Messari | Privacy Layer: Understanding the Inner Workings of Decentralized Confidential Computing

8 0 0

Decentralized confidential computing (DeCC) represents a fundamental shift in the way sensitive data is handled in decentralized systems.

By Mohamed Allam and Drexel Bakker

Compile:AI.bluue

Key Insights

DeCC introduces a publicBlockchainThe ability to protect data privacy on the blockchain enables private computing and state without sacrificing decentralization.
DeCC ensures that the data is usedSafety，通过实现加密计算而不暴露明文，解决了传统系统和Blockchain系统中的一个关键漏洞。
Trustless confidentiality is achieved by combining cryptographic tools (such as ZKP, MPC, GC, FHE) and TEE with proofs. Each technology provides different trade-offs in performance and trust and can be combined to obtain stronger guarantees.
Over $1 billion has been invested in DeCC projects, reflecting the growing momentum in the field, with teams focusing on practical integrations and developer-facing infrastructure.

引言：数据计算与安全的演进

Blockchain technology introduced a new paradigm of decentralization and transparency, but it also came with trade-offs. In the first wave of crypto privacy, often referred to as “Privacy 1.0,” blockchains like mixers, coin rollers, and private transactions (such as Zcash, Monero, and Beam.mw) provide a level of anonymity for users of financial transfers. These solutions are specialized, limited primarily to hiding the identities of senders and receivers, and disconnected from the broader application infrastructure.

The second wave is taking shape. Privacy is no longer limited to hiding transactions, but extends to full computations. This shift marks the emergence of decentralized confidential computing (DeCC), also known as Privacy 2.0. DeCC introduces private computing as a core feature of decentralized systems, allowing data to be processed securely without revealing the underlying inputs to other users or the network.

Unlike typical smart contract environments where all state changes and inputs are publicly visible, DeCC keeps data encrypted throughout the computation process and only reveals what is necessary for correctness and verification. This enables applications to maintain private state on top of a public blockchain infrastructure. For example, by using multi-party computation (MPC), a group of hospitals can analyze their combined data sets without any institution seeing the raw patient data of the others. Where transparency once limited what blockchain could support, privacy unlocks entirely new classes of use cases that require confidentiality.

DeCC is implemented by a series of technologies designed for secure data processing. These technologies include zero-knowledge proofs (ZKP), multi-party computation (MPC), confusion circuits (GC), and fully homomorphic encryption (FHE), all of which rely on cryptography to enforce privacy and correctness. Trusted Execution Environment (TEE) complements these tools by providing hardware-based isolation to enable secure off-chain execution. Together, these technologies form the foundation of the DeCC technology stack.

The potential applications are vast: decentralized financial systems where trading strategies remain confidential, public health platforms that extract insights from private data, or artificial intelligence models trained on distributed datasets without exposing the underlying inputs. All of these require building privacy-preserving computation into the infrastructure layer of blockchain systems.

This report explores the current state of DeCC and its broader significance. We begin by contrasting how data is handled in traditional systems versus the DeCC framework, and why transparency alone is insufficient for many decentralized applications. We then examine the core technologies underpinning DeCC, how they differ, and how they can be combined to balance tradeoffs in performance, trust, and flexibility. Finally, we paint a picture of the ecosystem, highlighting the capital flowing into the space, the teams building in production, and what this momentum means for the future of decentralized computing.

Traditional Data Processing and Decentralized Confidential Computing (DeCC)

To understand the need for DeCC, it helps to understand how data is handled in traditional computing environments and where the weak links are. In classic computing architectures, data typically exists in three states: at rest (stored on disk/database), in transit (moving across the network), and in use (processed in memory or CPU). Thanks to decades of security advances, the confidential computing industry has reliable solutions for two of these states.

Static Data: Encrypted using disk-level encryption or database-level encryption (such as AES). Commonly found in enterprise systems, mobile devices, and cloud storage.
Data in Transmission: Protected by secure transmission protocols such as TLS/SSL. Ensure that data is encrypted when moving between systems or across networks.
Data in use: Traditionally, encrypted data received from storage or the network is decrypted before processing. This means workloads run on plaintext, leaving the data in use unprotected and exposed to potential threats. DeCC aims to address this vulnerability by enabling computation without revealing the underlying data.

While the first two states are well protected, securing data in use remains a challenge. Whether it’s a bank server calculating interest payments or a cloud platform running a machine learning model, data often has to be decrypted in memory. At that moment, it’s vulnerable: a malicious system administrator, a malware infection, or a compromised operating system could snoop or even change sensitive data. Traditional systems mitigate this with access controls and isolated infrastructure, but fundamentally, there is a period when the “crown jewels” exist in plaintext inside a machine.

Now consider blockchain-based projects. They take transparency to a higher level: data is not only potentially decrypted on one server, but is often replicated in plaintext on thousands of nodes around the world. Public blockchains like Ethereum and Bitcoin intentionally broadcast all transaction data for consensus. This is fine if your data is only financial information that is intended to be public (or pseudonymous). But it completely breaks down if you want to use blockchain for any use case involving sensitive or personal information. For example, in Bitcoin, every transaction amount and address is visible to everyone - which is great for auditability, but terrible for privacy. With smart contract platforms, any data you put into a contract (your age, your DNA sequence, your business's supply chain information) becomes public to every network participant. No bank wants all of its transactions to be public, no hospital wants to put patient records on a public ledger, and no gaming company wants to reveal the secret states of its players to everyone.

Data life cycle and its vulnerabilities

In the traditional data processing lifecycle, users typically send data to a server, which decrypts and processes it, then stores the results (possibly encrypting them on disk) and sends back a response (encrypted via TLS). The vulnerability is obvious: the server holds the raw data while it's in use. If you trust the server and its security, that's fine—but history shows that servers can be hacked or insiders can abuse access. Enterprises deal with this problem with rigorous security practices, but they're still wary of putting extremely sensitive data in the hands of others.

In contrast, in the DeCC approach, the goal is that sensitive data cannot be publicly visible to any single entity at any time, even while it is being processed. Data may be split across multiple nodes, or processed within an encrypted envelope, or cryptographically proven without revealing it. Thus, confidentiality can be maintained throughout its entire lifecycle, from input to output. For example, instead of sending raw data to a server, a user can send an encrypted version or a share of their secret to a network of nodes. These nodes run the computation in a way that none of them can learn the underlying data, and users get an encrypted result that only they (or authorized parties) can decrypt.

Why transparency isn't enough in crypto

While public blockchains solve the trust problem (we no longer need to trust a central operator; the rules are transparent and enforced by consensus), they do so by sacrificing privacy. The mantra is: “Don’t put anything on-chain that you don’t want to be public.” For simple cryptocurrency transfers, this may be fine in some cases; for complex applications, it can get quite complex. As the Penumbra team (building a private DeFi chain) puts it, in DeFi today, “information leakage becomes value leakage when users interact on-chain,” leading to front-running and other vulnerabilities. If we want decentralized exchanges, lending markets, or auctions to operate fairly, participants’ data (bids, positions, strategies) often needs to be hidden; otherwise, outsiders can exploit this knowledge in real time. Transparency makes every user’s actions public, which is different from how traditional markets work, and for good reasons.

Additionally, many valuable blockchain use cases outside of finance involve personal or regulated data that cannot be made public by law. Consider decentralized identity or credit scoring — a user may want to prove attributes about themselves (“I am over 18” or “My credit score is 700”) without revealing their entire identity or financial history. Under a fully transparent model, this is impossible; any proof you put on-chain will leak data. DeCC technologies like zero-knowledge proofs are designed to solve this problem, allowing selective disclosure (prove X without revealing Y). As another example, a company may want to use blockchain for supply chain tracking, but does not want competitors to see its raw inventory logs or sales data. DeCC can submit encrypted data on-chain and only share decrypted information with authorized partners, or use ZK proofs to prove compliance with certain standards without revealing trade secrets.

How DeCC achieves trustless confidential computing

Addressing the limitations of transparency in decentralized systems requires infrastructure that can maintain confidentiality during active computations. Decentralized confidential computing provides such infrastructure by introducing a set of technologies that apply cryptography and hardware-based methods to protect data throughout its lifecycle. These technologies are designed to ensure that sensitive inputs cannot be compromised even during processing, eliminating the need to trust any single operator or intermediary.

The DeCC technology stack includes zero-knowledge proofs (ZKP), which allow one party to prove that a computation has been performed correctly without revealing the input; multi-party computation (MPC), which allows multiple parties to jointly compute a function without exposing their respective data; confusion circuits (GC) and fully homomorphic encryption (FHE), which allow computations to be performed directly on encrypted data; and trusted execution environments (TEEs), which provide hardware-based isolation for secure execution. Each of these technologies has unique operating characteristics, trust models, and performance profiles. In practice, they are often integrated to address different security, scalability, and deployment constraints in applications. The following sections outline the technical foundations of each technology and how they enable trustless, privacy-preserving computation in decentralized networks.

1. Zero-Knowledge Proof (ZKP)

Zero-knowledge proofs are one of the most influential cryptographic innovations applied to blockchain systems. ZKPs allow one party (the prover) to prove to another party (the verifier) that a given statement is true, without revealing any information other than the validity of the statement itself. In other words, it enables a person to prove that they know something, such as a password, a private key, or the solution to a problem, without revealing the knowledge itself.

Take the “Where’s Wally” puzzle, for example. Let’s say someone claims they found Wally in a crowded picture, but doesn’t want to reveal his exact location. Instead of sharing the full picture, they take a close-up photo of Wally’s face, with a timestamp, that’s zoomed in so that the rest of the picture doesn’t show up. A verifier can confirm that Wally has been found without knowing where he is in the picture. This proves the claim is correct without revealing any additional information.

More formally, a zero-knowledge proof allows a prover to prove that a particular statement is true (e.g., “I know a key that hashes to this public value” or “this transaction is valid according to the protocol rules”) without revealing the inputs or internal logic behind the computation. The verifier is convinced by the proof but is not given any other information. One of the earliest and most widely used examples in blockchain is zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). Zcash uses zk-SNARKs to allow users to prove that they have private keys and are sending valid transactions without revealing the sender address, recipient, or amount. The network only sees a short cryptographic proof that the transaction is legitimate.

How ZKPs enable confidential computing: In the context of DeCC, ZKPs shine when you want to prove that a computation was done correctly on hidden data. Instead of having everyone re-perform the computation (as in traditional blockchain verification), the prover can do the computation privately and then publish a proof. Others can use this tiny proof to verify that the computation result is correct without seeing the underlying input. This preserves privacy and significantly improves scalability (because verifying a concise proof is much faster than re-running the entire computation). Projects like Aleo have built an entire platform around this idea: users run a program offline on their private data and generate a proof; the network verifies the proof and accepts the transaction. The network doesn't know the data or what specifically happened, but it knows that whatever it was, it followed the rules of the smart contract. This effectively creates private smart contracts, which is impossible on Ethereum's public virtual machine without ZKP. Another emerging application is zk-rollups for privacy: not only do they batch transactions for scalability, but they also use ZK to hide the details of each transaction (unlike regular rollups, where the data is usually still public).

ZK proofs are powerful because their security is purely mathematical, usually relying on the honesty of the participants in a "ceremony" (a multi-party cryptographic protocol that generates secret/random information) as a setup phase. If the cryptographic assumptions hold (e.g., certain problems remain hard to solve), the proof cannot be forged, nor can it be forged to assert false statements. Therefore, by design, it does not leak any additional information. This means that you don't have to trust the prover at all; either the proof passes, or it doesn't.

Limitations: The tradeoff historically has been performance and complexity. Generating ZK proofs can be computationally expensive (several orders of magnitude higher than doing the computation normally). In early constructions, even proving simple statements could take minutes or longer, and the cryptography was complex and required special setup (trusted setup ceremony) — though newer proof systems like STARKs avoid some of these issues. There are also functional limitations: Most ZK schemes involve a single prover proving something to many validators. They don’t address private shared state (private data “belongs to” or is composed of multiple users, as is the case in auctions and AMMs). In other words, ZK can prove that a user correctly computed Y from my secret X, but it doesn’t by itself allow two people to jointly compute a function of their two secrets. To address the private shared state problem, ZK-based solutions typically use other techniques like MPC, GC, and FHE. Furthermore, pure ZKPs typically assume that the prover actually knows or possesses the data being proven.

There is also the issue of size: early zk-SNARKs produced very short proofs (only a few hundred bytes), but some newer zero-knowledge proofs (especially those without a trusted setup, like bulletproofs or STARKs) can be larger (tens of KB) and slower to verify. However, continued innovation (Halo, Plonk, etc.) is rapidly improving efficiency. Ethereum and others are investing heavily in ZK as a scaling and privacy solution.

2. Multi-party computation (MPC)

While ZK proofs allow a party to prove something about its own private data, secure multi-party computation (primarily referring to techniques based on secret sharing (SS)) addresses a related but different challenge: how to actually collaboratively compute something without revealing the inputs. In an MPC protocol, multiple independent parties (or nodes) jointly compute a function over all of their inputs, such that each learns only the result and knows nothing about the inputs of the others. The foundations of secret sharing-based MPC were laid in a paper co-authored by Ivan Damgard of the Partsia Blockchain Foundation in the late 1980s. Since then, various techniques have been created.

A simple example is a group of companies that want to calculate an industry-wide average salary for a certain position, but none of them want to reveal their internal data. Using MPC, each company inputs its data into a joint calculation. The protocol ensures that no company can see any other participant's raw data, but all participants receive the final average. The calculation is performed across the group via a cryptographic protocol, eliminating the need for a central authority. In this setup, the process itself acts as a trusted intermediary.

How does MPC work? Each participant's input is mathematically split into a number of pieces (shares) and distributed to all participants. For example, if my secret is 42, I might generate some random numbers that sum to 42 and give each party a share (the random-looking part). No single part reveals any information, but they collectively have that information. The participants then perform calculations on these shares, passing messages back and forth, so that at the end they have shares of the output that can be combined to reveal the result. Throughout this process, no one can see the original input; they can only see the encoded or obfuscated data.

Why is MPC important? Because it is inherently decentralized, it does not rely on a single security box (such as TEE) or a single prover (such as ZK). It eliminates the need to trust any single party. A common definition describes it this way: when computation is distributed among participants, there is no need to rely on any single party to protect privacy or ensure correctness. This makes it a cornerstone of privacy-preserving technology. If you have 10 nodes performing MPC computations, typically you need a large portion of them to collude or be compromised to leak secrets. This fits well with the distributed trust model of blockchain.

Challenges of MPC: Privacy does not come without a cost. MPC protocols often incur overhead, primarily in terms of communication. To jointly compute, parties must exchange multiple rounds of encrypted messages. The number of communication rounds (sequential back-and-forth messages) and their bandwidth requirements grow with the complexity of the function and the number of parties involved. Ensuring that computations remain efficient is tricky with more parties involved. There is also the issue of honest versus malicious actors. Basic MPC protocols assume that participants follow the protocol (may be curious but do not deviate). Stronger protocols can handle malicious actors (who may send false information in an attempt to compromise privacy or correctness), but this adds more overhead to detect and mitigate cheating. Interestingly, blockchains can help by providing a framework for punishing misbehavior. For example, staking and penalty mechanisms can be used if a node deviates from the protocol, making MPC and blockchain a complementary pair.

In terms of performance, significant progress has been made. Preprocessing techniques allow heavy cryptographic computations to be done before the actual inputs are known. For example, generating correlated random data (called Beaver triples) can be used later to speed up multiplication operations. This way, when the computations on real inputs actually need to be done (the online phase), they can be much faster. Some modern MPC frameworks can compute fairly complex functions between a small number of parties in a few seconds or less. There is also research on scaling MPC to many parties by organizing it into networks or committees.

MPC is particularly important for applications such as private multi-user dApps (e.g., auctions where bids are kept confidential, executed via MPC), privacy-preserving machine learning (multiple entities jointly training models without sharing data — an active area known as federated learning with MPC), and distributed secret management (as in the threshold key example). A specific crypto example is the Partisia Blockchain, which integrates MPC into its core to enable enterprise-grade privacy on public blockchains. Partisia uses a network of MPC nodes to process private smart contract logic and then publish commitments or encrypted results on-chain.

3. Garbled Circuit (GC)

Confused circuits are a fundamental concept in modern cryptography and are the earliest proposed solution for computing on encrypted data. In addition to supporting encrypted computing, GC methods are also used in various privacy-preserving protocols, including zero-knowledge proofs and anonymous/unlinkable tokens.

What is a circuit? A circuit is a general computational model that can represent any function, from simple arithmetic to complex neural networks. Although the term is usually associated with hardware, circuits are widely used in various DeCC technologies, including ZK, MPC, GC, and FHE. A circuit consists of input wires, intermediate gates, and output wires. When values (Boolean or arithmetic) are provided to the input wires, the gates process the values and produce the corresponding output. The layout of the gates defines the function being computed. Functions or programs are converted to circuit representations using compilers such as VHDL or domain-specific cryptographic compilers.

What are obfuscated circuits? Standard circuits leak all data during execution, such as the values on the input and output wires and the outputs of intermediate gates are all plaintext. In contrast, obfuscated circuits encrypt all of these components. Inputs, outputs, and intermediate values are converted to encrypted values (obfuscated text) and gates are called obfuscated gates. Obfuscated circuit algorithms are designed so that evaluating the circuit does not leak any information about the original plaintext values. The process of converting plaintext to obfuscated text and then decoding it is called encoding and decoding.

How do GCs solve the problem of computing on encrypted data? Obfuscated circuits were proposed by Andrew Yao in 1982 as the first general solution for computing on encrypted data. His original example, known as the millionaire's problem, involves a group of people wanting to know who is the richest without revealing their actual wealth to each other. Using obfuscated circuits, each participant encrypts their input (their wealth) and shares the encrypted version with everyone else. The group then uses encrypted gates to step through circuits designed to compute the maximum value. The final output (e.g. the identity of the richest person) is decrypted, but no one knows the exact input of any other participant. While this example used a simple maximum function, the same approach can be applied to more complex tasks, including statistical analysis and neural network inference.

Breakthroughs that make GC suitable for DeCC. Recent research led by Soda Labs has applied obfuscated circuit technology to a decentralized setting. These advances focus on three key areas: decentralization, composability, and public auditability. In a decentralized setting, computation is separated between two independent groups: obfuscators (responsible for generating and distributing obfuscated circuits) and evaluators (responsible for executing obfuscated circuits). Obfuscators provide circuits to a network of evaluators, which run these circuits on demand as directed by the smart contract logic.

This separation enables composability, the ability to build complex computations from smaller atomic operations. Soda Labs achieves this by generating a continuous stream of obfuscated circuits corresponding to low-level virtual machine instructions (e.g., for the EVM). These building blocks can be dynamically assembled at runtime to perform more complex tasks.

For public auditability, Soda Labs proposes a mechanism that allows external parties (regardless of whether they participated in the computation) to verify that the result has been computed correctly. This verification can be done without exposing the underlying data, adding additional trust and transparency.

Importance of GC to DeCC: Confused circuits provide low-latency, high-throughput computation on encrypted inputs. As demonstrated on the COTI Network mainnet, the initial implementation supports approximately 50 to 80 confidential ERC20 transactions per second (ctps), with future versions expected to achieve higher throughput. The GC protocol relies on widely adopted cryptographic standards such as AES and libraries like OpenSSL, which are widely used in fields such as healthcare, finance, and government. AES also offers quantum-resistant variants to support future compatibility with post-quantum security requirements.

GC-based systems are compatible with client environments and do not require specialized hardware or GPUs, unlike some TEE or FHE deployments. This reduces infrastructure costs and enables deployment on a wider range of devices, including lower-capacity machines.

Challenges of GC: The main limitation of obfuscated circuits is the communication overhead. Current implementations require sending approximately 1MB of data to the evaluator for each confidential ERC20 transaction. However, this data can be preloaded long before execution, so no latency is introduced during real-time use. Continued improvements in bandwidth availability, including the trend described by Nielsen's Law (which predicts bandwidth to double every 21 months), and active research into obfuscated circuit compression, can help reduce this overhead.

4. Fully Homomorphic Encryption (FHE)

Fully homomorphic encryption is often seen as a cryptographic magic trick. It allows one to perform arbitrary computations on data while it remains encrypted, and then decrypt the result to get the correct answer as if it had been computed on the plaintext. In other words, with FHE, you can outsource computations on private data to an untrusted server that operates only on the ciphertext and still produces a ciphertext that you can decrypt to get the correct answer, all without the server ever seeing your data or the plaintext result.

For a long time, FHE was purely theoretical. The concept has been known since the 1970s, but a practical solution wasn't found until 2009. Since then, there has been steady progress in slowing FHE down. Even so, it's still computationally intensive. Operations on encrypted data can be thousands or millions of times slower than operations on plaintext data. But what was once astronomically slow is now just slow, and optimizations and specialized FHE accelerators are rapidly improving the situation.

Why is FHE revolutionary for privacy? With FHE, you can have a single server or blockchain node do the computation for you, and as long as the encryption remains strong, the node can learn nothing. This is a very pure form of confidential computing, where the data is always encrypted everywhere. For decentralization, you can also have multiple nodes each performing FHE computations for redundancy or consensus, but none of them have any secret information. They are all just operating on ciphertext.

In the context of blockchain, FHE opens up the possibility of fully encrypted transactions and smart contracts. Imagine a network like Ethereum where you send encrypted transactions to miners, they execute smart contract logic on the encrypted data, and include an encrypted result in the chain. You or an authorized party can decrypt the result later. To others, it's a bunch of incomprehensible gibberish, but they may have a proof that the computation was valid. This is where FHE combined with ZK may come into play, proving that the encrypted transaction followed the rules. This is basically what the Fhenix project is pursuing: an EVM-compatible Layer-2 with all computations natively supporting FHE.

Real-world use cases enabled by FHE: In addition to blockchain, FHE is already attractive for cloud computing. For example, it allows you to send encrypted database queries to the cloud and get encrypted answers back, which only you can decrypt. In the context of blockchain, one attractive scenario is privacy-preserving machine learning. FHE can allow decentralized networks to run AI model inference on encrypted data provided by users, so that the network does not learn your inputs or results, which only you know when you decrypt them. Another use case is in the public sector or health data collaboration. Different hospitals can encrypt their patient data using a common key or a federated key setup, and a network of nodes can calculate aggregate statistics on all hospitals' encrypted data and deliver the results to researchers for decryption. This is similar to what MPC can do, but FHE may be implemented with a simpler architecture, requiring only an untrusted cloud or network of miners to crunch the numbers, at the cost of more computation per operation.

Challenges of FHE: The biggest challenge is performance. Although progress has been made, FHE is still typically a thousand to a million times slower than plaintext operations, depending on the computation and the scheme. This means that it is currently only suitable for limited tasks, such as simple functions or batching many operations at once in certain schemes, but it is not yet a technology that you can use to run complex virtual machines that perform millions of steps, at least without powerful hardware support. There is also the issue of ciphertext size. Fully homomorphic operations tend to bloat data. Some optimizations, such as bootstrapping, which refreshes ciphertexts that start to accumulate noise as operations are executed, are necessary for computations of arbitrary length and increase overhead. However, many applications do not need completely arbitrary depth. They can use leveled HE, which performs a fixed number of multiplications before decryption and can avoid bootstrapping.

Integrating FHE is complex for blockchains. If every node had to perform FHE operations for every transaction, this could be prohibitively slow with current technology. This is why projects like Fhenix start with L2 or sidechains, where perhaps a powerful coordinator or subset of nodes does the heavy FHE computations, while the L2 batches the results. Over time, as FHE becomes more efficient, or as specialized FHE accelerators ASICs or GPUs become available, it may become more widely adopted. Notably, several companies and academia are actively researching hardware to accelerate FHE, recognizing its importance to the future of data privacy in Web2 and Web3 use cases.

Combining FHE with other techniques: Often, FHE might be combined with MPC or ZK to address its weaknesses. For example, multiple parties could hold shares of an FHE key so that no single party could decrypt alone, essentially creating a threshold FHE scheme. This combines MPC with FHE to avoid single-point decryption failure. Alternatively, a zero-knowledge proof could be used to prove that an FHE encrypted transaction is formatted correctly without decrypting it, so that blockchain nodes can be sure it is valid before processing it. This is what some call a hybrid model of ZK-FHE. In fact, a composable DeCC approach might be to use FHE to do the heavy lifting of data processing, since it is one of the only methods that can perform computations while always encrypted, and use ZK proofs to ensure that the computation did not do anything invalid, or to allow others to verify the results without seeing them.

5. Trusted Execution Environment (TEE)

Trusted Execution Environment is a fundamental component of decentralized confidential computing. A TEE is a secure area within the processor that isolates code and data from the rest of the system, ensuring that its contents are protected even if the operating system is compromised. A TEE provides confidentiality and integrity during computation with minimal performance overhead. This makes it one of the most practical technologies available for secure general-purpose computing.

Think of it this way: TEE is like reading a confidential document in a locked room that no one but you can enter or peek into. You are free to review and work on the document, but once you leave the room, you take the results with you and lock everything else behind. Someone outside never sees the document directly, only the end result that you choose to reveal.

Modern TEEs have made significant progress. Intel's TDX and AMD SEV support secure execution of entire virtual machines, and NVIDIA's high-performance GPUs (including the H100 and H200) now have TEE capabilities. These upgrades make it possible to run arbitrary applications in confidential environments, including machine learning models, backend services, and user-facing software. For example, Intel TDX combined with NVIDIA H100 can run inference on models with more than 70 billion parameters with little performance loss. Unlike cryptographic methods that require custom tools or restricted environments, modern TEEs can run containerized applications without modification. This allows developers to write applications in Python, Node.js, or other standard languages while maintaining data confidentiality.

A typical example is Secret Network, the first blockchain to implement general-purpose smart contracts with private state by leveraging TEE (specifically Intel SGX). Each Secret node runs a smart contract execution runtime inside an enclave. Transactions sent to smart contracts are encrypted, so only the enclave can decrypt them, execute the smart contract, and produce encrypted output. The network uses remote attestation to ensure that the nodes are running genuine SGX and approved enclave code. This way, smart contracts on Secret Network can process private data, such as encrypted inputs, and even the node operator cannot read it. Only the enclave can, and it releases only what it should release, usually just a hash or encryption result. Phala Network and Marlin use a similar but different model. Its architecture is built around TEE-driven worker nodes that perform secure off-chain computations and return verified results to the blockchain. This setup enables Phala to protect data confidentiality and execution integrity without leaking the original data to any external party. The network is designed to be scalable and interoperable, supporting privacy-preserving workloads across decentralized applications, cross-chain systems, and AI-related services. Like Secret Network, Phala demonstrates how TEEs can be used to scale confidential computing to decentralized environments by isolating sensitive logic in verifiable hardware enclaves.

Modern deployment of TEEs in DeCC includes several best practices:

Remote Attestation and Open Source Runtime：Projects publish the code that will run inside the enclave (usually a modified WASM interpreter or a specialized runtime) and provide a program to prove it. For example, each Secret Network node generates an attestation report that proves it is running the Secret enclave code on a real SGX. Other nodes and users can verify this attestation before trusting the node to handle cryptographic queries. By using open source runtime code, the community can audit what the enclave is supposed to do, although they still have to trust the hardware to do only those things.
Redundancy and consensus: Instead of a single enclave performing the task, some systems have multiple nodes or enclaves perform the same task and then compare the results. This is similar to the MPC approach, but at a higher level. If an enclave deviates or is compromised and produces a different result, it can be detected by majority voting, assuming that not all enclaves are compromised. This was the approach of the early Enigma project (which evolved into Secret). They planned to have multiple SGX enclaves perform computations and cross-check. In practice, some networks currently trust a single enclave per contract for performance, but the design can be extended to multi-enclave consensus for higher security.
Temporary keys and frequent resets: To reduce the risk of key leakage, TEE can generate new encryption keys for each session or task and avoid storing long-term secrets. For example, if the DeCC service is doing confidential data processing, it may use temporary session keys that are often discarded. This means that even if a leak occurs later, past data may not be exposed. Key rotation and forward secrecy are recommended so that even if the enclave is compromised at time T, the data before time T remains secure.
For privacy, not consensus integrity: As mentioned earlier, TEEs are best used for privacy protection rather than core consensus integrity. Therefore, a blockchain might use TEEs to keep data confidential, but not for validating blocks or protecting state transitions of the ledger, the latter of which is best left to the consensus protocol. In this setup, a compromised enclave might leak some private information but cannot, for example, forge token transfers on the ledger. This design relies on cryptographic consensus for integrity and the enclave for confidentiality. This is a separation of concerns that limits the impact of TEE failures.
Confidential VM deployment：Some networks have begun to deploy complete confidential virtual machines (CVMs) using modern TEE infrastructure. Examples include Phala’s cloud platform, Marlin Oyster Cloud, and SecretVM. These CVMs can run containerized workloads in a secure environment, enabling general privacy-preserving applications in decentralized systems.

TEEs can also be combined with other techniques. One promising idea is to run MPC inside a TEE. For example, multiple enclaves on different nodes, each holding a portion of the secret data, can jointly compute via MPC while each enclave keeps its share secure. This hybrid provides defense in depth: an attacker would need to simultaneously compromise the enclave and corrupt enough parties to access all the secret shares. Another combination is to use ZK proofs to prove what the enclave did. For example, an enclave could output a short zk-SNARK proving that it correctly followed the protocol on some cryptographic input. This can reduce the level of trust in the enclave. Even if the enclave is malicious, if it deviates from the prescribed computation, it cannot produce a valid proof unless it also breaks the ZK cryptography. These ideas are still in the research stage, but are being actively explored.

In current practice, projects like TEN (Tencrypt Network, an Ethereum Layer-2 solution) use secure enclaves to implement confidential rollups. TEN's approach uses enclaves to encrypt transaction data and execute smart contracts privately, while still producing an optimistically verified rollup block. They emphasize that secure enclaves provide a high degree of confidence in the code being run, meaning that users can be sure how their data is processed because the code is known and proven, even if they can't see the data itself. This highlights a key advantage of TEEs: deterministic, verifiable execution. Everyone can agree on the code hash that should be run, and the enclave ensures that only that code is executed while keeping the inputs hidden.

Composable DeCC Technology Stack (Hybrid Approach)

One exciting aspect of Privacy 2.0 is that these technologies are not isolated (although they can and are used independently); they can be combined. Just as traditional cloud security uses multiple layers of defense such as firewalls, encryption, and access controls, DeCC confidential computing can layer technologies to leverage their respective strengths.

Several combinations are already being explored: MPC with TEE, ZK with TEE, GC with ZK, FHE with ZK, etc. The ultimate goal is clear: no single technology is perfect. Combining these approaches can make up for their individual limitations.

Here are some of the modes that are being developed:

MPC and TEE (MPC in enclave): In this approach, an MPC network runs where computations at each node occur within a TEE. For example, consider a network of ten nodes jointly analyzing encrypted data using MPC. If an attacker compromises a node, they only have access to the enclave that holds a single share of the secret, which itself does not leak any information. Even if the SGX on that node is compromised, only a small portion of the data is exposed. To compromise the entire computation, a certain number of enclaves need to be compromised. This greatly improves security, provided that the integrity of the enclave remains intact. Tradeoffs include higher overhead from MPC and reliance on TEEs, but for high-assurance scenarios, this hybrid is reasonable. This model effectively layers cryptography and hardware trust guarantees.
ZK Proofs and MPC or FHE: ZK proofs can act as an audit layer. For example, an MPC network can compute a result and then collectively generate a zk-SNARK proving that the computation followed the defined protocol without exposing the inputs. This adds verification confidence to external consumers (e.g., the blockchain receiving the result). Similarly, in an FHE environment, since the data remains encrypted, ZK proofs can be used to prove that the computation was performed correctly on the ciphertext inputs. Projects like Aleo use this strategy. The computation is done privately, but verifiable proofs can prove its correctness. The complexity cannot be underestimated, but the potential for composability is huge.
ZK Proofs and GC: Zero-knowledge proofs are often used with obfuscated circuits to protect against potentially malicious obfuscators. In more complex GC-based systems involving multiple obfuscators and evaluators, ZK proofs can also help verify that individual obfuscated circuits have been correctly combined into larger computational tasks.
TEE and ZK (Shielded Execution with Proofs): TEEs can produce proofs of correct execution. For example, in a sealed bid auction, the enclave can compute the winner and output a ZK proof confirming that the computation was performed correctly on the encrypted bid without revealing any bid details. This approach allows anyone to verify the results with limited trust in the enclave. Although still largely experimental, early research prototypes are investigating these confidential proofs of knowledge to combine the performance of TEEs with the verifiability of ZK.
FHE and MPC (Threshold FHE): A known challenge of FHE is that the decryption step leaks the result to the entity holding the key. To decentralize this, the FHE private key can be split among multiple parties using MPC or secret sharing. After the computation is complete, the decryption protocol is executed collectively, ensuring that no single party can independently decrypt the result. This structure eliminates centralized key escrow and makes FHE suitable for threshold use cases such as private voting, encrypted memory pools, or collaborative analytics. Threshold FHE is an active research area closely related to blockchain.
Secure hardware and cryptography for performance isolation: Future architectures may assign different workloads to different privacy-preserving technologies. For example, computationally intensive AI tasks can run in a secure enclave, while more security-focused logic (such as key management) is handled by cryptographic protocols such as MPC, GC, or FHE. Conversely, enclaves can be used for lightweight tasks that are performance-critical but have limited consequences for leakage. By decomposing the privacy needs of an application, developers can assign each component to the most appropriate trust layer, similar to how encryption, access control, and HSM are layered in traditional systems.

The composable DeCC technology stack model emphasizes that applications do not need to choose a single privacy approach. They can integrate multiple DeCC technologies and customize them according to the needs of specific components. For example, many emerging privacy networks are being built in a modular way, supporting ZK and MPC, or providing configurable confidentiality layers depending on the use case.

Granted, combining techniques increases engineering and computational complexity, and the performance cost may be prohibitive in some cases. However, for high-value workflows, especially in finance, AI, or governance, this layered security model makes sense. Early examples are already operational. Oasis Labs has prototyped a TEE MPC hybrid scheme for private data markets. Academic projects have demonstrated MPC and GC computations verified by zk-SNARKs, highlighting the growing interest in cross-model verification.

Future dApps may run encrypted storage via AES or FHE, use a mix of MPC, GC, and TEE for computation, and publish verifiable ZK proofs on-chain. Although invisible to users, this privacy stack will enforce strong protections against data breaches and unauthorized inferences. The ultimate goal is to make this level of privacy infrastructure the default and transparent, providing applications that feel familiar but operate with fundamentally different trust assumptions.

Venture Capital and Developer Momentum

Privacy-preserving computing has become a notable area of capital allocation in the crypto space, with investment activity continuing to increase. Investors and builders are increasingly confident that decentralized confidential computing (DeCC) will unlock new market opportunities by enabling private applications that would otherwise not be feasible on public blockchain infrastructure.

Cumulative venture capital funding for leading DeCC projects has exceeded hundreds of millions of dollars. Notable examples include:

Aleo, a Layer-1 network for building private applications using zero-knowledge proofs, has raised about $228 million. This includes a $28 million Series A led by a16z in 2021 and a $200 million Series B at a $1.45 billion valuation in 2022. Aleo is investing in developer tools and its broader ecosystem of privacy-preserving applications.
Partisia Blockchain, which combines secure multi-party computation (MPC) with blockchain infrastructure, raised $50 million in 2021 to expand its privacy-preserving Layer-1 and Layer-2 platforms. Its funding came from strategic and institutional backers focused on confidential data use cases.
Fhenix, an Ethereum Layer-2 that implements fully homomorphic encryption (FHE), raised $15 million in a Series A round in June 2024, bringing total funding to $22 million. Early investors included a16z and Hack VC, reflecting confidence in the feasibility of encrypted smart contract execution.
Mind Network, which focuses on building a privacy layer for data processing based on FHE, raised $10 million in a Pre-A round of funding in September 2024, bringing its total funding to $12.5 million. The project targets applications such as secure voting, private data sharing, and confidential AI execution.
Arcium, a confidential computing network on Solana, raised $5.5 million from Greenfield Capital in early 2025, bringing its total funding to date to $9 million. Arcium positions itself as an encrypted computing layer for high-throughput chains.
COTIPartnered with Soda Labs to commit $25 million from its Ecosystem Fund to develop an MPC-based privacy Layer-2. The collaboration focuses on advancing obfuscated circuit technology to enable privacy-preserving payments.
TEN, an Ethereum-based Layer-2 that uses a trusted execution environment (TEE), raised $9 million in a round led by the R3 consortium in late 2023, bringing total funding to $16 million. The team includes engineers with experience building permissioned blockchain infrastructure.
Penumbra, a Cosmos-based privacy zone for DeFi, raised $4.75 million in a seed round led by Dragonfly Capital in 2021. The project aims to support private swaps and MEV-resistant transactions.
Aleph Zero, a privacy-enabled layer-1 using DAG consensus and zero-knowledge technology, has raised about $21 million through public and private token sales. It positions itself as a layer with built-in confidentiality capabilities.
Traditional projects also continue to contribute to this momentum. Secret Network, raised $45 million through token sales in 2017 to launch the first TEE-based smart contract platform, with a total investment of up to $400 million.iExec, a decentralized cloud platform that supports TEEs, raised about $12 million and has since received funding to advance confidential data tools.

If token distribution, ecosystem funds, and public offering proceeds are included, total investment in the DeCC space could be close to $1 billion. This is comparable to funding levels in areas such as Layer-2 expansion or modular infrastructure.

The DeCC ecosystem is also expanding through partnerships and open source collaboration. Organizations such as the Confidential Computing Consortium have included blockchain-based members such as iExec and Secret Network to explore standards across private computing. Academic initiatives, developer hackathons, and privacy-focused conferences are fostering technical talent and community engagement.

Projects are also improving accessibility through SDKs, languages, and APIs that abstract the complexity of cryptography. For example, tool frameworks like Circom, ZoKrates, and Noir simplify zero-knowledge development, while platforms like Arcis from Arcium lower the barrier to entry for building with MPC. Developers can now integrate privacy into decentralized applications without requiring advanced cryptography expertise.

Collaborations with businesses and government agencies further validate the field. Partisia has collaborated with the Okinawa Institute of Science and Technology Graduate University (OIST) on a joint cryptography research project, while Secret Network has partnered with Eliza Labs to develop confidential AI solutions.

As funding and ecosystem activity continue to grow, DeCC is becoming one of the most well-capitalized and fastest-growing areas of crypto infrastructure, with high interest from builders and institutional stakeholders alike. That being said, as with any emerging technology cycle, many projects in the space may fail to realize their vision or gain meaningful adoption. However, a small number may persist, setting the technical and economic standards for privacy-preserving computing across decentralized systems.

DeCC Ecosystem

The Decentralized Confidential Computing (DeCC) ecosystem consists of technologies and frameworks that support secure computation across distributed systems. These tools enable sensitive data to be processed, stored, and transmitted without being exposed to any single party. By combining cryptographic techniques, hardware-enforced isolation, and decentralized network infrastructure, DeCC addresses key privacy limitations in public blockchain environments. This includes challenges related to transparent smart contract execution, unprotected off-chain data usage, and the difficulty of protecting confidentiality in systems designed for openness.

DeCC infrastructure can be roughly divided into six technical pillars:

Zero-knowledge proofs (ZKPs) for verifiably private computation.
Multi-party computation (MPC) for collaborative computation without data sharing.
A garbled circuit (GC) for performing computations on standard encrypted data.
Fully homomorphic encryption (FHE) for performing computations directly on encrypted input.
Trusted Execution Environment (TEE) for hardware-based confidentiality processing.
Decentralized privacy network for routing and infrastructure-level metadata protection.

These components are not mutually exclusive and are often combined to meet specific performance, security, and trust requirements. The following sections highlight projects that implement these technologies and how they fit into the broader DeCC landscape.

Projects based on Fully Homomorphic Encryption (FHE)

Many DeCC projects use fully homomorphic encryption (FHE) as their primary mechanism for implementing encrypted computations. These teams focus on applying FHE to areas such as private smart contracts, secure data processing, and confidential infrastructure. While FHE is more computationally intensive than other methods, its ability to perform computations on encrypted data without decryption provides strong security guarantees. Major projects in this category include Octra, Mind Network, and Fhenix, each of which is experimenting with different architectures and use cases to bring FHE closer to real-world deployment.

Fhenix

Fhenix is an FHE R&D company dedicated to building scalable, real-world fully homomorphic encryption applications. Fhenix's FHE coprocessor (CoFHE) is an off-chain computing layer designed to securely process encrypted data. It offloads heavy cryptographic operations from the main blockchain (such as Ethereum or L2 solutions) to enhance efficiency, scalability, and privacy without compromising decentralization and providing an easy integration method. This architecture allows computation on encrypted data without decryption, ensuring end-to-end privacy for decentralized applications. Fhenix is fully EVM-compatible, allowing developers to easily and quickly build FHE-based applications using Solidity and existing Ethereum tools such as Hardhat and Remix. Its modular design includes components such as FheOS and Fhenix's Threshold Network, which manage FHE operations and FHE decryption requests respectively, providing a flexible and adaptable platform for privacy-preserving applications.

Key innovations and features

Seamless integration with EVM chains: Fhenix enables any EVM chain to access cryptographic functions with minimal modification. Developers can integrate FHE-based encryption into their smart contracts using a single line of Solidity code, simplifying the process of adopting confidential computing across various blockchain networks.
Fhenix Coprocessor：Fhenix provides a co-processor solution that can be natively connected to any EVM chain to provide FHE-based encryption services. This approach allows existing blockchain platforms to enhance their privacy features without completely overhauling their infrastructure.
Institutional adoption and collaboration: FHE-based confidentiality is critical to institutional adoption of Web3 technologies. A proof-of-concept project with JPMorgan Chase demonstrated the platform’s potential to meet stringent privacy requirements in the financial services sector.
Enhanced decryption solution：The Fhenix team has developed a high-performance threshold network for decryption of FHE operations in combination with MPC and FHE. The advancement of the Fhenix TSN network reduces decryption latency and computational overhead, enhancing the user experience of privacy-preserving applications.
Various use cases under development：Fhenix focuses on bringing encrypted computing to developers within existing ecosystems such as EVM chains. Current developments include applications such as confidential lending platforms, dark pools for private transactions, and confidential stablecoins, all of which benefit from FHE's ability to maintain data privacy during computation.

Mind Network

Mind Network is a decentralized platform that pioneered the integration of FHE to build a fully encrypted Web3 ecosystem. Mind Network acts as an infrastructure layer that enhances security across data, consensus mechanisms, and transactions by performing computations on encrypted data without decryption.

Key innovations and features

The first project to implement FHE on mainnetMind Network has achieved a significant milestone by bringing its FHE to mainnet, enabling quantum-resistant, fully encrypted data computation. This advancement ensures that data remains secure throughout its entire lifecycle - during storage, transmission, and processing - addressing the vulnerabilities inherent in traditional encryption methods.
Introduction of HTTPZ：Based on the standard HTTPS protocol, Mind Network is committed to realizing the HTTPZ vision proposed by Zama, a next-generation framework that maintains continuous data encryption to achieve a fully encrypted network. This innovation ensures that data remains encrypted during storage, transmission, and calculation, eliminating dependence on centralized entities and enhancing security across a variety of applications, including AI, DeFi, DePIN, RWA, and games.
Agentic World：Mind Network’s FHE computing network is used for AI agents in the Agentic World, which is built on three pillars:
- Consensus Security: AI agents in distributed systems must reach reliable decisions without manipulation or conflict.
- Data Privacy: AI agents can process encrypted data without exposing the data.
- Value Alignment: Embed ethical constraints into AI agents to ensure that their decisions are consistent with human values.
FHE bridge for cross-chain interoperability：Mind Network provides FHE bridge to promote a seamless decentralized ecosystem. The bridge promotes secure interoperability between different blockchain networks. It enables encrypted data to be processed and transmitted across chains without exposing sensitive information, supporting the development of complex multi-chain applications. Chainlink is currently integrating it with CCIP.
DeepSeek IntegrationMind Network becomes the first FHE project to be integrated by DeepSeek, a platform known for its advanced AI models. The integration leverages Mind Network’s FHE Rust SDK to secure encrypted AI consensus.

Octra

Octra is a general-purpose, chain-agnostic network founded by former VK (Telegram) and NSO team members with a decade of experience in the crypto space. Since 2021, Octra has been developing a proprietary hypergraph-based fully homomorphic encryption (FHE) scheme (HFHE) that allows near-instant computation on encrypted data. Unlike other FHE projects, Octra is completely independent and does not rely on third-party technology or licenses.

Key innovations and features

Proprietary HFHE solution: Octra's unique HFHE uses hypergraphs to achieve efficient binary operations and supports parallel computing, where different nodes and hyperedges are processed independently.
Isolate execution environment：The network supports isolated execution environments, enhancing the security and privacy of decentralized applications.
Diverse code base: Developed primarily in OCaml and C++, with support for Rust for contracts and interoperability solutions, Octra offers flexibility and robustness in its infrastructure.

Current Development

HFHE Sandbox: Octra's HFHE demo is available in its sandbox environment, showing its cryptographic technology in action.
Testnet Progress: The first batch of validators have been connected to the testnet, marking an important step forward in network stability and reliability.
Academic Contributions: A paper to be presented at the International Association for Cryptologic Research (IACR) will detail Octra's HFHE progress, reflecting their commitment to contributing to the broader cryptography community.
Mainnet and Rollup Builder：Octra plans to launch its mainnet for key management and storage in 2025, and expects to launch the EVM/SVM rollup builder in 2026, aiming to enhance scalability and interoperability across blockchain platforms.

Fundraising and community engagement

In September 2024, Octra received $4 million in pre-seed funding led by Finality Capital Partners, with participation from investors including Big Brain Holdings, Karatage, Presto Labs, and Builder Capital. In January 2025, Octra raised a further $1.25 million through Cobie's angel syndicate investment platform Echo, which sold out in less than a minute. These investments highlight the confidence in Octra's potential to revolutionize data privacy and security. The project actively engages with the developer community through platforms such as GitHub and recently released a public WASM sandbox with an experimental version of its HFHE library for testing and feedback.

By combining proprietary HFHE technology with a powerful and flexible infrastructure, Octra aims to set new standards for secure, efficient and decentralized data processing across a wide range of applications.

Projects based on GC

A garbled circuit (GC) is a specialized form of encrypted data computation that allows two or more parties to jointly evaluate a function without revealing their respective inputs. While GC is primarily used to solve encrypted data computation problems, it can also address a variety of privacy and security issues, such as zero-knowledge proofs and anonymous token-based Internet authentication.

Projects such as COTI and Soda Labs are applying GC-based technologies to enable confidential messaging, private payment protocols, and scalable privacy layers.

COTI

COTI is a fast, lightweight L2 privacy solution built on Ethereum, providing on-demand privacy services for over 70 chains. COTI enables low-cost, scalable confidentiality to protect financial transactions and sensitive data. Individuals can participate in Web3 without revealing personal information, businesses can protect proprietary data, and AI agents can operate as sovereign entities. Initially launched in 2017, COTI's cross-chain capabilities bring permissioned privacy to dApps on all major blockchains without compromising speed, cost, or composability.

At the core of COTI's privacy stack are its obfuscated circuits, developed in partnership with Soda Labs. This cryptographic technique allows private computation on encrypted data, while achieving privacy with extremely high efficiency compared to FHE. COTI supports a wide range of real-world use cases, from consumer payments to enterprise integration and government-level digital currency pilots. For highly regulated environments, COTI's proprietary Data Privacy Framework (DPF) allows for regulatory audits of encrypted data without compromising user privacy, making it ideal for regulated industries such as banking, lending, and government.

Key innovations and features

On-chain garbled circuits：COTI is the first Ethereum L2 to implement obfuscated circuits on-chain, allowing encrypted computations without revealing inputs. This provides strong privacy guarantees and minimal overhead in over 70 networks.
Performance and efficiency: COTI’s privacy technology stack delivers superior performance, with its obfuscated circuit implementation being 1,000x faster and 250x more storage efficient than FHE-based alternatives.
EVM Compatibility: Fully compatible with Solidity and existing Ethereum tooling, allowing developers to easily integrate privacy-preserving logic without the need for new languages or infrastructure.
Key partnerships：COTI has partnered with MyEtherWallet, Bancor, Hacken and AnChain.aiIntegration with platforms such as GitHub, Azure and GitHub demonstrates ecosystem-wide adoption.

Enterprise blockchain participation

COTI is a member of the Enterprise Ethereum Alliance and has worked with central banks on CBDC pilots, including the European Central Bank’s digital euro and the Bank of Israel’s digital shekel projects.

Soda Labs

Soda Labs is a cryptographic infrastructure company focused on obfuscated circuits, a technology that allows computations to be performed directly on encrypted data without decrypting it. This approach ensures data privacy and security, which is critical for sensitive applications in blockchain, artificial intelligence, finance, and healthcare.

Through its flagship innovation, gcEVM, a unique adaptation of obfuscated circuit technology for blockchain environments, Soda Labs enables dApps to accept and process encrypted data on-chain. The platform emphasizes efficiency, compatibility with existing developer tools, and adherence to established cryptographic standards such as AES. This innovation unlocks practical, privacy-sensitive use cases that meet the stringent requirements of individuals, businesses, and regulated financial institutions. Key applications include confidential stablecoins and payments, private decentralized exchanges (DEX) and over-the-counter (OTC), secure tokenization of real-world assets (RWA), private identity management systems, and strong governance solutions.

Technical Overview

Soda Labs leverages a powerful cryptographic technique called garbled circuits (GC) to perform secure computations directly on encrypted data. GC primarily leverages widely adopted standardized symmetric key encryption schemes such as AES. This avoids the need for heavy computation on the client side, such as generating complex zero-knowledge proofs (as required for ZK or FHE-based solutions). Instead, users of the Soda Labs decentralized secure computation platform interact with a lightweight SDK that is driven only by standard Open-SSL (similar to what is used in modern browsers) and runs seamlessly on almost any device.

Its architecture supports user-specific encryption keys and contract-defined decryption logic. This makes it possible to enforce data confidentiality at multiple levels, ranging from value transfers and bids to user identities and application logic, across native links and existing EVM networks through a modular coprocessor model.

Key innovations and features

From Yao Circuit to Multi-party DeCC: Soda Labs' innovative GC-based computing separates the obfuscation and evaluation phases, allowing many (potentially thousands) of evaluators to participate in protecting encrypted data without sacrificing performance.
High performance even under peak demand: Soda Labs invented offline welding technology that allows pre-processing for peak computing needs, even without knowing what computation (contract function) will be requested in real time.
Strong security guarantee for users: One of the main concerns of DeCC is the collusion of network nodes, either to undermine privacy orstealSoda Labs has developed a protocol to guarantee full verifiability, which means that users are financially protected even in the event of a catastrophic collusion among all nodes.
gcEVM – Confidential Virtual Machine: A modified Ethereum-compatible virtual machine that introduces new instructions for encrypted data processing. Developers use a Solidity-like syntax to build dApps that can compute and selectively decrypt data.
Two deployment modes:
- gcEVM chain (with integrated privacy): Fully integrated into the blockchain’s node software for native confidential computing.
- gcCo-Processor (async privacy): An overlay network for existing chains (L1, L2, and Oracles) that offloads confidential computations and returns decrypted outputs on-chain.
Enterprise and Network Adoption: It has been adopted and put into production by the major blockchain COTI V2 network, and is being evaluated by important entities such as the ECB Digital Euro Initiative and Chainlink Labs. Soda Labs has partnered with the Nvidia Inception Program to further optimize its performance by leveraging Nvidia’s hardware.
performance: Current benchmarks show that the confidential transaction rate for ERC-20 operations is 80-100 transactions per second (ctps), and through upcoming optimizations, it is expected to reach about 1000 ctps.

Soda Labs’ infrastructure provides a practical, cryptographically secure alternative to computationally intensive cryptographic models, enabling scalable, programmable privacy for decentralized and traditional applications.

Projects based on Multi-Party Computation (MPC)

Multi-party computation (MPC) allows multiple parties to jointly compute a function on their combined input values without revealing their own data. MPC is one of the most mature technologies in confidential computing, known for its strong security guarantees and flexible deployment models. In the DeCC ecosystem, projects such as Arcium and Partisia are leveraging MPC to support private computation across use cases, including cross-organizational data collaboration, secure key management, and decentralized identity systems.

Arcium

Arcium, known as the "crypto supercomputer", is a decentralized confidential computing network designed to perform secure and verifiable computations on fully encrypted data. Arcium is not a traditional Layer-2, but operates as an independent decentralized execution layer, integrated with high-performance blockchains such as Solana. Its architecture utilizes the multi-party computation (MPC) protocol to ensure that no single participant can access sensitive data during processing, while maintaining auditability and performance.

Key innovations and features

Multi-party Execution Environment (MXE)：Arcium's architecture uses MXE, allowing independent node clusters to process cryptographic calculations in parallel. This design improves speed and scalability, ensures privacy with only one honest participant, and is supported by cryptographic proofs and economic incentives such as staking and penalties.
arxOS: At the core of the Arcium Network is arxOS, a distributed operating system that coordinates decentralized nodes called Arx. The system manages resources and securely executes programs across the network, enabling efficient and confidential computing.
Arcis Developer Framework: To facilitate the development of privacy-preserving applications, Arcium offers Arcis, a Rust-based framework. Arcis enables developers to seamlessly integrate cryptographic computations into their applications, facilitating the creation of secure and private solutions.
Inpher Integration: Arcium has acquired the core technology and team of Inpher, a leading Web2 confidential computing company. The acquisition will bring advanced MPC solutions for confidential machine learning to Arcium’s ecosystem, accelerate its mainnet launch and expand its confidential computing capabilities.

Vision and Impact

Arcium aims to redefine digital interactions by enabling secure computation on fully encrypted data, eliminating the need to expose information during processing. This approach addresses a fundamental flaw in traditional data usage, where data must be exposed to be exploited, leading to privacy erosion and potential exploitation. By preserving privacy, Arcium unlocks novel on-chain and off-chain use cases while enhancing existing ones, empowering industries such as AI, DeFi, and Decentralized Physical Infrastructure Networks (DePIN).

Funding and support

Backed by over $10 million in funding from investors including Coinbase Ventures, LongHash, Greenfield, Jump, Anatoly (Solana), Keone (Monad), Santiago R Santos, Mert (Helius), and Balaji Srinivasan, Arcium is leading a major technological revolution in confidential computing.

Arcium promises to transform the digital landscape by providing a trustless, verifiable, and high-performance framework for encrypted computing, ensuring that data can be fully utilized without being exposed, a paradigm shift in the digital world.

Partisia Blockchain

Partisia Blockchain is a L1 public blockchain that uniquely combines secure multi-party computation (MPC) with blockchain technology to provide a privacy-preserving and scalable solution. This integration enables computations to be performed directly on encrypted data without exposing it to participating nodes, ensuring confidentiality and data integrity.

Key innovations and features

Extensive MPC research and expertise: With over 35 years of research and more than 1,000 research papers published, the foundation of Partisia Blockchain is built on extensive expertise in the field of MPC. The founders are renowned cryptographers who have made significant contributions to the field and bring unparalleled knowledge to the development of the platform.
Customizable MPC smart contract language：Partisia Blockchain provides a customizable MPC smart contract language that can be called as a service from any blockchain. This feature allows Partisia to provide its MPC technology as a service to other chains, thereby enhancing the privacy and security of various blockchain ecosystems.
Sharding for scalability：The platform supports sharding at both the protocol and smart contract layers, which improves scalability and transaction throughput. This design ensures that the network can efficiently process a large number of transactions, solving the scalability challenges commonly faced by blockchain networks.
Bring Your Own Token (BYOC) Model：Partisia Blockchain's BYOC model enables users to use tokens from other blockchains in its ecosystem, promoting interoperability and flexibility. This approach allows for seamless integration of various digital assets, enhancing the platform's utility and accessibility.

Founding Leadership

The leadership team consists of pioneers in the fields of cryptography and blockchain technology:

Ivan Damgard: Co-founder and Chief Cryptographer, Ivan is a professor and head of the Cryptography Research Group at Aarhus University. He co-founded Cryptomathic, Partisia Blockchain and Sepior, and is recognized as one of the most cited researchers in the field of cryptography.
Kurt Nielsen: Kurt holds a PhD in Economics and co-founded Partisia, Sepior, and Partisia Blockchain as Co-Founder and Chairman of the Foundation Council. He has over 15 years of experience in transforming advanced cryptographic solutions into innovative high-tech businesses.
Peter F. Frandsen: Co-founder and Foundation Council Member, Peter has a strong background in software building and project management, and has been focusing on blockchain and MPC for the past 10 years. Peter managed the build of the Partisia Blockchain platform, demonstrating the practical application of MPC and blockchain integration.

Vision and Impact

Partisia Blockchain aims to establish a new standard for secure solutions for managing confidential data across users and platforms. By combining MPC with blockchain technology, it solves challenges in privacy, interoperability, and scalability, promoting transparency and accountability in various fields.

Through its innovative approach, Partisia Blockchain is expanding the possibilities of Web3 applications, enabling developers to build decentralized applications that require secure and private data processing. This advancement is critical to growing the Web3 ecosystem and attracting new users by solving real-world problems.

Trusted Execution Environment (TEE) based projects

Trusted Execution Environments (TEEs) provide hardware-based isolation for secure computing and remain a core component of many DeCC architectures. TEEs are particularly effective for executing general-purpose applications with low performance overhead, making them ideal for use cases such as confidential smart contracts, secure data processing, and private AI workloads. Projects including iExec, Marlin, TEN, Phala Network, and Secret Network are actively deploying TEE infrastructure to bring confidential execution to decentralized systems.

iExec

iExec is a decentralized confidential computing platform that enables trusted off-chain execution using TEE-based CPU and GPU infrastructure. It provides developers with tools and resources to build and monetize privacy-preserving applications across AI, DeFi, RWA, and data-driven use cases.

The iExec ecosystem allows participants to control, protect, and monetize digital assets such as computing power, personal data, code, and AI models. The RLC token is an ERC-20 utility token that supports the platform's operations by enabling access to infrastructure, developer tools, and rewards for contributors.

Key innovations and features

Confidential computing infrastructure: Support for secure execution environments powered by Intel SGX, and upcoming support for Intel TDX and NVIDIA CCA GPUs, allowing deployment of arbitrary confidential services, including AI agents and model training.
Digital asset monetization: Users can monetize digital assets such as AI models or datasets directly through the protocol using RLC tokens.
Token Economics Initiative: iExec has launched a new token economics mechanism designed to incentivize builders, holders, and end users to enhance participation and ensure a sustainable circular token economy.
AI Framework: Provides tools for AI developers, including TensorFlow- and PyTorch-based templates that simplify the development and deployment of AI agents and inference workloads.
Confidential Services Support: New capabilities enable hosting of verifiable and secure services in TEEs for AI, analytics, and other sensitive workloads, advancing the concept of confidential AI.

Developer Ecosystem and Tools

Developer SDK: Provides seamless access to confidential infrastructure with built-in monetization and encryption protection.
iApp Builder: Ability to quickly package and deploy applications into TEE with minimal configuration.
iExec Vouchers: Fixed-price options for access to infrastructure and tools, supporting predictable development costs.

Ecosystem Growth and Recent Developments

iExec continues to expand its ecosystem through strategic partnerships, infrastructure enhancements, and product innovation. In 2024, it launched a 1 million RLC ecosystem fund to accelerate leading Web3 projects through investment, technical guidance, and developer support. To expand its computing power, iExec is onboarding GPU and CPU providers, partnering with highly attractive Layer 2 networks, and integrating decentralized storage solutions for secure, scalable data processing.

As part of its broader vision for confidential AI, it joined AI Unbundled, a cross-industry alliance uniting decentralized computing, storage, and blockchain infrastructure. In the same year, iExec launched DataProtector, a tool for integrating confidential workflows into dApps, and was included in Intel's 2024 AI Inference Catalog for enabling private data processing in medical diagnostics. iExec remains an active member of the DeCC Alliance, which is committed to advancing standards for decentralized confidential computing.

Marlin

Marlin is a verifiable computation protocol that leverages TEEs and ZK-based coprocessors to delegate complex workloads on decentralized cloud infrastructure. Unlike traditional L1 blockchains, Marlin acts as a decentralized cloud platform that provides secure and private computation without relying on a single underlying blockchain.

The protocol provides two main services:

Oyster: This subnetwork specializes in providing TEE-based serverless coprocessors that can be scaled based on demand. Oyster allows individual instances to be rented for any length of time, or tasks to be delegated to a pool of nodes in a serverless manner, ensuring that users only pay for execution time. Nodes can be rented and tasks delegated using smart contract calls and Web2 APIs, which enhances flexibility and integration capabilities.
Kalypso：As a permissionless ZK proof marketplace for any circuit, Kalypso facilitates the generation and verification of zero-knowledge proofs. It operates in a transparent and trustless manner, allowing services to be registered, tracked, and verified securely and publicly. Kalypso's architecture integrates contracts and Marlin Oyster enclaves to provide users with hardware-level integrity and confidentiality guarantees.

Key innovations and features

Serverless functions: In addition to leasing confidential VMs, Marlin uniquely offers serverless capabilities, allowing users to pay per request and benefit from on-demand scalability.
Simplified Enclave Deployment: Developers can easily build and deploy enclaves using Docker images, simplifying the process of creating a secure environment for application execution.
Flexible Key Management Service (KMS): Marlin provides a generic KMS where code running in an enclave can securely retrieve persistent private keys through remote attestation-based authentication. These keys can be used to encrypt, store, and decrypt content, allowing TEE-based applications to recover state when an enclave fails or is shut down.
Reproducible builds: Leveraging Nix, Marlin ensures fully reproducible builds, enabling users to verify through remote attestation that the applications they interact with are built from a specific code base.
Custom TLS protocol (Scallop): Marlin introduces Scallop, a custom TLS protocol that allows enclaves to establish secure encrypted channels with other enclaves or users, using remote attestation instead of traditional SSL certificates.

Marlin also pioneered several innovations:

Decentralized front end: By leveraging TEE, Marlin is able to issue SSL certificates to enclaves, facilitating the development of verifiable decentralized front ends.
Confidential ZK Proof Generation: Marlin supports the generation of zero-knowledge proofs within the TEE, thereby protecting the confidentiality of private inputs during the proof generation process.

Phala Network

Phala Network is a next-generation cloud platform that provides a low-cost, user-friendly, trustless environment, making zero-trust computing accessible to a broad range of developers. By leveraging a hybrid infrastructure including Trusted Execution Environment (TEE), blockchain, multi-party computation (MPC), and zero-knowledge proof (ZKP), Phala provides a flexible, open source, and affordable verification solution for any developer and any type of program.

Key innovations and features:

TEE abstraction through decentralized key management：Phala's architecture abstracts different TEE hardware (Intel SGX/TDX, AMD SEV, NVIDIA CC) into a unified, virtualized computing layer. This is achieved through a decentralized key management system (KMS), eliminating central trust points and enabling seamless and secure workload execution across a variety of hardware environments.
Dstack: A developer stack for trusted applications: A lightweight, open source SDK that allows developers to deploy Dockerized TEE applications in minutes. Dstack is completely vendor-agnostic and optimized for rapid integration into existing Web2 and Web3 workflows without rewriting or hassle.
AI Native Verifiable Cloud: Optimized for AI workloads, Phala supports GPU-based TEEs and verifiable computation execution, ensuring that outputs are auditable, tamper-proof, and privacy-preserving. Ideal for AI agents, MEV protection, and ML inference engines.
T16Z Concept: Composable Cryptography Stack：Phala introduces the T16Z framework, a layered architecture that combines trusted execution (TEE), ZKP, MPC, and blockchain game theory. The stack supports a composable trust model for applications that require dynamic security and privacy guarantees.
DePIN: Decentralized Physical Infrastructure Network：Phala operates one of the world's largest TEE-based DePINs with over 25,000 secure nodes. It provides a community-owned computing layer for AI and Web3, backed by real economic security (over $5 million in computing value secured).

Developer Ecosystem and Tools

Phala provides a powerful developer environment including:

Dstack (Developer Stack)：Deploy TEE container with one click. Supports Intel TDX, AMD SEV and NVIDIA confidential computing.
TEE as a Service: Confidential and auditable computing environment. GPU/CPU abstraction across hardware vendors.
Phala Cloud (DePIN): Decentralized infrastructure for AI-native and Web3 applications. Runs inference engines, secure MEV relays, and confidential dApps.
RA Explorer: View and verify remote attestation.

Network Security and Decentralization

Phala addresses the core limitations of traditional TEEs, such as centralized proof of ownership and vendor lock-in, by:

Blockchain-based proof: Eliminates reliance on Intel or AMD certification authorities.
Decentralized key management: Secure and autonomous key control across nodes.
Open Enclave Update: Hardware abstraction across SGX, TDX, SEV, and NVIDIA CC for resiliency and flexibility.
Verifiability at scale: All computations are backed by cryptographic proofs and can be traced on-chain.

Secret Network

Secret Network is an L1 network that integrates advanced cryptography and TEE to ensure data privacy in dApps. It is built with Cosmos SDK and Tendermint consensus to provide scalability and interoperability in the blockchain ecosystem.

Key innovations and features

Secret Contract: These smart contracts process encrypted inputs and outputs, maintaining data confidentiality throughout the computation process. This enables developers to create dApps with enhanced privacy features for use cases that require secure data processing.
Confidential Computing: By leveraging TEE, Secret Network ensures that data is stored, processed, and protected in a trusted environment that is inaccessible even to the nodes performing the computation.
Interoperability: As part of the Cosmos ecosystem, Secret Network leverages the Inter-Blockchain Communication (IBC) protocol to enable seamless interaction with over 110 interconnected blockchains.

Recent Developments

Secret AI: Secret Network has expanded its capabilities with the launch of Secret AI, a decentralized confidential computing solution that brings trusted AI to privacy-conscious users. Built on Secret Network, Secret AI leverages NVIDIA confidential computing with TEE capabilities to provide fully confidential AI interactions.
Verifiable Proxy Infrastructure: As announced in the 2025 roadmap, Secret is launching infrastructure for running arbitrary workloads (e.g. AI agents, MCP servers, etc.) inside of Secret VMs.
End-to-end confidentiality solution: Secret’s AI and verifiable proxy infrastructure leverages the project’s battle-tested confidential computing blockchain to provide an end-to-end confidentiality solution. Secret’s blockchain is used for payment and provision of Confidential AI and Confidential VM services, protecting sensitive metadata about user activities and finances.
Partnerships：Secret Network has established strategic partnerships to advance privacy-preserving AI agents. Key partners include Aethir, Eliza OS, Zekret and Kuvi.aiFor example, by working with Project Zero, they aim to combine confidential computing infrastructure with advanced data solutions to lay the foundation for a secure, customizable, and private AI-driven economy.

Ecosystem and Community

Since the launch of the mainnet in September 2020, Secret Network has processed millions of transactions and fostered a vibrant dApp ecosystem, such as the Shade DeFi suite, Stashh NFT marketplace, etc. The platform's native token SCRT is used for transaction fees, staking, and governance, playing a vital role in network security and decision-making.

TEN

TEN is an L2 rollup on Ethereum that leverages TEE to provide confidential and scalable smart contract execution. By leveraging TEE, TEN enables encrypted transactions and confidential computing, allowing developers to create dApps with enhanced privacy features. The platform is fully compatible with the Ethereum Virtual Machine (EVM), enabling seamless migration of existing Ethereum dApps without modification. In addition, TEN solves issues related to Maximum Extractable Value (MEV) by encrypting transaction data, thereby mitigating front-running and other exploitative behaviors.

Background and expertise

The team behind TEN has a strong track record in blockchain development, having previously built the Corda blockchain, which currently handles over $10 billion in on-chain assets. With this experience, the founders integrated Corda’s TEE cryptography into Ethereum, bringing decentralized confidential computing to one of the largest communities in Web3.

Key innovations and features

TEN introduces several novel features to the Ethereum ecosystem:

Programmable Cryptography: As the first Ethereum L2 with programmable cryptography, TEN allows any Web2 application to seamlessly transition into the Web3 realm, expanding the potential of decentralized applications.
TEE Rollups: By leveraging TEE rollups, TEN significantly broadens the design space of Web3 applications, enabling more complex and secure functionality.
Incentivized Validator Network：TEN is the first L2 to share sorter profits with users through an incentivized validator network, promoting greater decentralization and community participation.
Gamified user rewards: The platform introduces novel, proactive, gamified rewards to incentivize user participation, thereby enhancing the vitality of the entire ecosystem.

Use Cases and Applications

The unique features of TEN facilitate a wide range of applications:

Autonomous AI Agents：TEN’s infrastructure supports the deployment of autonomous AI agents in a decentralized environment, enabling innovative interactions and capabilities.
Intelligent transparency: The platform introduces intelligent transparency, allowing complex access control mechanisms to be implemented in smart contracts, thereby enhancing privacy and security.
On-chain games：TEN enables complex gaming scenarios like poker to be conducted entirely on-chain, ensuring fairness and transparency.
Security Token Issuance: The platform facilitates the creation of irrevocable launchpads, provides a secure environment for token issuance, and protects investors from potential scams.

Projects based on Zero-Knowledge Proof (ZKP)

Zero-knowledge proof (ZKP) allows a party to prove the validity of a statement without revealing the underlying data. This makes ZKP a foundational technology for privacy-preserving verification in decentralized systems. In the DeCC ecosystem, projects such as Penumbra, Aleph Zero, and Aleo are applying ZKP to implement private transactions, encrypted state machines, and scalable confidential smart contracts.

Aleph Zero & Common

Aleph Zero is an L1 network that combines a directed acyclic graph (DAG) architecture with its novel AlephBFT consensus protocol, achieving high scalability and near-instant transaction finality, and an EVM-compatible L2. Common is a multi-chain privacy layer built on top of Aleph Zero that allows users to hold, transfer, and earn returns on crypto assets without exposing their on-chain activities. It is built on ZKP, enabling private interactions between EVM chains through a unified privacy pool architecture. Users access Common through a web application or mobile wallet, both of which are designed to provide a smooth fintech-style experience while keeping assets private by default. Unlike many privacy-first platforms that require an entirely new ecosystem, Common aims to integrate privacy directly into the existing DeFi technology stack. By abstracting the complexity of ZKP, it enables users to easily use and combine privacy features in the tools and applications they already rely on.

Key innovations and features

Aleph Zero Shielder Network: A privacy-preserving asset layer across multiple EVM chains, based on ZKP, that enables private balances and transfers through shared anonymity sets.
Optimized ZK performance：Through highly optimized zk circuits, Common achieves state-of-the-art efficiency in client-side proof generation. This makes it the first platform to provide private asset management without compromising user experience. Proofs are fast enough to keep interactions smooth and responsive.
Web Application Interface: A browser-based interface compatible with most existing EVM wallets, making it easy for users to start using privacy pools without switching wallets or changing habits. It acts as a privacy gateway with minimal onboarding friction.
Common Mobile: A dedicated mobile wallet designed for maximum usability, providing a smooth neo-bank-like experience while handling all privacy pool interactions in the background. Assets are private by default, and the technical complexity of ZK and cross-chain privacy is completely abstracted from the user.
Privacy Benefits：Private assets can earn returns through integrated DeFi strategies without depriving or compromising privacy.
Private dApp Interaction: Temporary accounts allow users to interact with applications like Uniswap or Aave without linking their activities to their main wallet.
Revocation of anonymity: A TEE-managed mechanism for revoking privacy in extreme cases, with compliance built in, without compromising everyday user privacy, but with the goal of preventing abuse in the space by a variety of bad actors.

Common introduces a practical, composable privacy layer for DeFi, enabling confidential asset management, yield generation, and cross-chain interactions without sacrificing usability. By integrating optimized ZKP infrastructure with existing EVM tooling, it brings scalable privacy to mainstream crypto workflows without the need for a new ecosystem or fragmented user experience.

Aleo

Aleo is a privacy-centric L1 blockchain built for private and scalable decentralized applications using ZKP. Unlike traditional blockchains that prioritize transparency, Aleo enables fully private computation, allowing developers to build applications where sensitive user data and logic remain confidential. It does this through a combination of its proprietary Coinbase Puzzle, AleoBFT consensus, and advanced ZK infrastructure, allowing validators to confirm transaction validity without revealing the sender, receiver, or transaction value. Aleo is fully programmable on top of private by default, enabling developers to set what data is exposed to whom.

Key innovations and features

ZK-first execution model：Aleo implements programmable privacy using its Leo programming language, which compiles to ZK circuits. Developers can build private applications while maintaining verifiability.
Private Transactions: Approximately 6.1% of all transactions in the fourth quarter of 2024 were private transactions, indicating users' real demand for confidentiality in public blockchain environments.
Elastic Network Growth: Despite a significant drop in token price in Q4, Aleo’s daily active addresses increased by 10.6% and new addresses increased by 34.4%, demonstrating strong potential user adoption.
Decentralized Application Ecosystem: Aleo supports a growing set of financial and non-financial applications, including Arcane Finance, Pondo, Puzzle, Verulink Bridge, and zPass.

Ecosystem and developer tools

Infrastructure support: Amareleo (an open source toolset for Leo developers),Monadic.usTools such as snarkOps (a set of tools that can be used to maintain the network environment of Aleo’s zero-knowledge decentralized operating system snarkOS) and V23’s DokoJS (a specialized library that provides a simplified CLI (command line interface) for interacting with the Aleo blockchain) provide developers with everything they need to build privacy-focused applications.
Community-led governance: Aleo’s governance processes include ARC-721 (NFT standard), ARC-101 (validator standard), and ARC-0042 (block rewards), all of which have passed with high community approval rates.

Validators and Staking Landscape

Staking Participation: As of the end of the fourth quarter of 2024, more than 1.2 billion ALEOs have been staked, with an average value of $1.7 billion throughout the quarter.
Validator Incentives：The protocol rewards both validators and ZK provers, creating a bilateral incentive model that supports privacy and security.

Penumbra

Penumbra is a L1 blockchain in the Cosmos ecosystem that enables fully private, end-to-end encrypted transactions and DEX trading. All activities, including transfers, staking, and redemptions, are protected and kept confidential using zero-knowledge proofs. Penumbra's wallet, Prax, runs an embedded ultra-light node that generates these proofs locally on the user's device, protecting user data privacy.

Key innovations and features

Fully private proof-of-stake network and DEX: Penumbra combines privacy with proof-of-stake through a novel private delegation mechanism that provides staking derivatives, tax-efficient staking, and on-chain governance with private voting.
Inter-Blockchain Communication (IBC) Integration: By leveraging IBC, Penumbra connects to over 110 chains in the Cosmos ecosystem, acting as an ecosystem-wide privacy pool and allowing private transactions in any IBC-compatible asset or any EVM asset via IBC v2 (Eureka).
End-to-end encrypted transactions：All transactions and DEX operations are end-to-end encrypted, enabling users to trade, pledge, exchange or make markets without revealing any personal information.
Anonymous governance: Network governance is anonymous, delegators’ votes are private and untraceable, while validators’ votes remain public to ensure accountability.
Privacy by default: Privacy is the default state in the network, not an optional add-on, ensuring comprehensive confidentiality for all users.
Privacy Pools in the IBC Ecosystem：Penumbra acts as a privacy pool for the entire IBC ecosystem, enhancing privacy across multiple chains.
Advanced trading features：The platform provides centralized liquidity, competitive fees to liquidity providers, and offers the best prices to users.

Technology Development

Ultralight Node: Penumbra’s ultra-light nodes generate zero-knowledge proofs locally on the user’s device, ensuring that privacy starts and ends on the user’s device.
Batch Execution：Penumbra DEX implements an order-book-style AMM that enables efficient on-chain routing and batch execution.
Centralized Liquidity：Liquidity positions are created anonymously on DEXs, allowing traders to approximate their desired trading function without revealing their personal views on prices.

Decentralized Privacy Network (DePIN + Private Data Routing) Project

Decentralized privacy networks focus on protecting metadata and network-level information through private routing, relay networks, and infrastructure designed for confidentiality. These systems complement on-chain privacy by solving off-chain communication and interaction layers. Projects such as SilentSwap and Anyone Protocol are building network-level privacy solutions to enable anonymous transactions, censorship resistance, and private peer-to-peer communication.

Anyone Protocol

Anyone Protocol is a decentralized privacy network that aims to provide secure and anonymous internet access to any user or application by routing traffic through a global network of community-operated relays using multi-hop encryption. This approach ensures that no single relay can track user activity or access full data, thereby enhancing privacy.

Key innovations and features

Network-level privacy：Anyone focuses on protecting network metadata, including IP addresses and locations, by routing traffic through its decentralized network. This ensures that applications can effectively protect user information.
Developer Tools：The protocol provides developers with tools, such as the Anyone Software Development Kit (SDK), that enable privacy features to be seamlessly integrated into applications. This promotes the adoption of decentralized confidential computing solutions.
Interoperability：Anyone is highly compatible with projects that utilize Trusted Execution Environment (TEE), Fully Homomorphic Encryption (FHE), and Multi-Party Computation (MPC). By protecting transaction and remote procedure call (RPC) data, it creates comprehensive anonymity both on-chain and off-chain.
AI Privacy: As AI evolves, Anyone enhances the privacy of AI-enabled applications, preventing a single entity from profiling users based on requests from them or their AI agents.

Incentives

The protocol promotes network growth and resilience by rewarding participants with ANYONE tokens to operate relays. The token drives the economic security of the network and is staked to relays to protect them from attacks by a single adversary.

Through these features, Anyone Protocol aims to build a decentralized, high-performance, privacy-centric Internet infrastructure to empower users and developers.

SilentSwap

SilentSwap is a privacy-preserving exchange aggregation service designed for permissionless, non-custodial asset transfers across chains. It integrates advanced cryptography and a novel routing architecture that leverages existing DeFi infrastructure to enhance user privacy without compromising usability, compatibility, or security.

Key innovations and features:

Use existing infrastructure

SilentSwap does not deploy its own smart contracts or bridges. Instead, it routes swaps through established decentralized infrastructure, including well-known bridges and liquidity aggregators. This architecture enables:

By avoiding custom on-chain infrastructure, SilentSwap minimizes its attack surface and avoids creating new points of failure.

Non-custodial asset control
Inheriting decentralization and security from the underlying protocol
Enhanced privacy by embedding user activity into standard DeFi transaction flows

Cross-chain compatibility

SilentSwap supports all major EVM-compatible chains and is expanding to include Solana, SUI, TRON, and native Bitcoin. The system allows:

Initiate a swap on one chain and receive output on one or more different chains
Splitting outputs across chains to increase obfuscation and unlinkability of transactions

Minimal on-chain footprint

All conversions are conducted through standard token transfers and bridge transactions, making them indistinguishable from typical DeFi activity. This obfuscation method ensures that:

Lower traceability
Achieve plausible deniability by keeping pace with daily on-chain transaction volume
Enhanced privacy through the underlying features of each integrated chain

SilentSwap's privacy model is built around default obfuscation while maintaining compliance with regulatory standards, including OFAC compliance. Rather than relying on peer-to-peer mechanisms, it uses stealth addresses, cryptographic routing, and standard transaction paths to provide practical privacy without the need for custom infrastructure. This makes SilentSwap particularly useful for a range of privacy-focused workflows, such as discreet corporate payroll operations, private position management for whales, funds, and DAOs, anonymous on-chain portfolio rebalancing, front-running arbitrage or market-making strategies, and transaction obfuscation for vaults or entities operating under sensitive regulatory conditions.

Summarize

Decentralized confidential computing (DeCC) represents a fundamental shift in the way sensitive data is handled in decentralized systems. While early blockchain infrastructure prioritized transparency and auditability, this sacrificed privacy, limiting the range of applications that could be built. DeCC addresses this limitation by enabling encrypted computing, allowing private logic, inputs, and data to be protected even in a trustless public environment.

Technologies that enable this include zero-knowledge proofs, multi-party computation, obfuscated circuits, fully homomorphic encryption, and trusted execution environments. Each technology offers unique trade-offs in performance, trust, scalability, and composability. In practice, these tools are not used in isolation. They are increasingly combined to provide privacy-preserving applications that meet the needs of decentralized finance, decentralized identity, AI model training, and cross-domain collaboration.

With over $1 billion in capital allocated to projects in the space, the momentum behind DeCC is no longer speculative. Teams are moving from theoretical capabilities to real-world deployments in cryptographic primitives, secure hardware, and protocol infrastructure. As adoption grows, DeCC is poised to become a standard layer of the decentralized technology stack, enabling a wider class of secure, trust-minimized applications that were previously unavailable on public infrastructure.

The article comes from the Internet:Messari | Privacy Layer: Understanding the Inner Workings of Decentralized Confidential Computing

share to

# All articles