Approaches to Privacy On-Chain

Arcium Team
· 6 min read
Send by email


Public blockchains are transparent by default at the protocol level, where transactions are permanently visible and immutable to anyone via the blockchain ledger. With only pseudonymous public key addresses, discerning users’ identities from these addresses and on-chain activity is relatively straightforward for blockchain analysis companies like Chainalysis or deanonymizing protocols like Arkham. That is why privacy preservation is vital to protect users and secure applications built on public ledgers.

Due to their decentralized nature, enabling user privacy guarantees on blockchains is more complex than Web 2 predecessors, where data centers are trusted to ensure user data remains secure. However, as we know, this model comes with many pitfalls and feeds pervasive phenomena like surveillance capitalism and data exploitation. So, how does privacy come to fruition in blockchain, where networks and applications run on distributed network nodes? Throughout this article, we will break down several privacy-preserving protocols, utilizing various methods to achieve privacy for blockchain users. It does not delve into the cryptographic primitives that will enable privacy within these systems, which we explain in other articles.

Different Approaches to Privacy on Blockchains

There are various ways of achieving privacy for users using public blockchains — from privacy coins and shielded pools to private execution virtual machines and confidential computing solutions. Each mode comes with different considerations that are essential to understand when using these privacy-enhancing tools or implementing them into new or existing applications

Asset-specific privacy

Asset-specific privacy is the earliest form of privacy preservation on-chain. This includes privacy coins like ZCash or Monero, where privacy guarantees are tied to a specific asset, ZEC, and XMR respectively. These chains were built for only one monetary unit (ZEC for ZCash and XMR for Monero) and transfer use case. Although there are nuances here, like ZCash being found in both shielded and transparent forms, the general limitation of this approach is that privacy guarantees are tied to specific assets. That is, privacy is only available for the native token. This inherently limits usability, as users can’t access privacy for any other asset type. Although ZCash and Monero are viable options for use cases where users want to send or receive ZEC or XMR privately, interacting with other blockchain ecosystems and their respective applications becomes arduous. Ecosystems like Ethereum and Solana have hundreds of different asset types, including non-fungible ones like Soulbound Tokens and NFTs. As these ecosystems mature, privacy preservation must extend to support a diverse range of assets, allowing users to access privacy guarantees for the asset(s) they choose to transact with.

Shielded pools

Shielded pools, sometimes called anonymity sets or privacy pools, refer to solutions that break the link between a user’s public key and the assets they hold, enabling them to transact privately. On a high level, users can deposit an asset into a pool, an account operated by a smart contract. Through various cryptographic techniques, each user’s deposit is indistinguishable from another within the shielded pool. After depositing, users can initiate a transaction by proving (usually via zero-knowledge proof) their spending power over the deposited assets. This allows them to utilize these assets without links to their public keys, effectively preserving their privacy. The critical caveat of shielded pools is that privacy guarantees are stronger the more unique deposits exist within a given pool. Simply put, more users means better privacy.

Private execution virtual machines

Private execution Virtual Machines (VMs) are an up-and-coming form for preserving privacy on blockchains. This approach enables off-chain computation to be verified on-chain since currently there isn’t an efficient way to verify the correctness of private data directly on-chain. Although Fully Homomorphic Encryption (FHE) could change this in the future, an off-chain execution, on-chain verification model using Zero-Knowledge Proofs (ZKPs) is currently used. This allows apps/users not to have to publish any revealing or sensitive data on-chain. Utilizing ZKPs for privacy, they eliminate the need to publish data on-chain while retaining the correctness of state transitions. This approach powers “private by default” Layer 1’s like Aleo or private execution Layer 2’s like Aztec Labs, where privacy can be implemented at the protocol level. Private VMs expand the scope of solutions that can be built by bringing more arbitrary private applications on-chain like private gaming. However, privacy guarantees in this architecture are not bound to privacy set but by state interactivity, as it establishes what data users must show to other users involved in an interaction that results in a state transition. In addition, this approach has some limitations for existing applications as it would require entirely new logic.

Each approach to privacy on blockchains has advantages and disadvantages depending on the use case and application. Privacy coins like ZEC and XMR are great for basic sending but are limited by their usability. Shielded pools bring more flexibility to privacy preservation but have their effectiveness dependent on the number of deposits within the pool. Private execution VMs establish the possibility for default privacy but still come with the possibility of leaking information and burdensome development overhead. Although each use case and application needs to reason through the ideal design approach for enhancing privacy, many ecosystems and applications need privacy now.

Confidential Compute

Confidential Computing is a technology designed to protect data in three primary states: at rest, in use, and in transit. Previously, this data was only encrypted at rest and in transit through the use of hardware-based solutions called Trusted Execution Environments (TEEs). However, this solution left the data vulnerable, especially when it was in its “at rest” state as many utilize third party services to store this sensitive data. In order to streamline the data usage, the third party requires the data to be decrypted, which allows for hackers to target these services and exploit them for this sensitive data.

With Arcium, we further build upon this and solve the vulnerability issue by focusing on cryptographic-based encryption. We combine data encryption and security technologies like Multi-Party Computation (MPC), Homomorphic Encryption (HE), and Zero-Knowledge Proofs (ZKPs), and more, to enable trustless, verifiable and efficient encrypted computation without needing to rely upon hardware-based solutions or third party data storage.

The idea of cryptographic-based encryption is not a new topic, and many fantastic protocols and projects are helping to shape this technology and bring more security to Web 3 as well. A few include:

Zama: It is an open-source Fully Homomorphic Encryption (FHE) tool designed for both Web 2 and Web 3 applications. This tool simplifies the process for developers to utilize FHE across various use cases, including blockchain and AI. They have developed powerful applications like the sentiment analysis tool, image filtering tool, and health prediction tool, all built on confidential compute foundations.

Inco: The Ethereum-based modular confidential computing network represents a new stage in blockchain development, integrating the capabilities of FHE with Ethereum's strong framework. Inco leverages confidential computing to tap into Ethereum’s expertise in smart contracts and its extensive developer network, promoting the creation of privacy-focused decentralized applications (dApps). This advanced technology is employed by Inco to enhance data protection and enable smooth cooperation within decentralized networks.

Fhenix: Fhenix is pioneering the development of the first confidential smart contract platform powered by FHE. They aim to enhance the blockchain ecosystem by introducing data encryption and the capability to compute on encrypted data within smart contracts, transactions, and on-chain assets for the first time. Through the adoption of FHE, Fhenix is transforming the management of sensitive data within the blockchain space, aiming for a future where privacy and decentralization coexist as complementary elements of a secure digital economy.

Builders like these and many others are pioneering how confidential compute is utilized and applied across a multitude of applications. Data security technology innovations are revolutionizing data privacy to pave the way for mass adoption across Web 3.

Arcium will redefine privacy and confidentiality for blockchains

Privacy in blockchain has yet to come to usable fruition and general adoption. Why? Beyond compliance, the privacy landscape in its current stage is fragmented. Depending on the privacy protocol one uses, underlying limitations affect privacy guarantees, UX, or both. Arcium aims to provide trustless, verifiable and performant encrypted computation maintaining data confidentiality, integrity and utility. . Combining all the advantages of Zero-Knowledge Proofs (ZKPs), FHE, and Multi-Party Computation (MPC), we provide, a platform that ensures data remains encrypted and private throughout its lifecycle. Multi-Party Computation Execution Environments (MXE) will step up data security and privacy across a myriad of applications in both Web 2 and Web 3. Use cases across DeFi, DePIN, A,I and more can utilize  Arcium for encrypted computation providing privacy and confidentiality guarantees for users and applications.