New technologies — from the telegraph and telephone to the internet — have always sparked fresh anxieties about privacy’s impending demise. Blockchains have proven no different, and privacy on blockchains is often misunderstood as either creating a dangerous level of transparency or a haven for crime.

But the real challenge is not about choosing between privacy and security, but about building tools — technical and legal — that support both. From zero-knowledge proof systems to advanced cryptography, privacy-preserving solutions are already scaling. Far from being just about finance, blockchain privacy opens doors for identity verification, gaming, AI, and more applications that benefit users.

And with U.S. stablecoin legislation recently signed into law, the need for blockchain privacy is now more urgent than ever. Stablecoins represent an opportunity to onboard a billion people into crypto. But for users to be comfortable using crypto to pay for everything from their coffee to their medical bills, they will need to be certain that the activities they undertake onchain are private. Now is not the time to mythmake, but to build.

The debate over privacy is not new, and neither is the answer: Innovation, not myths and misconceptions, will shape its future.

Myth #1: The internet is responsible for modernity’s “privacy problems”

The truth: Nearly a century before the advent of the internet, the communications revolutions of the late 19th century spurred the development of privacy rights in the United States. Entrepreneurs developed technologies that allowed for the unprecedented transmission of information — news, words, pictures, and other media — including the first commercial telegraph, the telephone, the commercial typewriter, the microphone, and many others. Historian and professor Sarah Igo observed that in America at the time “conflicts over privacy grew up alongside new modes of communication,” eliciting new privacy questions: Could news media use the names, portraits, or pictures of others for the purpose of trade? Could law enforcement wiretap telephone lines to listen in on conversations, or use photography and fingerprinting to establish permanent records or a registry for identifying criminals?

Soon after the introduction of these technologies, legal scholars began to grapple with the privacy challenges that they raised. In 1890, future Supreme Court Justice Louis D. Brandeis and fellow lawyer Samuel D. Warren published “The Right to Privacy” in the Harvard Law Review. Privacy laws were then steadily developed in legislation, tort, and constitutional law throughout the 20th century. It was more than a century after Brandeis and Warren published their law review article, in 1993, when the first widely available commercial internet browser, Mosaic, was released, and the privacy issues associated with the internet increased.

Myth #2: The internet works fine without privacy

The truth: A lack of privacy in the early internet was a significant impediment to its more widespread adoption. In general, people had higher degrees of privacy prior to the internet. As Simon Singh recounts in The Code Book, Whitfield Diffie, an early pioneer in cryptography research, noted that when the Bill of Rights was ratified, “any two people could have a private conversation — with certainty no one in the world enjoys today — by walking a few meters down the road and looking to see no one was hiding in the bushes.” Similarly, people could engage in financial transactions based on commodities or cash with a level of privacy and anonymity that is absent from most digital transactions today.

Advancements in the study of cryptography reduced concerns about privacy and resulted in new technologies that could facilitate the exchange of confidential digital information and ensure robust data protection. Predicting that many users would demand basic privacy protections for their digital activities, cryptographers like Diffie sought out new solutions that could provide such protection — namely, asymmetric public key cryptography. Diffie and others developed new encryption tools that now underpin e-commerce and data protection. These tools also paved the way for other confidential exchanges of digital information, which apply to blockchains today.

The development of HyperText Transfer Protocol Secure (HTTPS) is just one example of a privacy tool that allowed the internet to flourish. In the early days of the internet, a user (i.e., a client) would communicate with a web server using the Hypertext Transfer Protocol (HTTP). This web protocol allowed data to be transferred to web servers, but it had a significant drawback: It transferred that data without encryption. Malicious actors could therefore read any sensitive information users submitted to a website. Developed a few years later by Netscape for its browser, HTTPS added a layer of encryption that could protect sensitive information. As a result, users could send credit card information over the internet and engage in private communications more broadly.

With encryption tools like HTTPS, internet users are more comfortable providing personal identifying information — names, dates of birth, addresses, and social security numbers — through online portals. This has helped make digital payments the most common payment method used in the US today. Corporations also accept the risks that arise from receiving and safeguarding such information.

These changes in behavior and process unlocked many new applications, from messaging to online banking to e-commerce. Internet activities are now a significant aspect of today’s economy and generate unprecedented communications, entertainment, social networking, and other experiences.

Myth #3: Public blockchain transactions are anonymous

The truth: Public blockchain transactions are transparently recorded on an open, shared digital recordbook, making them pseudonymous, not anonymous — an important distinction. A centuries-old practice, pseudonymity even played an important role in the early United States: Benjamin Franklin famously adopted the pen name “Silence Dogood” to publish his early writings in the New-England Courant, while Alexander Hamilton, John Jay, and James Madison used “Publius” to identify their contributions to The Federalist Papers (Hamilton used several pseudonyms in his writings).

Blockchain users transact with one another via wallet addresses that are associated with a unique series of algorithmically generated alphanumeric characters (i.e., keys), rather than their real names or identities. The distinction between pseudonymity and anonymity is critical for understanding the transparent nature of blockchains: Although the alphanumeric characters of a wallet address cannot be immediately linked to the identifying information of a particular user, the holder of the keys has far less privacy protection — let alone anonymity — than one might think. A cryptographic address can function like a username, email address, phone number, or bank account number. Once a user interacts with another person or entity, the counterparty can link the pseudonymous wallet address with a particular user, exposing the user’s entire onchain transaction history and potentially revealing their personal identity. For example, if a shop accepts payment in cryptocurrencies from its customers, the store’s cashiers could see where else those customers had shopped before and the customer’s crypto holdings (at least for the wallet on the blockchain network used for that particular transaction, given that sophisticated crypto users have multiple wallets and tools). Think of this as the equivalent of having the history of your credit card use made public.

The original Bitcoin White Paper discussed this risk, stating that “if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner.” Ethereum co-founder Vitalik Buterin has also written about the challenges involved in “making a significant portion of your life public for anyone to see and analyze,” and he has proposed solutions such as “privacy pools” — where zero-knowledge proofs allow users to prove legitimate funds and sources without having to reveal full transaction history. For this reason, several companies are working on solutions in this space as well, not just to protect privacy but also to allow new applications that combine privacy with other unique properties of blockchains.

Myth #4: Due to blockchain privacy, criminality abounds

The truth: Data from the U.S. government and blockchain analytics companies shows that the use of crypto for illicit finance is still below that of fiat currencies and other traditional sources, and illicit activities are a small portion of the total activity that occurs on blockchains (see here and here; we also discuss this in greater detail below). This data has been consistent for years. In fact, as blockchain technology has continued to develop, rates of illicit activities onchain have declined.

It is no secret that illicit activities made up a large portion of the Bitcoin network’s total activity in its earliest days. As David Carlisle observes, citing researcher Sarah Meickeljohn, “At one point, the main Bitcoin address that the Silk Road used contained 5% of all bitcoins in existence, and the site accounted for as much as one-third of Bitcoin transactions that took place during 2012.”

But the crypto ecosystem has since successfully integrated effective mechanisms to mitigate illicit finance, and the total amount of lawful activities has grown. Recent reports from TRM Labs estimate that illicit volume accounted for less than 1% of total crypto volume in 2024 and 2023 (based on the USD value of funds stolen in crypto hacks, as well as the USD value of transfers to blockchain addresses that have been linked to entities in illicit categories). Chainalysis and other blockchain analytics companies have published similar estimates (including for earlier years).

Likewise, government reports, particularly those from the Biden Administration’s Treasury Department, have shed light on the lower illicit finance risks of cryptocurrencies when compared to offchain activities. Indeed, Treasury’s recent reports that discussed crypto — including its 2024 National Risk Assessments, Illicit Finance Risk Assessment on Decentralized Finance, and Illicit Finance Risk Assessment of Non-Fungible Tokens — recognized that most money laundering, terrorist financing, and proliferation financing by volume and value of transactions occurs in fiat currency or via more traditional methods.

Furthermore, the transparency features of many blockchains (such as those discussed in Myth #3) have made it easier for law enforcement to catch criminals. Because the movement of illicit funds is visible on public blockchain networks, law enforcement can track the funds to “off-ramps” (i.e., cash-out points for cryptocurrencies) and blockchain wallet addresses associated with bad actors. Blockchain tracing techniques played an important role in the takedowns of illicit marketplaces, including the Silk Road, Alpha Bay, and BTC-e.

It is precisely for these reasons that many criminal actors have realized the potential pitfalls of using blockchains for transferring illicit funds and have therefore stuck to more traditional methods. While increased blockchain privacy could, in certain instances, make law enforcement efforts to police onchain criminal activities more challenging, new cryptographic techniques are being developed that can both protect privacy and address the needs of law enforcement.

Myth #5: You can choose between combating illicit finance or protecting user privacy — but not both

The truth: Modern cryptographic techniques can reconcile the privacy needs of users and the informational and national security needs of regulators and law enforcement. These techniques include zero-knowledge proofs, homomorphic encryption, multi-party computation, and differential privacy. Zero-knowledge proof systems may have the greatest potential to help strike the right balance. These methods may be applied in many ways to deter crime and enforce economic sanctions while also preventing the surveillance of American citizens or the use of the blockchain ecosystem to steal or launder funds.

Zero-knowledge proofs are a cryptographic process that allow one party (the prover) to convince another party (the verifier) that a statement is true without revealing information other than the fact that the specific statement is true. Take the example of proving whether someone is a citizen of the United States. Using a zero-knowledge proof, a person could prove that proposition to someone else without having to disclose a driver’s license, passport, birth certificate, or other information. A zero-knowledge proof allows that fact to be confirmed without exposing the specific or additional information — whether address, birthdate, or indirect password hints — that could compromise privacy.

Given these features, zero-knowledge-proof solutions are among the best tools that can help detect and deter illicit activities while also preserving user privacy. Current research suggests that there are a number of possible methods for privacy-enhancing products and services to mitigate risk, including:

1. deposit screening to prevent deposits of assets coming from sanctioned persons or wallets;
2. withdrawal screening to prevent withdrawals from sanctioned addresses or addresses associated with illegal activity;
3. voluntary selective de-anonymization, which provides persons who believe that they have been erroneously added to a sanctions list with the option to de-anonymize the details of their transaction to selected or designated parties; and
4. involuntary selective de-anonymization, which involves a private-key-sharing arrangement between a gatekeeper entity (like a non-profit or other trusted organization) and the government, where the gatekeeper entity evaluates requests from the government to use the private keys to de-anonymize wallet addresses.

With the concept of “privacy pools,” Buterin and others also argue in favor of using zero-knowledge proofs so users can demonstrate that their funds do not originate from known unlawful sources — but without having to publicly reveal their entire transaction graph to do so. If users are able to furnish such proofs upon exchanging crypto for fiat currency, the cash-out points (i.e., exchanges or other centralized intermediaries) will have reasonable assurances that the crypto did not derive from proceeds of crime, while the users are able to retain privacy over their onchain transactions.

Although critics have historically raised scalability concerns about cryptographic privacy techniques like zero-knowledge proofs, recent advancements are making them more practical for larger-scale implementation. By reducing computational overhead, scaling solutions are making zero-knowledge proofs more efficient. Cryptographers, engineers, and entrepreneurs continue to improve the scalability and usability of zero-knowledge proofs, making them an effective tool for fulfilling the needs of law enforcement, while preserving individual privacy.

Myth #6: Blockchain privacy is only useful for financial transactions

The truth: Privacy-preserving blockchains could unlock a wide variety of both financial and non-financial use-cases. These capabilities underscore how privacy-preserving blockchain technologies fundamentally expand the scope of secure and innovative digital interactions across use cases. Examples include:

Digital ID: Private transactions enhance digital identity verification, enabling individuals to selectively — and verifiably — disclose attributes like age or citizenship without exposing unnecessary personal data. Likewise, digital ID can help patients improve the confidentiality of their sensitive information while also granularly transmitting appropriate test results and the like to their physicians.

Gaming: Encryption allows developers to create more exciting gameplay by concealing parts of a digital universe — like a special item or hidden level — from a player until their actions unlock them. Without privacy tools, blockchain-based virtual worlds would be transparent to their users, diminishing their immersiveness; a player who knows everything about a digital universe will be less motivated to explore it.

AI: Privacy-preserving blockchain tools also open new possibilities in AI, allowing for encrypted data sharing and model verification methods, without compromising sensitive information.

Finance: In finance, encryption allows decentralized finance applications to offer a wider array of services while maintaining privacy and security. Novel decentralized exchange designs could leverage encryption to improve market efficiency and fairness.

Voting: In decentralized autonomous organizations, there is a strong desire for private onchain voting to avoid the repercussions that could arise from voting for an unpopular measure, or the group-think that could result from mirroring the voting behavior of a particular individual.

These are just some of the obvious applications; as with the internet, once privacy-preserving features are added, we expect to see many novel applications.

The debate over privacy — who controls it, how it is protected, and when it is forfeited — precedes the digital era by at least a century. Each new technology has been met with comparable panic in its time: the telegraph and the telephone, the camera and the typewriter, all prompted debates that would shape society for generations.

To assume that blockchains uniquely imperil privacy — or that they are singularly capable of being weaponized to nefarious ends — misunderstands both history and technology. Just as encryption and cryptographic protocols enabled secure communication and commerce online, emerging privacy-preserving technologies such as zero-knowledge proofs and advanced encryption techniques could offer practical ways to preserve privacy while also achieving compliance objectives and combatting illicit finance.



The real question is not whether new innovations reshape privacy but whether technologists and societies will rise to the challenge by implementing new solutions and practices. Privacy is not lost or compromised; it adapts to fit the broader, pragmatic needs of society. The question, for this technological revolution like for those that preceded it, is how.

(For the paper with complete citation see here.)

David Sverdlov is Regulatory Counsel Partner a16z crypto. Prior to joining a16z, David worked as an associate at Baker McKenzie and Jones Day. David received his JD from Cornell Law School, and his BA from the University of California, Berkeley.

Aiden Slavin is Policy Partner for a16z crypto, supporting the advancement of the firm’s global web3 policy goals. Prior to joining a16z crypto, he led crypto policy initiatives across government and industry at the World Economic Forum focused on DAOs, decentralized ID, and the metaverse. Before that, he managed the development of decentralized ID governance and standards.

The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the current or enduring accuracy of the information or its appropriateness for a given situation. In addition, this content may include third-party advertisements; a16z has not reviewed such advertisements and does not endorse any advertising content contained therein.

This content is provided for informational purposes only, and should not be relied upon as legal, business, investment, or tax advice. You should consult your own advisers as to those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Furthermore, this content is not directed at nor intended for use by any investors or prospective investors, and may not under any circumstances be relied upon when making a decision to invest in any fund managed by a16z. (An offering to invest in an a16z fund will be made only by the private placement memorandum, subscription agreement, and other relevant documentation of any such fund and should be read in their entirety.) Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by a16z, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Andreessen Horowitz (excluding investments for which the issuer has not provided permission for a16z to disclose publicly as well as unannounced investments in publicly traded digital assets) is available at https://a16z.com/investments/.

Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Past performance is not indicative of future results. The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in these materials are subject to change without notice and may differ or be contrary to opinions expressed by others. Please see https://a16z.com/disclosures for additional important information.

Disclaimer:

1. This article is reprinted from [a16zcrypto]. All copyrights belong to the original author [David SverdlovAiden Slavin]. If there are objections to this reprint, please contact the Gate Learn team, and they will handle it promptly.
2. Liability Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.
3. Translations of the article into other languages are done by the Gate Learn team. Unless mentioned, copying, distributing, or plagiarizing the translated articles is prohibited.