Privacy on Ethereum

Privacy is not only essential for personal safety, it's a cornerstone of freedom and a key guarantor for decentralization (opens in a new tab). Privacy gives people the ability to express themselves, transact with others, and organize communities freely. But like all blockchains, Ethereum's public ledger makes privacy challenging.

Ethereum is transparent by design. Every onchain action is visible to anyone who looks. While Ethereum offers pseudonymity by linking your activity to a public key instead of a real-world identity, patterns of activity could be analyzed to reveal sensitive information and identify users.

Building privacy-preserving tools into Ethereum can help people, organizations, and institutions interact securely while limiting unnecessary exposure. This makes the ecosystem safer and more practical for a wider range of use cases.

Privacy for writes

By default, every transaction written on Ethereum is public and permanent. This includes not only sending ETH, but also registering ENS names, collecting POAPs, or trading NFTs. Everyday actions like payments, voting, or identity verification can reveal your information to unintended parties. There are several tools and techniques that can help make these more private:

Mixing protocols (or "mixers")

Mixers break the link between senders and recipients by putting many users' transactions into a shared "pool" and then letting people withdraw later to a fresh address. Since deposits and withdrawals are jumbled together, it's much harder for observers to connect them.

Examples: PrivacyPools (opens in a new tab), Tornado Cash (opens in a new tab)

Shielded Pools

Shielded pools are similar to mixers but they allow users to hold and transfer funds privately inside the pool itself. Instead of just obscuring the link between deposit and withdrawal, shielded pools maintain an ongoing private state, often secured with zero-knowledge proofs. This makes it possible to build private transfers, private balances, and more.

Examples: Railgun (opens in a new tab), Aztec (opens in a new tab), Nightfall

Stealth addresses

A stealth address (opens in a new tab) is like giving each sender a unique, one-time P.O. box that only you can open. Every time someone sends you crypto, it goes to a fresh address, so no one else can see that all those payments belong to you. This keeps your payment history private and harder to track.

Examples: UmbraCash (opens in a new tab), FluidKey (opens in a new tab)

Other use cases

Other projects exploring private writes include PlasmaFold (opens in a new tab) (private payments) and systems like MACI (opens in a new tab) and Semaphore (opens in a new tab) (private voting).

These tools expand options for writing privately on Ethereum, but each comes with tradeoffs. Some approaches are still experimental, some increase costs or complexity, and some tools like mixers may face legal or regulatory scrutiny depending on how they're used.

Privacy for reads

Reading or checking any information on Ethereum (e.g. your wallet balance) usually goes through a service such as your wallet provider, a node provider, or a block explorer. Because you're relying on them to read the blockchain for you, they can also see your requests along with metadata like your IP address or location. If you keep checking the same account, this information can be pieced together to link your identity to your activity.

Running your own Ethereum node would prevent this, but storing and syncing the full blockchain remains costly and impractical for most users, especially on mobile devices.

Some projects exploring private reads include Private Information Retrieval (opens in a new tab) (PIR, fetch data without revealing what you're looking up), zkID (opens in a new tab) (private identity checks with zero-knowledge proofs), vOPRF (opens in a new tab) (use Web2 accounts pseudonymously in Web3), vFHE (opens in a new tab) (compute on encrypted data), and MachinaIO (opens in a new tab) (hide program details while keeping functionality).

Privacy for proving

Privacy-preserving proofs are tools you can use on Ethereum to show that something is true without revealing unnecessary details. For example, you could:

• Prove you're over 18 without sharing your full birthdate
• Prove ownership of an NFT or token without revealing your entire wallet
• Prove eligibility for a membership, reward, or vote without exposing other personal data

Most tools for these rely on cryptographic techniques like zero-knowledge proofs, but the challenge is making them efficient enough to run on everyday devices, portable to any platform, and secure.

Some projects exploring privacy for proving include Client Side Proving (opens in a new tab) (ZK proving systems), TLSNotary (opens in a new tab), (proofs of authenticity for any data on the web), Mopro (opens in a new tab) (mobile client-side proving), Private Proof Delegation (opens in a new tab) (delegation frameworks that avoid trust assumptions), and Noir (opens in a new tab) (language for private and verifiable computing).

Privacy Glossary

Anonymous: Interacting with all identifiers permanently removed from your data, making it impossible to trace information back to an individual

Encryption: A process that scrambles data so that only someone with the correct key can read it

Fully Homomorphic Encryption (opens in a new tab) (FHE): A way to perform computations directly on encrypted data, without ever decrypting it

Indistinguishable Obfuscation (opens in a new tab) (iO): Privacy techniques that make programs or data unintelligible while still usable

Multi-Party Computation (opens in a new tab) (MPC): Methods that allow multiple parties to compute a result together without exposing their private inputs

Programmable Cryptography: Flexible, rule-driven cryptography that can be customized in software to control how and when data is shared, verified, or revealed

Pseudonymous: Using unique codes or numbers (like an Ethereum address) in place of personal identifiers

Selective Disclosure: The ability to share only what's needed (e.g. proving you own an NFT without revealing your entire wallet history)

Unlinkability: Making sure separate actions on the blockchain cannot be tied back to the same address

Verifiability: Ensuring others can confirm a claim is true, such as validating a transaction or proof on Ethereum

Verifiable Delegation: Assigning a task—like generating a proof—to another party (e.g. a mobile wallet using a server for heavy cryptography) while still being able to verify it was done correctly

Zero-Knowledge Proofs (ZKPs): Cryptographic protocols that let someone prove information is true without revealing the underlying data

ZK Rollup: A scalability system that batches transactions off-chain and submit a validity proof onchain—not private by default, but they enable efficient privacy systems (like shielded pools) by reducing costs

Resources

• Privacy Stewards of Ethereum (opens in a new tab) (PSE), an Ethereum Foundation research and development lab focused on privacy for the ecosystem
• Web3PrivacyNow (opens in a new tab), a network of people, projects, and aligned organizations who protect and advance human rights online
• WalletBeat (opens in a new tab), an Ethereum wallet rating site aiming to provide a comprehensive list of wallets, their functionality, practices, and support for certain standards.
• Zk-kit (opens in a new tab): A set of libraries (algorithms, utility functions, and data structures) that can be reused in different projects and zero-knowledge protocols.
• Privacy Apps - Discover a list of curated Privacy applications that run on Ethereum.

صفحہ کی آخری تازہ کاری: 6 ستمبر، 2025

w (opens in a new tab)

k (opens in a new tab)

شراکت داران دیکھیں