Privacy is a significant and growing topic within the cryptocurrency space. Both companies and individuals have a strong desire to prevent governments, family members, colleagues, or business competitors from freely accessing all their information published on public blockchains.
Numerous methods for protecting privacy on the blockchain have been tested and researched. However, a truly comprehensive overview of this field has been lacking. In this article, we analyze the latest developments and research across four key areas:
- Privacy-Focused Cryptocurrencies
- Smart Contract Privacy
- Privacy Infrastructure
- Privacy Research
Bitcoin’s Privacy (Or Lack Thereof)
Bitcoin was initially developed with anonymity in mind—privacy was protected so long as real-world identities couldn’t be linked to Bitcoin addresses. However, due to the public nature of the Bitcoin blockchain, it quickly became clear that individuals could be identified based on usage patterns of certain addresses and transactions. Additionally, nodes can leak their IP addresses when broadcasting transactions.
In the early days, many entities—such as Mt. Gox, Silk Road, and Satoshi Dice—were identified based on their transaction patterns. As early as 2013, researchers successfully linked many online wallets, merchants, and service providers to their real-world identities. Today, companies like Chainalysis and Elliptic specialize in de-anonymizing the blockchain to detect money laundering, fraud, and other violations.
To address Bitcoin's privacy shortcomings, services like CoinJoin emerged. CoinJoin is a “tumbler” service that allows users to collaboratively create transactions to change ownership of their tokens, granting a degree of anonymity. As more users participate over time, the anonymity set grows. However, CoinJoin has its limitations—its privacy relies on the size of the anonymity set, and the average number of participants per transaction is only 2–4. Researchers have successfully de-anonymized a significant portion of CoinJoin transactions. Later improvements and alternatives like TumbleBit also emerged but came with their own constraints.
Privacy-Focused Cryptocurrencies
Due to Bitcoin’s privacy limitations and the absence of protocol-level plans to enhance it, several new cryptocurrencies designed for private transactions have emerged.
Zcash
Zcash was created by a strong team of cryptographers using zk-SNARKs technology. The concept of “zero-knowledge proofs” was first introduced in 1985, and zk-SNARKs were further developed in 2015. This technology allows users to prove they possess certain information without revealing the information itself—concise and non-interactive. zk-SNARKs support many privacy-related projects and can help compress blockchain size via recursive composition.
The Zcash team is continuously working on improvements. The Sapling upgrade, launched in October 2018, significantly improved the performance and functionality of shielded (encrypted) transactions. Before Sapling, only about 15% of Zcash transactions were shielded due to high computational costs. Sapling helped increase the number of private transactions.
Monero
Monero is another leading privacy coin, but it uses ring signatures instead of zk-SNARKs. The Monero team is also developing Kovri, a system for privacy-focused packet routing that helps users hide their geographic location and IP address. Anonymizing network traffic greatly enhances the security of the Monero network and helps protect users from potential legal or physical harm.
Zcash and Monero are often compared. Both are led by well-known figures in the crypto community, but they differ in structure: Zcash is backed by a company and a foundation, while Monero has a more organic community of core developers. Both have faced privacy flaws in the past, but these have been addressed over time.
The two projects adopt fundamentally different approaches to privacy and make different trade-offs. It remains unclear which will prove superior in the long term. In many ways, Zcash and Monero continue to coexist—much like Coca-Cola and Pepsi.
Grin and Mimblewimble
Mimblewimble is a new blockchain project focused on privacy, built upon Bitcoin’s foundation. The project was introduced anonymously in 2016 via a whitepaper submitted to a Bitcoin research channel. Grin, the first implementation of Mimblewimble, began gaining mainstream attention after a presentation at Stanford’s BPASE conference in 2017. Grin’s mainnet launched in early 2019.
Mimblewimble/Grin offers improvements over Bitcoin’s privacy and CoinJoin by featuring no public addresses, full privacy, and a compact blockchain. Grin uses the Cuckoo Cycle proof-of-work algorithm, which was initially designed to be ASIC-resistant but is now considered ASIC-friendly.
Grin combines many of Bitcoin’s social strengths—anonymous founder, leaderless development, PoW consensus, no ICO, no on-chain governance—with technical improvements inspired by Zcash and Monero. Unlike Bitcoin, Grin has an unlimited total supply with a linear emission rate, meaning inflation is high early on but gradually approaches zero. This design encourages spending rather than hoarding early on.
Grin’s monetary policy differs significantly from Zcash’s controversial founder reward, which allocated 20% of newly minted ZEC to developers for the first four years. Mimblewimble blockchains scale with the number of users rather than transactions, avoiding UTXO set bloat through techniques similar to Monero’s ring signatures.
Other interesting privacy coins in early development include MobileCoin and BEAM.
Smart Contract Privacy
Smart contract code is inherently public, so privacy here is different from payment privacy. Unfortunately, program obfuscation has been proven impossible, meaning smart contracts currently lack both confidentiality (hiding transaction amounts) and anonymity (hiding sender and receiver identities).
The demand for smart contract privacy will likely grow when businesses begin building decentralized applications at scale and need to hide customer activity. For now, there’s little harm in everyone seeing the usage of apps like CryptoKitties. This is reminiscent of the early internet when most sites used HTTP; HTTPS only became widespread with the rise of e-commerce and the need for encrypted traffic.
On Ethereum, researchers like Benedikt Bünz are working on Zether—a private payment mechanism fully compatible with Ethereum that offers confidentiality and anonymity for smart contracts. Zether is implemented as an Ethereum smart contract to minimize gas costs. It also supports various features that enable provable privacy for applications like payment channels.
Keep is another project building a privacy layer for Ethereum by creating off-chain containers for private data. This allows smart contracts to manage and use private data without exposing it on the public chain.
While privacy is a priority for Ethereum, it currently ranks behind the transition to Casper. Progress on Casper has been slow, raising the risk that privacy may not become a core feature of Ethereum for years. If privacy in smart contracts becomes an urgent need, new platforms may emerge to fill the gap—just as Zcash and Monero did for private payments. Projects like Enigma, Origo, and Covalent are already working on native privacy features for smart contracts.
Oasis Labs is another promising project building Ekiden—a new smart contract platform that separates execution from consensus. Smart contracts run inside secure hardware enclaves (like Intel SGX), which act as black boxes keeping computation private. A cryptographic proof is generated to verify correct execution and stored on the blockchain. By decoupling execution from consensus, Ekiden can be compatible with various underlying blockchains, including Ethereum.
Privacy Infrastructure
Beyond privacy coins and private smart contracts, several projects are building critical privacy infrastructure for the Web3 stack.
Orchid is creating an optimized version of Tor where users can earn tokens by renting out their excess bandwidth to become relays. Tor has only about 6,000 relay nodes and fewer than 2,000 bridge nodes, making it relatively easy for governments to block access. By incentivizing more participants to become relays, Orchid aims to make censorship more difficult.
BOLT is developing private payment channels that use blind signatures and zero-knowledge proofs to hide participant identities when opening, transacting, and closing channels. Initially built on Zcash, BOLT aims to become interoperable with Bitcoin and Ethereum.
NuCypher is building a decentralized key management system using proxy re-encryption—a public-key encryption technique that allows ciphertexts to be transformed from one public key to another without revealing the underlying message. This provides functionality similar to HTTPS for decentralized applications.
Starkware is implementing zk-STARKs on various blockchains, including Ethereum. Unlike zk-SNARKs, zk-STARKs do not require a trusted setup, though their cryptographic proofs are significantly larger.
Privacy Research
Academic cryptography research continues to drive innovation in privacy. Key areas include zero-knowledge proofs, secure multi-party computation, and fully homomorphic encryption.
Besides zk-SNARKs and zk-STARKs, Bulletproofs are a new type of short non-interactive zero-knowledge proof. Like zk-STARKs, Bulletproofs do not require a trusted setup, though verification takes longer than with zk-SNARKs. Bulletproofs are designed for efficient private transactions in cryptocurrencies, reducing proof size from over 10 KB to just 1–2 KB. If all Bitcoin transactions were private and used Bulletproofs, the UTXO set size would be around 17 GB—compared to 160 GB today.
Secure multi-party computation (MPC) allows a group of people to jointly compute a function using their inputs without revealing those inputs. For example, Alice and Bob could determine who has more Bitcoin without disclosing their balances. Unfortunately, MPC remains highly inefficient for practical use.
Fully homomorphic encryption (FHE) enables computation on encrypted data. This long-standing problem in cryptography was first solved in 2009 by Craig Gentry using ideal lattices. For example, Bob could train a machine learning model on Alice’s encrypted data without her needing to decrypt it. Like MPC, FHE is still largely theoretical and too inefficient for real-world applications.
Frequently Asked Questions
What is the main difference between Zcash and Monero?
Zcash uses zk-SNARKs to enable shielded transactions, while Monero uses ring signatures and stealth addresses. Zcash offers optional privacy, whereas Monero transactions are private by default.
Can Bitcoin transactions be truly private?
While Bitcoin offers pseudonymity, it is not truly private. Techniques like CoinJoin can enhance privacy, but achieving strong anonymity requires careful behavior and additional tools.
What are zk-SNARKs?
zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) allow one party to prove to another that a statement is true without revealing any information beyond the validity of the statement itself.
Is Grin inflationary?
Yes, Grin has a linear emission curve with no supply cap. This means new coins are continuously created, leading to a persistent but declining inflation rate over time.
What is secure multi-party computation?
MPC is a cryptographic technique that allows multiple parties to jointly compute a function over their inputs while keeping those inputs private.
Why is smart contract privacy important?
As enterprises and individuals use blockchain for sensitive applications—such as finance or identity management—the ability to keep transactions and data private becomes critical.
Looking Ahead
Privacy remains one of the most exciting areas in cryptographic research. Significant efficiency improvements are still needed before many of these theoretical techniques can be widely adopted in the real world. Research labs like the Stanford Center for Blockchain Research are actively pushing the field forward, and major breakthroughs are expected in the coming years.
Cryptocurrency provides a direct application for the latest privacy research. Many of the privacy technologies used in tokens, smart contracts, and infrastructure were invented only a few years ago. Given the rapid pace of development, privacy is likely to become a central design feature in future crypto projects.