing transaction inputs, intermediate state, and smart contract logic to execute confidentially. No custom cryptography. No changes to Solidity.

Integration Requirements

Existing smart contracts deploy directly (standard EVM, no custom extensions)
First L2 deployed using OP Stack, part of Ethereum Superchain ecosystem
Assets bridge to Silent Data L2 (similar to Base, Unichain)
Works with standard Ethereum/EVM tooling

Case Studies

Archax: FCA-regulated digital securities exchange — Aberdeen money market fund live in production
DHL Health Logistics — CRYOPDP: Award-winning supply chain logistics in production
Shell: Energy trading applications with privacy
Blueprints: Pre-built privacy-enabled application templates

Solution Characteristics

Performance: Up to 4,000 TPS (performance not impacted by privacy protocol)
Trust model: Depends on hardware manufacturer attestation (Intel)
Network: Standard Ethereum L2, assets can be bridged

Documentation

Documentation GitHub

Decision Framework

Evaluation
Guide

Understanding the landscape is one thing; making a selection is another. This framework synthesizes the previous sections into a practical set of questions that guide enterprise decision-makers through the evaluation process.

When evaluating privacy solutions, enterprises should systematically consider the following questions:

What needs to be private?

Transaction amounts, counterparty identities, business logic, or all three? Different solutions excel at protecting different data types.

What trust model is acceptable?

Pure cryptographic guarantees, hardware-dependent security, or organizational trust? Your risk tolerance and regulatory requirements will guide this choice.

What is the regulatory environment?

GDPR, MiCA, or sector-specific requirements? Ensure the solution supports necessary compliance mechanisms like selective disclosure.

What is the deployment timeline?

Production-ready solutions vs. emerging technology? Balance innovation with operational readiness based on your timeline.

What is the integration complexity?

Mainnet settlement vs. separate chain? Consider the technical resources required and existing infrastructure compatibility.

Related IPTF Framework

See IPTF's Public Rails vs Private Ledgers ↗ for a related decision framework covering public blockchains with cryptographic privacy and private ledgers with trust-based privacy.

No single solution addresses all enterprise privacy requirements. The optimal approach often involves combining solutions or selecting based on the specific use case.

Future Outlook & Open Questions

Looking
Ahead

This report captures a moment in time. Privacy technology on Ethereum is evolving rapidly, and the questions that remain unanswered today will shape the next phase of enterprise adoption. This section highlights the open challenges and the working group's commitment to ongoing collaboration.

As the privacy landscape on Ethereum continues to evolve, several critical questions remain open for the enterprise community:

How will privacy solutions interact with each other across L1 and L2?

What standards are needed for cross-solution interoperability?

How will regulatory frameworks evolve to address on-chain privacy?

What role will the EF Privacy Roadmap play in standardizing base-layer privacy?

Joint Statement

Building the future of Compliant Privacy on Ethereum

The members of this working group, in collaboration with the wider Ethereum community and the Ethereum Foundation (EF), remain committed to the development of "Compliant Privacy." We believe that the future of the enterprise web is not just decentralized, but inherently confidential.

Additional Privacy Solutions

Broader
Ecosystem

Solutions profiled in this report were contributed by EEA member organizations participating in the Privacy Working Group. Inclusion is a function of evidence and engagement, not endorsement.

Other privacy solutions exist in the Ethereum ecosystem. The most prominent are listed below based on publicly available information. Working group participation requires EEA membership. Organizations interested in contributing to a future edition may apply for EEA membership.

Company

Solution

RAILGUN DAO

Privacy system enabling private transfers and DeFi interactions on Ethereum mainnet using ZK proofs

Aztec Labs

ZK rollup with native private smart contracts and encrypted state on Ethereum

Zama

Encrypted smart contracts using fully homomorphic encryption on EVM chains

Fhenix

FHE-powered L2 enabling computation on encrypted data

Panther

Privacy pools for compliant private transactions with selective disclosure

ScopeLift / Umbra

Stealth address protocol for private payments on Ethereum

Contact

Get
In Touch

Participation in the Privacy Working Group is open to EEA member organizations. For inquiries about privacy solutions on Ethereum, contact us at:

privacy-wg@entethalliance.org Apply for EEA Membership →

Working Group Contributors

Organization

Solution

Contributors

Applied Blockchain

Silent Data

Andrew Campbell, Adi Ben-Ari

Consensys

Linea Enterprise

Florian Huc, Arthur Remy

COTI

COTI V2

Brad Goodwin, Amateo Kaplan, Guy Mesika, Joshua Maddox

Enterprise Ethereum Alliance

Working Group Lead

Redwan Meslem

Ethereum Foundation

Privacy

Andy Guzman

Nightfall

Kahina Khacef

Kaleido / LFDT

Paladin

Jim Zhang, Peter Broadhurst, Matthew Whitehead, Sophia Lopez, Josh Mercer-Deadman

Polygon

CDK

S. Kinney, Avi Atkin, Aishwary Gupta, Serena Leung

ZKsync / Matter Labs

Prividium

Omar Azhar

Contributors & Reviewers

Aaryamann Challani

Ethereum Foundation

Adi Ben-Ari

Applied Blockchain

Aishwary Gupta

Polygon

Amateo Kaplan

COTI

Andrew Campbell

Applied Blockchain

Andy Guzman

Ethereum Foundation

Arthur Remy

Consensys

Avi Atkin

Polygon

Brad Goodwin

COTI

Florian Huc

Consensys

Grace Mackeith

Applied Blockchain

Guy Mesika

COTI

Jim Zhang

Kaleido

Josh Mercer-Deadman

Kaleido

Joshua Maddox

COTI

Kahina Khacef

Matthew Whitehead

Kaleido

Michal Zajac

Nethermind

Omar Azhar

ZKsync

Peter Broadhurst

Kaleido

Redwan Meslem

EEA

S. Kinney

Polygon

Serena Leung

Polygon

Sergey Shemyakov

L2BEAT

Sophia Lopez

Kaleido

Stefano De Angelis

Nethermind

Disclaimer: This report is provided for informational purposes only and represents the collective findings of the EEA Privacy Working Group. The information contained herein should not be construed as legal, financial, or technical advice. Organizations should conduct their own due diligence before implementing any privacy solutions. The EEA and contributing organizations make no warranties regarding the accuracy, completeness, or suitability of the information presented.