State of Privacy on Ethereum for Enterprise

State of Privacy on Ethereum

for Enterprise

Privacy Working Group

Mapping financial institution requirements to Ethereum privacy solutions — a cross-institutional analysis by 17 experts across 11 organizations.

Organization

Enterprise Ethereum Alliance

Edition

Version 1 · April 2026

solutions in production

4 of 7

addressable market

$700T+

Contributing Organizations

Consensys

COTI

Kaleido

Polygon

ZKsync

Applied Blockchain

Opening Statement

The Principle of Collaborative Neutrality

This report represents a collective effort by the Enterprise Ethereum Alliance (EEA) Privacy Working Group to map the current landscape of privacy within the Ethereum ecosystem. This work reflects the contributions of 17 experts across 11 organizations—Applied Blockchain, Consensys, COTI, EY, Kaleido, Polygon, ZKsync/Matter Labs, the Ethereum Foundation, L2Beat, Nethermind, and the Enterprise Ethereum Alliance—over a dedicated three-month intensive study period.

From its inception, this report has been guided by neutrality as a core design principle. Our methodology relied on cross-institutional validation, synthesizing technical documentation, stress-testing results, and deployment post-mortems from leading financial and cryptographic institutions. Our aim is to provide an objective, technical, and strategic framework for understanding how privacy is being integrated into enterprise-grade blockchain solutions.

The scope of this report is intentionally focused on the privacy solutions developed and maintained by EEA member organizations. By concentrating on the innovations within our ecosystem, we can ensure that solution characteristics are supported by live pilots, peer-reviewed empirical papers, or enterprise deployments. While we recognize the broader ecosystem of privacy research, deep-dives into non-member solutions fall outside the primary scope of this mandate. However, in the interest of authenticity and inclusivity, a comprehensive taxonomy of non-member solutions and academic primitives can be found in the 'Additional Privacy Solutions' section at the conclusion of this paper.

Executive Summary

Key
Findings

The Challenge

Financial institutions are increasingly deploying tokenized assets on Ethereum, but public blockchains expose all transaction data by default—amounts, counterparties, and business relationships are visible to anyone monitoring the network. This transparency creates a critical barrier: enterprises cannot move trillion-dollar bond markets, derivatives positions, or proprietary trading strategies onto infrastructure where competitors and adversaries can observe every move.

Privacy and confidentiality are not features — they are prerequisites for enterprise adoption.

What This Report Provides

The Enterprise Ethereum Alliance convened a Privacy Working Group of 17 experts across 11 organizations to map the current landscape. Seven EEA member organizations contributed their solutions, creating the first comprehensive enterprise-focused view of privacy capabilities on Ethereum:

COTI

Garbled Circuits for programmable privacy

Linea Enterprise (Consensys)

Private Validium with ZK proofs

Nightfall

Open-source ZK protocol for confidential tokens

Paladin

Modular privacy framework

Prividium

Permissioned ZK Layer 2

Polygon CDK

Configurable privacy spectrum

Silent Data (Applied Blockchain)

TEE-based programmable privacy

Key Findings

Privacy has multiple dimensions – transaction amounts, counterparty identities, business logic, and regulatory access all require different technical approaches. No single solution covers all requirements. Different solutions protect different aspects of operations using distinct trust models: cryptographic proofs (ZK), secure hardware (TEEs), multi-party computation (MPC), or organizational controls.

Who Should Read This

This paper is designed for CIOs, compliance officers, and digital asset leads who need to evaluate privacy options for tokenized asset deployments. It provides a practical framework to understand what exists, how each approach works, what trust assumptions apply, and what implementation requires – enabling institutions to make informed decisions for their specific regulatory and operational needs.

Bottom Line

The enterprise privacy landscape on Ethereum is maturing rapidly , with production deployments already supporting central bank digital currencies, tokenized funds, and private trading platforms. This report maps the territory so institutions can navigate from experimentation to implementation.

Research Methodology

Our
Approach

Before examining the solutions themselves, it's essential to understand how this assessment was conducted. The following methodology ensures transparency in how we evaluated each privacy solution and determined readiness classifications.

The findings within this paper were developed within the EEA Privacy Working Group over a dedicated three-month intensive study period. The methodology relied on a synthesis of technical documentation, stress-testing results, and deployment post-mortems from the world's leading financial and cryptographic institutions.

The working group was led by a steering committee comprising:

Applied Blockchain / Silent Data

Consensys / Linea

COTI

Kaleido

Polygon

ZKsync / Matter Labs

01 — Input

Technical documentation

Provider docs, stress-testing results, deployment post-mortems.

02 — Process

Cross-institutional review

Cross-review of privacy primitives across all working group member.

03 — Output

Unified standards

Consolidated enterprise requirements into Ethereum-based privacy standards

Scope and Approach

This is Version 1 of a recurring report series. It is an ecosystem mapping and overview — not independent testing, benchmarking, or vendor validation. Assessments are based on publicly available information, including provider documentation, case study announcements, and verifiable deployment references. Solution profiles reflect provider-stated capabilities.

Enterprise Privacy Problem:

The Barriers to Public Blockchain

The
Challenge

With the methodology established, we now turn to why privacy matters in the first place. Understanding the specific barriers that prevent enterprise adoption is critical to evaluating which solutions address real business needs.

For enterprises, the transparency that defines public blockchains is a "double-edged sword." While it provides immutable trust, it simultaneously creates a critical confidentiality deficit. The primary issues include:

Exposure of Business Logic

On a public ledger, smart contract interactions can reveal sensitive business logic, trade secrets, and proprietary algorithms to competitors.

Lack of Financial Discretion

Publicly visible transaction amounts and wallet balances are incompatible with corporate treasury requirements and high-stakes financial maneuvers.

Regulatory Non-Compliance

Regulations such as GDPR and MiCA require strict controls over data access and the "right to be forgotten," which are fundamentally at odds with a permanent, public, transparent ledger.

Impact on Financial Strategy

Visibility into transaction flows allows for front-running and "MEV" (Maximal Extractable Value) exploitation, which erodes the profitability of institutional trading strategies and introduces unacceptable threat actors.

Institutional Trust Requirements

Institutions require an infallible level of trust in their financial products and instruments. The option for confidentiality is a requisite to preserve this trust in the process of tokenized assets. Without robust privacy, the public blockchain remains a "read-only" experiment for the world's largest enterprises.

Privacy Addressable Market

Market
Opportunity

Having identified the barriers, it's important to quantify the opportunity. The following sectors represent the economic scale that privacy-preserving technology can unlock on Ethereum.

The transition of institutional assets to the blockchain represents a multi-trillion-dollar opportunity. Privacy is not just a feature, it is the key that unlocks these sectors:

bond market

$100T+

Global Finance (TradFi)

The total addressable market for private decentralized finance (DeFi) includes the $100T+ global bond market and the $600T derivatives market, both of which require strict transaction privacy.

derivatives

$600T

Supply Chain & Logistics

Protecting the identity of suppliers and the pricing of raw materials is essential for maintaining competitive advantages in global trade.

healthcare

Multi-T

Healthcare & Data Sovereignty

The secure, private exchange of patient records and genomic data requires a "Privacy-First" architecture to meet global compliance standards.

Taxonomy of Privacy Approaches

in the Ethereum Ecosystem

Technical

Foundations

A common vocabulary for understanding how enterprise privacy on Ethereum is implemented across six foundational approaches.

FHE

Fully Homomorphic Encryption

Computation on encrypted data without ever decrypting it.

Garbled Circuits

Secure computation over encrypted inputs without exposing data to any party.

MPC

Multi-Party Computation

Compute jointly over private inputs without any party seeing all data.

tee

Trusted Execution Environments

Hardware-secured enclaves for isolated computation.

ZKP

Zero-Knowledge Proofs

Prove a statement is true without revealing underlying data.

Privacy Groups

Sub-networks visible only to designated participants.

06.b

Privacy-Related Ethereum Standards

Interoperable

Building Blocks

Beyond cryptographic primitives, the Ethereum ecosystem has standardized interoperable interfaces for privacy-preserving transactions. These standards define building blocks upon which enterprise privacy solutions are constructed — they do not provide end-to-end privacy on their own.

ERC-5564

Stealth Addresses

Generates one-time addresses for private transfers. Enables recipient privacy without prior interaction.

ERC-6538

Stealth Meta-Address Registry

Provides a registry to discover stealth recipients. Enables senders to generate private addresses without direct contact.

ERC-7984 Draft

Confidential Fungible Token

Supports confidential balances and transfer amounts. Enables privacy-preserving tokens using FHE, ZK, or TEEs.

EIP-8105 Draft

Encrypted Mempools

Encrypts transactions before inclusion to reduce front-running and MEV exposure. Particularly relevant for institutional execution.

The Ethereum Foundation's

Privacy Roadmap

Foundation
Initiatives

While member solutions address immediate enterprise needs, the Ethereum base protocol is also evolving. Understanding where the Ethereum Foundation is heading with privacy infrastructure helps contextualize these enterprise solutions within the broader roadmap.

Track 01

Private Proving

Application Layer

Enabling users to prove facts about themselves without revealing underlying data.

Track 02

Private Writes

Transaction Layer

Enabling confidential actions on Ethereum mainnet. Developing infrastructure for private transfers, precompiles, and SDK integrations for privacy-first wallets.

Track 03

Private Reads

Network Layer

Tackles metadata leakage from reading state. Developing Private Information Retrieval (PIR). Target: privacy alternatives across major RPC providers within 12 months.

The Institutional Privacy Task Force

The Institutional Privacy Task Force (IPTF) is a team within the Ethereum Foundation that studies the privacy requirements of institutions using or evaluating Ethereum. Its outputs are public: a map of patterns, approaches, use cases, vendors, and jurisdictions; a set of open-source proof-of-concepts and writeups that document the design choices and tradeoffs for each implementation. Everything is released under CC0 and maintained in public GitHub repositories.

IPTF and the Ethereum Foundation's PSE team work in parallel. PSE focuses on protocol-level privacy primitives: private proving, private writes, and private reads. IPTF starts from specific institutional requirements such as, but not limited to, regulated payments, tokenized bonds, identity attestation, and cross-border settlement, and compares them against what the current ecosystem can deliver.

Evaluations in the map apply four properties the Ethereum Foundation treats as requirements for public infrastructure: Censorship Resistance, Open Source and Free Software, Privacy, and Security (CROPS). The same framework is applied to EF-adjacent work and to third-party vendor work. Patterns and approaches also distinguish between Institution-to-Institution (I2I) and Institution-to-End-User (I2U) contexts, since the power dynamic between counterparties changes what "privacy" should mean in each case.

Contributors include researchers and engineers from inside and outside the Foundation.

iptf.ethereum.org ↗ IPTF Map ↗ IPTF PoCs ↗

Trust Models of Enterprise

Privacy Solutions

Security
Foundations

Privacy technologies rely on different security assumptions. Before selecting a solution, enterprises must understand who or what they are trusting, under what conditions that trust can fail, and how those risks align with their regulatory and operational requirements.

Trust models of enterprise privacy solutions

Reference Implementations · IPTF

Proof-of-concepts illustrating each trust model

Cryptographic Trust · ZK

DIY Validium PoC

A ZK-based institutional payment system on RISC Zero, illustrating cryptographic trust without third-party execution.

iptf.ethereum.org/diy-validium ↗

Hardware-Anchored Trust · TEE

Private Cross-Chain Atomic Swap

A TEE-based coordination implementation using AWS Nitro Enclaves, with documented attestation assumptions and failure modes.

iptf.ethereum.org/private-crosschain-atomic-swap-part-2 ↗

Organizational Honesty · FHE

FHE Bond on fhEVM

A regulated fixed-income instrument implemented on Zama's fhEVM, illustrating FHE with decentralized co-processors.

iptf.ethereum.org/private-bonds-with-fhe ↗

Readiness Matrix with Evidence

Production
Readiness

With the foundational concepts established, this matrix provides a practical comparison of each solution's production readiness. The following assessment is evidence-based: only solutions with publicly verifiable deployments are classified as "In Production."

In Production — Live deployment with named customers

Early Access — Available, no public production verified

Pilot — In development or testing phase

COTI

Garbled Circuits

In Production

Private RWAs on Testnet with Zonqix, Privex live on mainnet (June 2025); StaTwig VaccineLedger deployed in Bangladesh.

Mainnet Explorer Docs Privex Announcement StaTwig Partnership

Prividium (ZKsync)

Zero-Knowledge Proofs

In Production

Deutsche Bank Project Dama 2 — live institutional L2 for asset tokenization (MAS Singapore).

Product Page Deutsche Bank Litepaper

Silent Data (Applied Blockchain)

TEE

In Production

Archax tokenised funds (Aberdeen, BlackRock, Fidelity, State Street) live Feb 2026; CRYOPDP/DHL — SAP Award winner Dec 2025; Bank of England Digital Pound Lab Phase 1.

Archax Funds CRYOPDP Case Study BoE Digital Pound Lab Demo Video

Paladin (Kaleido / LFDT)

Privacy Groups (ZK/Notary)

In Production

Bank of Indonesia Digital Rupiah (Project Garuda) — PoC report published by central bank. HKMA eHKD & Bank of Brazil Drex — references available on request.

Kaleido Blog BI Official Report (PDF)

Nightfall

Zero-Knowledge Proofs

Early Access

Nightfall_4 released April 2025; open source on GitHub; integrated into EY OpsChain.

GitHub EY Blockchain Press Release

Polygon CDK

Zero-Knowledge Proofs

Available (Infra)

CDK toolkit available for building privacy-enabled L2 chains. No named enterprise privacy deployment publicly linked.

CDK Docs

Linea Enterprise (Consensys)

ZK-Proofs

Pilot

Enterprise pilot program; SWIFT collaboration on private testnet.

Consensys

Methodology: Status classifications follow the principle: "No public evidence, no production claim." Solutions without verifiable public deployment references are classified accordingly. Private references verified by the EEA are noted where applicable.

Solution Profiles

Detailed
Analysis

The matrix provides a high-level overview, but enterprise decision-makers need deeper technical detail. This section offers comprehensive profiles for each solution, including privacy approaches, integration requirements, case studies, and provider-stated characteristics.

Click on each solution to expand and view detailed information.

COTI

COTI Group Garbled Circuits Cryptographic

Summary

COTI is the programmable privacy layer for Web3. Powered by high-performance Garbled Circuits, it delivers fast, low-cost, flexible, and compliant privacy across blockchains, and natively on its Ethereum Layer 2. COTI's architecture enables enterprises and developers to build privacy-preserving applications with end-to-end confidentiality and cost-efficiency at scale. It unlocks a wide variety of use cases in private DeFi, tokenized real-world assets (RWAs), trading, payments, and decentralized identity.

Privacy Approach

COTI uses Garbled Circuits (GC), an advanced multi-party computation (MPC) technique, to enable encrypted computation within workflows. Sensitive data including inputs, balances, on-chain state, and smart contract logic, remains encrypted end-to-end across storage, computation and transmission. Programmable smart contracts allow selective disclosure for audits, compliance, or permissions via permissioned view-keys.

Institutions can granularly select, on a per party basis, which participants have access to decryption rights. Further they may decide which parties may run computation on data that stays encrypted but provides decrypted outputs.

Integration Requirements

Deploy on COTI network or bridge existing assets
Standard Solidity (Fully EVM compatible) with parameters specifying confidential data elements
TypeScript, Python, Hardhat tooling available
MCP, SKILL.MD and agentic support

Case Studies

Central Bank of Europe — Digital Euro: Pioneer Partner with the ECB to establish confidential consumer applications on top of a Euro CBDC settlement layer.
Privex: A COTI native privacy-preserving perpetual exchange processing over $25bn in aggregate volume.
Unicef, Bangladesh Government, StaTwig: National-scale rollout completing 10 million private computations on encrypted IoT-enabled vaccine data for approximately $7.00 in total gas fees (computation cost).

Solution Characteristics

Extends confidential tokens, concealing transaction values and account balances
Real-time, scalable, confidential computations; private transactions at $0.0000007
1000× faster & 250× lighter than alternative privacy solutions (FHE)
Roadmap: Multichain expansion to 70+ chains (planned 2026)
Maturity: Production ready

Documentation

Documentation GitHub

Linea Enterprise

Consensys Zero-Knowledge Proofs Cryptographic

Summary

An Ethereum Layer 2 solution that can be deployed as a private, permissioned "Validium" where the state remains private. Zero knowledge proofs are used to prove the validity of the state while keeping transaction data confidential as well as to enable trustless interoperability with Ethereum.

Privacy Approach

Uses a Private Validium architecture combined with an Access Control Engine. Transaction data and ledger state stay within the operator-controlled infrastructure and are never published externally. Only zero-knowledge validity proofs (ZKPs) and commitments to these data are posted to Ethereum. Role-Based Access Control (RBAC) restricts data visibility so that participants only see the specific transaction data they are entitled to view.

Integration Requirements

Existing Smart Contracts: Full EVM equivalence — existing contracts deploy without modification
Tokens: Native support for all ERC standards (ERC-20, ERC-721, ERC-1155, ERC-3643)
Tooling: Compatible with Hardhat, Foundry and standard Ethereum tools
Identity: Linea Enterprise Gateway integration (OAuth2, wallet signing)

Case Studies

SWIFT September 2025 pilot: 12+ banks including BNP Paribas, BNY Mellon
SharpLink Gaming: $170M ETH with Anchorage Digital custody
Total value secured on Linea Mainnet: up to +$2.5B

Solution Characteristics

Throughput: ~1000 TPS for simple transfers, roadmap to 30,000+ TPS
Finality: Instant/single-slot finality on L2
Cost: Sub-$0.01 per transaction
Maturity: Production ready, running mainnet since July 2024

Documentation

GitHub Documentation

Nightfall

Public Domain Zero-Knowledge Proofs Cryptographic

Summary

Nightfall_4^* is an open-source zero-knowledge-based privacy protocol originally developed by EY and released to the public domain that enables confidential token transfers on Ethereum-compatible networks. It is designed for enterprise and institutional use cases, supporting selective disclosure for compliance and audit without introducing global decryption keys or protocol backdoors.

Nightfall_4 focuses on practical privacy for regulated environments, balancing confidentiality, auditability, and interoperability with public blockchain infrastructure.

Disclaimer: Nightfall is not owned by EY and EY provides no warranty and disclaims any and all liability for use of this code. Users must conduct their own diligence with respect to use for their purposes and any and all usage is on an as-is basis and at your own risk.

Privacy Approach

Converts tokens (ERC-20, ERC-721, ERC-1155, ERC-3525) into cryptographic 'commitments' using ZK-ZK rollup architecture. Validity proofs verify correctness without revealing amounts, parties, or transfer details.

Integration Requirements

Tokens deposit to receive private commitments
Supports decentralized permissioning and KYC-gating
X.509 enterprise identity certificates supported for deposit/withdrawal
Gas fee abstraction available for ERC-20 tokens

Case Studies

Starknet Ecosystem: Integration for high-throughput privacy-preserving payments
Plume Network: L3 deployment for privacy-enabled institutional RWA tokenization, combined with Plume's sequencer-level AML policy
Celo Foundation: First payments-focused blockchain to deploy Nightfall ($180T B2B payments market)

Solution Characteristics

Cost: 3.5× cost reduction vs. public ERC-20 transfers
Development history: Since 2019
Open source: Fully public domain, no commercial licensing
Maturity: Early access; ecosystem integrations announced across Plume, Celo, and Starknet

Documentation

GitHub

Paladin

Kaleido / LFDT ZK/Notary (Privacy Groups) Crypto + Organizational

Summary

Paladin, a top-level project of the Linux Foundation Decentralized Trust (LFDT), is a unified framework for "Programmable Privacy" designed to bring enterprise-grade confidentiality to any EVM-compatible blockchain. Its standout feature is atomic, all-or-nothing transactions across multiple privacy domains (e.g., Delivery vs. Payment) where different legs of a trade might use different privacy models.

Privacy Approach

Paladin achieves confidentiality via Privacy Domains. Each domain consists of a module that generates proofs from private data and an on-chain smart contract that verifies them. The three built-in protocols implement their proof systems using a mix of Java, Go, and Rust/WebAssembly:

Pente: private smart contract execution through "ephemeral EVMs" with state commitments recorded on-chain
Zeto: a ZKP-based token implementation
Noto: a notary-based token implementation for regulated assets

Integration Requirements

Deployment: Each participant hosts a Paladin Node as sidecar to any EVM client
Privacy Domain: Admins deploy "Domains" (Zeto, Noto, Pente) with cryptographic rules
Identity & Key Management: Enterprise KMS/HSM integration built-in
Peer-to-Peer Connectivity: Secure mTLS for off-chain exchange
Off-chain State Store: Each node uses a dedicated database

Case Studies

Central Bank of Brazil, Drex Project: Mastercard, Banco BV phase 2 use cases
Bank Indonesia, Digital Rupiah: Cash Ledger
Hong Kong Monetary Authority, eHKD Phase 2: Zeto tested as Privacy Enhancing Technology

Solution Characteristics

Programmable Privacy & Atomic Interoperability
High-Performance UTXO-based privacy tokens
Pluggable Cryptography
Maturity: Adopted by major financial industry projects

Documentation

Source code Documentation

Prividium

ZKsync / Matter Labs Zero-Knowledge Proofs Cryptographic

Summary

Enterprise-grade private, permissioned Layer 2 infrastructure combining institutional privacy controls with native Ethereum connectivity. Transactions execute privately within enterprise-controlled environments while ZK proofs anchor integrity to Ethereum — enabling compliant tokenization with access to public liquidity.

Privacy Approach

Permissioned ZKsync L2 architecture with zero-knowledge proofs. Transaction data executes off-chain within operator-controlled infrastructure. Only ZK validity proofs and state root commitments post to Ethereum. No transaction details, amounts, or counterparty information ever reach outside the Prividium. Role-based access controls define granular permissions at the smart contract function level.

Integration Requirements

Full EVM equivalence with standard tooling (Hardhat, Truffle, Foundry)
Deployment options: Matter Labs managed, customer cloud, or on-premises
Enterprise SSO integration (Okta, Azure AD)
Native interoperability to other ZKsync chains and Ethereum
Commercial agreement with Matter Labs required

Case Studies

Cari Network: Tokenized deposits for US regional/community banks (testnet)
Memento Blockchain + Deutsche Bank DAMA 2: Tokenized fund infrastructure in production
35+ Global Financial Institutions: Interoperable Prividium pilot

Solution Characteristics

Cost: Sub-$0.001 per transaction including L1 settlement
Performance: 15,000+ TPS per Prividium; sub-1 second ZK proof generation
Ecosystem: Cross-chain privacy within ZKsync ecosystem + direct L1 interop
Maturity: Early production with multiple co-design partners

Documentation

Prividium NPM GitHub Docs Product Page

Polygon CDK

Polygon Zero-Knowledge Proofs Cryptographic

Summary

A modular, open-source multistack toolkit by Polygon Labs for launching sovereign, ZK-secured EVM chains with configurable, financial-grade privacy, enterprise-grade controls, and native connectivity to Agglayer for access to Ethereum liquidity.

Privacy Approach

Privacy with Polygon CDK is a configurable spectrum rather than a binary on/off switch. Available configurations:

Validium mode: Transaction data stored off-chain in operator infrastructure
Private RPC, mempool, block explorers (Gateway): Users see only relevant transactions
ZK Validity proofs: Only cryptographic commitments on-chain
Access control lists (ACLs): Role-based permissions, selectively revealable
Identity & compliance: KYC via Billions, Microsoft Entra, AWS IAM SSO
FHE via Zama: Computation on encrypted data (in implementation)

Integration Requirements

Full EVM compatibility; existing contracts deploy without modification
Direct upgrade path from Hyperledger Besu for permissioned networks
Multiclient options: Erigon, CDK op-geth, Validium variants
Options: zkRollup, Validium, or Sovereign modes

Case Studies

Polygon CDK launched an enterprise-focused privacy-first rollup in Q3 2025, per Messari
Polygon PoS: $2.4T stablecoin volume, 164M+ unique addresses, 6.7B+ transactions
CDK adopters: Katana, OKX, Immutable, Silicon, Lumia

Solution Characteristics

Privacy model: Configurable spectrum including Validium, private explorers, ACLs, FHE
Migration: Direct upgrade path from Hyperledger Besu
Performance: 60+ MGas/s burst throughput currently
Maturity: CDK Erigon production ready (Q3 2025 launch)

Documentation

Polygon CDK Docs GitHub

Silent Data

Applied Blockchain TEE HW-Anchored

Summary

Silent Data is an Ethereum Layer 2 developed by Applied Blockchain that provides full Turing-complete programmable privacy for smart contract execution and transaction data. Privacy is enforced at the execution layer using trusted execution environments (TEEs), enabling regulated applications to control disclosure while maintaining standard EVM execution and connectivity to Ethereum.

Privacy Approach

Uses Trusted Execution Environments (TEEs) — specialized chips that process data in encrypted form. Infrastructure operators cannot observe processing. Privacy guarantees derive from hardware properties. Privacy controls are applied at the execution layer, allowing transaction inputs, intermediate state, and smart contract logic to execute confidentially. No custom cryptography. No changes to Solidity.

Integration Requirements

Existing smart contracts deploy directly (standard EVM, no custom extensions)
First L2 deployed using OP Stack, part of Ethereum Superchain ecosystem
Assets bridge to Silent Data L2 (similar to Base, Unichain)
Works with standard Ethereum/EVM tooling

Case Studies

Archax: FCA-regulated digital securities exchange — Aberdeen money market fund live in production
DHL Health Logistics — CRYOPDP: Award-winning supply chain logistics in production
Shell: Energy trading applications with privacy
Blueprints: Pre-built privacy-enabled application templates

Solution Characteristics

Performance: Up to 4,000 TPS (performance not impacted by privacy protocol)
Trust model: Depends on hardware manufacturer attestation (Intel)
Network: Standard Ethereum L2, assets can be bridged
Maturity: Live on OP L2 Superchain (verified by OP and L2Beat)

Documentation

Documentation GitHub

Decision Framework

Evaluation
Guide

Understanding the landscape is one thing; making a selection is another. This framework synthesizes the previous sections into a practical set of questions that guide enterprise decision-makers through the evaluation process.

When evaluating privacy solutions, enterprises should systematically consider the following questions:

What needs to be private?

Transaction amounts, counterparty identities, business logic, or all three? Different solutions excel at protecting different data types.

What trust model is acceptable?

Pure cryptographic guarantees, hardware-dependent security, or organizational trust? Your risk tolerance and regulatory requirements will guide this choice.

What is the regulatory environment?

GDPR, MiCA, or sector-specific requirements? Ensure the solution supports necessary compliance mechanisms like selective disclosure.

What is the deployment timeline?

Production-ready solutions vs. emerging technology? Balance innovation with operational readiness based on your timeline.

What is the integration complexity?

Mainnet settlement vs. separate chain? Consider the technical resources required and existing infrastructure compatibility.

Related IPTF Framework

See IPTF's Public Rails vs Private Ledgers ↗ for a related decision framework covering public blockchains with cryptographic privacy and private ledgers with trust-based privacy.

No single solution addresses all enterprise privacy requirements. The optimal approach often involves combining solutions or selecting based on the specific use case.

Future Outlook & Open Questions

Looking
Ahead

This report captures a moment in time. Privacy technology on Ethereum is evolving rapidly, and the questions that remain unanswered today will shape the next phase of enterprise adoption. This section highlights the open challenges and the working group's commitment to ongoing collaboration.

As the privacy landscape on Ethereum continues to evolve, several critical questions remain open for the enterprise community:

How will privacy solutions interact with each other across L1 and L2?

What standards are needed for cross-solution interoperability?

How will regulatory frameworks evolve to address on-chain privacy?

What role will the EF Privacy Roadmap play in standardizing base-layer privacy?

Joint Statement

Building the future of Compliant Privacy on Ethereum

The members of this working group, in collaboration with the wider Ethereum community and the Ethereum Foundation (EF), remain committed to the development of "Compliant Privacy." We believe that the future of the enterprise web is not just decentralized, but inherently confidential.

Additional Privacy Solutions

Broader
Ecosystem

Solutions profiled were contributed by EEA member organizations participating in the Privacy Working Group. Inclusion requires EEA membership and active working group participation.

Other privacy solutions exist in the Ethereum ecosystem. These are listed below based on publicly available information. Organizations interested in contributing detailed profiles may contact the EEA about membership.

Company

Solution

RAILGUN DAO

Privacy system enabling private transfers and DeFi interactions on Ethereum mainnet using ZK proofs

Aztec Labs

ZK rollup with native private smart contracts and encrypted state on Ethereum

Zama

Encrypted smart contracts using fully homomorphic encryption on EVM chains

Fhenix

FHE-powered L2 enabling computation on encrypted data

Panther

Privacy pools for compliant private transactions with selective disclosure

ScopeLift / Umbra

Stealth address protocol for private payments on Ethereum

Contact

Get
In Touch

For inquiries about privacy solutions on Ethereum, working group participation, or EEA membership, contact us at:

privacy-wg@entethalliance.org

Working Group Contributors

Organization

Solution

Contributors

Applied Blockchain

Silent Data

Andrew Campbell, Adi Ben-Ari

Consensys

Linea Enterprise

Florian Huc, Arthur Remy

COTI

COTI V2

Brad Goodwin, Amateo Kaplan, Guy Mesika, Joshua Maddox

Enterprise Ethereum Alliance

Working Group Lead

Redwan Meslem

Ethereum Foundation

Privacy

Andy Guzman

Nightfall

Kahina Khacef

Kaleido / LFDT

Paladin

Jim Zhang, Peter Broadhurst, Matthew Whitehead, Sophia Lopez, Josh Mercer-Deadman

Polygon

CDK

Shelby Kinney-Lang, Avi Atkin, Aishwary Gupta, Serena Leung

ZKsync / Matter Labs

Prividium

Omar Azhar

Contributors & Reviewers

Aaryamann Challani

Ethereum Foundation

Adi Ben-Ari

Applied Blockchain

Aishwary Gupta

Polygon

Amateo Kaplan

COTI

Andrew Campbell

Applied Blockchain

Andy Guzman

Ethereum Foundation

Arthur Remy

Consensys

Avi Atkin

Polygon

Brad Goodwin

COTI

Florian Huc

Consensys

Grace Mackeith

Applied Blockchain

Guy Mesika

COTI

Jim Zhang

Kaleido

Josh Mercer-Deadman

Kaleido

Joshua Maddox

COTI

Kahina Khacef

Matthew Whitehead

Kaleido

Michal Zajac

Nethermind

Omar Azhar

ZKsync

Peter Broadhurst

Kaleido

Redwan Meslem

EEA

Serena Leung

Polygon

Sergey Shemyakov

L2BEAT

Shelby Kinney-Lang

Polygon

Sophia Lopez

Kaleido

Stefano De Angelis

Nethermind

Disclaimer: This report is provided for informational purposes only and represents the collective findings of the EEA Privacy Working Group. The information contained herein should not be construed as legal, financial, or technical advice. Organizations should conduct their own due diligence before implementing any privacy solutions. The EEA and contributing organizations make no warranties regarding the accuracy, completeness, or suitability of the information presented.