The Privacy Layer: Understanding the Inner Workings of Decentralized Confidential Computing

Key Insights

• DeCC introduces the ability to preserve data privacy on inherently transparent public blockchains, enabling private computation and state without sacrificing decentralization.
• DeCC secures data while in use, solving a key vulnerability in both traditional and blockchain systems by enabling encrypted computation without exposing plaintext.
• Trustless confidentiality is achieved through a combination of cryptographic tools like ZKPs, MPC, GC, FHE, and TEEs with attestation, each offering trade-offs in performance and trust that can be composed for stronger guarantees.
• Over $1 billion has been invested into DeCC projects, reflecting growing momentum across the sector as teams focus on real-world integrations and developer-focused infrastructure.

Introduction: The Evolution of Data Computation & Security

Blockchain technology introduced a new paradigm of decentralization and transparency but not without tradeoffs. In the first wave of crypto privacy, often called “Privacy 1.0,” tools like mixers, coin tumblers, and shielded transactions (e.g. Zcash, Monero, and Beam.mw) offered users a degree of anonymity for financial transfers. These solutions were specialized, mostly limited to obscuring sender and receiver identities, and were disconnected from broader application infrastructure.

A second wave is now taking shape. Rather than just hiding transactions, privacy is being extended to full computation. This shift marks the emergence of Decentralized Confidential Computing (DeCC), also referred to as Privacy 2.0. DeCC introduces private computation as a core feature of decentralized systems, enabling data to be processed securely without revealing underlying inputs to other users or the network.

Unlike typical smart contract environments where all state changes and inputs are publicly visible, DeCC keeps data encrypted throughout computation and only reveals what is necessary for correctness and verification. This allows applications to maintain a private state over public blockchain infrastructure. For example, by using Multi Party Computation (MPC), a group of hospitals could analyze their combined datasets without any institution seeing another’s raw patient data. Where transparency once limited what blockchains could support, privacy unlocks entirely new categories of use cases that require confidentiality.

DeCC is enabled by a range of technologies designed for secure data processing. These include Zero Knowledge Proofs (ZKPs), Multi Party Computation (MPC), Garbled Circuits (GC), and Fully Homomorphic Encryption (FHE), all of which rely on cryptography to enforce privacy and correctness. Trusted Execution Environments (TEEs) complement these tools by offering hardware-based isolation for secure offchain execution. Together, these technologies form the foundation of the DeCC stack.

The potential applications are broad: decentralized finance systems where trading strategies remain confidential, public health platforms that extract insights from private data, or AI models trained on distributed datasets without exposing the underlying inputs. All of these require privacy-preserving computation to be built into the infrastructure layer of blockchain systems.

This report explores the current state of DeCC and its broader significance. We begin by contrasting how data is handled in traditional systems versus DeCC frameworks, and why transparency alone is insufficient for many decentralized applications. We then examine the core technologies that underpin DeCC, how they differ, and how they can be composed together to balance tradeoffs in performance, trust, and flexibility. Finally, we map out the ecosystem, highlighting the capital flowing into the space, the teams building in production, and what this momentum suggests for the future of decentralized computing.

Traditional Data Processing vs. Decentralized Confidential Computing (DeCC)

To appreciate the need for DeCC, it helps to understand how data is handled in conventional computing environments and where the weak points lie. In classic computing architecture, data typically exists in three states: at rest (stored on disk/databases), in transit (moving across a network), and in use (being processed in memory or CPU). The confidential computing industry has solid solutions for two of these states thanks to decades of security advances.

• Data at Rest: Encrypted using disk-level encryption or database-level encryption (e.g., AES). Common in enterprise systems, mobile devices, and cloud storage.
  
• Data in Transit: Protected via secure transport protocols like TLS/SSL. Ensures that data is encrypted while moving between systems or across networks.
  
• Data in Use: Traditionally, encrypted data received from storage or over the network is decrypted before processing. This means workloads operate on plaintext, leaving data in use unprotected and exposed to potential threats. DeCC, aims to address this vulnerability by enabling computation without revealing the underlying data.

While the first two states are well protected, securing data in use remains a challenge. Whether it’s a bank server calculating an interest payment or a cloud platform running a machine learning model, the data must usually be decrypted in memory. At that moment, it’s vulnerable: a malicious system administrator, a malware infection, or a compromised operating system could peek at or even alter the sensitive data. Traditional systems mitigate this with access controls and isolated infrastructure, but fundamentally, there’s a period where the “crown jewels” are sitting in plain form inside a machine.

Now consider blockchain-based projects. They take the transparency to an even higher level: not only might the data be decrypted on one server, it’s often replicated in plaintext across thousands of nodes globally. Public blockchains like Ethereum and Bitcoin intentionally broadcast all transaction data to achieve consensus. This works fine if your data is just financial info meant to be public (or pseudonymous). But it completely breaks down if you want to use blockchains for any use case involving sensitive or personal information. In Bitcoin, for example, every transaction amount and address is visible to all – great for auditability, terrible for privacy. For smart contract platforms, any data you put in a contract (your age, your DNA sequence, your business’s supply chain info) becomes public to every network participant. No bank wants all its trades public, no hospital can put patient records on a public ledger, and no gaming company would reveal players’ secret states to everyone.

The Data Lifecycle and Its Vulnerabilities

In a traditional data processing lifecycle, a user typically sends data to a server, the server decrypts and processes it, then stores results (maybe encrypting them on disk) and sends back a response (encrypted via TLS). The vulnerable point is clear: while in use, the server holds the raw data. If you trust the server and its security, fine – but history has shown that servers can be hacked or insiders can abuse access. Enterprises handle this with strict security practices, but they remain cautious about putting ultra-sensitive data in others’ hands.

In contrast, in a DeCC approach, the goal is that at no point does any single entity get to see sensitive data in the open, not even during processing. Data might be split among multiple nodes, or processed inside encrypted envelopes, or proven via cryptography without showing it. The entire lifecycle from input to output can thus maintain confidentiality. For example, rather than sending raw data to a server, the user could send an encrypted version or secret shares of it to a network of nodes. Those nodes run computations in a way where none of them learn the underlying data, and the user gets back an encrypted result that only they (or an authorized party) can decrypt.

Why Transparency Isn’t Enough in Crypto

While public blockchains solved the problem of trust (we no longer need to trust a central operator; the rules are transparent and enforced by consensus), they did so by sacrificing privacy. The mantra was, "Don't put anything onchain that you wouldn’t want made public.” For simple cryptocurrency transfers, that might be okay in some scenarios; for complex applications, it can get quite complicated. As the Penumbra team (building a private DeFi chain) put it, in DeFi today, “as users interact onchain, leaks of information become leaks of value,” leading to front-running and other exploits​. If we want decentralized exchanges, lending markets, or auctions to operate fairly, participants’ data (bids, positions, strategies) often need to be hidden; otherwise, outsiders can exploit that knowledge in real-time. Transparency makes every user’s moves public, which is not how traditional markets work for good reason.

Furthermore, many valuable blockchain use cases beyond finance involve personal or regulated data that legally cannot be made public. Consider decentralized identity or credit scoring – users might want to prove attributes about themselves (“I am over 18” or “my credit score is 700”) without revealing their entire identity or financial history. Under a fully transparent model, that’s impossible; any proof you put onchain reveals the data. DeCC technologies like zero-knowledge proofs are precisely meant to solve that, allowing selective disclosure (prove X without revealing Y). Another example is a company that might want to use a blockchain for supply chain tracking but doesn’t want competitors to see its raw inventory logs or sales data. DeCC could commit encrypted data onchain and only share decrypted info with authorized partners, or use ZK proofs to prove compliance with certain standards without revealing trade secrets.

How DeCC Enables Trustless Confidential Computing

Addressing the limitations of transparency in decentralized systems requires infrastructure capable of maintaining confidentiality during active computation. Decentralized Confidential Computing provides such infrastructure by introducing a suite of technologies that apply cryptographic and hardware-based methods to protect data throughout its lifecycle. These technologies are designed to ensure that sensitive inputs remain undisclosed, even as they are being processed, removing the need for trust in any single operator or intermediary.

The DeCC stack includes Zero-Knowledge Proofs (ZKPs), which allow a party to prove that a computation was performed correctly without revealing the inputs; Multi-Party Computation (MPC), which enables multiple parties to jointly compute a function without exposing their individual data; Garbled Circuits and Fully Homomorphic Encryption (FHE), which allows computations to be performed directly on encrypted data; and Trusted Execution Environments (TEE), which provide hardware-enforced isolation for secure execution. Each of these technologies has distinct operational characteristics, trust models, and performance profiles. In practice, they are often integrated to address different security, scalability, and deployment constraints across applications. The following sections outline the technical foundations of each and how they enable trustless, privacy-preserving computation in decentralized networks.

1. Zero-Knowledge Proofs (ZKP)

Zero-knowledge proofs are one of the most impactful cryptographic innovations applied in blockchain systems. A ZKP allows one party (the prover) to convince another party (the verifier) that a given statement is true without revealing any information beyond the validity of the statement itself. In other words, it enables a person to prove that they know something, such as a password, a private key, or a solution to a problem, without disclosing the knowledge itself.

Take, for example, a “Where’s Waldo” puzzle. Suppose someone claims they have found Waldo in a crowded image but does not want to reveal his exact location. Instead of sharing the full image, they take a timestamped photo of Waldo's face, zoomed in so that the rest of the image does not appear. The verifier can confirm that Waldo has been found without learning where he was located in the picture. This proves the claim is correct while revealing no additional information.

In more formal terms, a zero knowledge proof allows a prover to demonstrate that a specific statement is true (for example, “I know a secret key that hashes to this public value” or “this transaction is valid under the protocol’s rules”) without revealing the inputs or internal logic behind the computation. The verifier is convinced by the proof but gains no other information. One of the earliest and most widely used examples in blockchain is the zk SNARKs (Zero Knowledge Succinct Non-Interactive Argument of Knowledge). Zcash uses zk-SNARKs to allow users to prove they own a private key and are sending a valid transaction without revealing the sender’s address, the recipient, or the amount. The network sees only a short cryptographic proof certifying that the transaction is legitimate.

How ZKPs enable confidential computing: In a DeCC context, ZKPs shine in scenarios where you want to demonstrate that a computation was done correctly on hidden data. Instead of everyone re-executing a computation (as in traditional blockchain validation), a prover can do the computation privately and then publish a proof. Others can use that tiny proof to verify the computation’s result is correct, without ever seeing the underlying inputs. This can preserve privacy and dramatically improve scalability (since verifying a succinct proof can be much faster than re-running an entire computation). Projects like Aleo have built an entire platform around this idea: users run programs offchain on their private data and produce a proof; the network verifies the proof and accepts the transaction. The network does not know the data or what exactly happened, but it knows that whatever it was, it followed the rules of the smart contract. This effectively creates private smart contracts, which are impossible on Ethereum's public VM without ZKP. Another emerging application is zk-rollups for privacy: these not only batch transactions for scalability but also use ZK to hide the details of each transaction (unlike normal rollups, where the data is still usually public).

ZK proofs are powerful because their security is purely mathematical, following a setup phase that oftentimes relies on the honesty of the participants in a “ceremony” (a multi-party cryptographic protocol that produces secret/random information). If the cryptographic assumptions hold (e.g., certain problems remain hard to solve), a proof cannot be faked and cannot be forged to assert a false statement. Therefore, by design, it leaks zero additional information. This means you do not have to trust the prover at all; either the proof checks out or it does not.

Limitations: The trade-off historically was performance and complexity. Generating ZK proofs can be computationally intensive (orders of magnitude more than doing the computation normally). In early constructions, proving even simple statements could take minutes or more, and the cryptography was complex and required special setup (trusted setup ceremonies) – though newer proof systems like STARKs avoid some of these issues. There is also a limitation in functionality: most ZK schemes involve a single prover proving something to many verifiers. They do not solve private shared state (where the private data “belongs” to, or is formed by a combination of, multiple users, as in the case of auctions and AMMs). In other words, ZK can prove the user correctly computed Y from my secret X, but it does not by itself allow two people to compute a function on both their secrets collaboratively. To solve private shared state, ZK-based solutions typically use other technologies like MPC, GC, and FHE. Additionally, pure ZKPs typically assume the prover actually knew or owned the data being proved.

There are also size concerns: early zk-SNARKs produced very short proofs (just a few hundred bytes), but some newer zero-knowledge proofs (especially those with no trusted setup, like bulletproofs or STARKs) can be larger (tens of kB) and slower to verify. However, ongoing innovations (Halo, Plonk, etc.) are rapidly improving efficiency. Ethereum and others are heavily investing in ZK as a scaling and privacy solution.

2. Multi-Party Computation (MPC)

Where ZK proofs allow one to prove something about its own private data, Secure Multi Party Computation, which mostly refers to Secret Sharing (SS)-based techniques, tackles a different but related challenge: how to actually compute something collaboratively without revealing inputs. In an MPC protocol, multiple independent parties (or nodes) jointly compute a function over all their inputs, such that each party learns only the result and nothing else about the other parties’ inputs. The foundation of secret sharing-based MPC was established by Ivan Damgard of Partsia Blockchain Foundation with his co-authored paper in the late 1980s. Since then, there have been various techniques created.

A simple example is a group of companies that want to calculate the industry-wide average salary for a given role, but none of them wants to disclose their internal figures. Using MPC, each company inputs its data into a joint computation. The protocol ensures that no company sees the raw data from any other participant, but all receive the final average. The computation is executed across the group through cryptographic protocols that eliminate the need for a central authority. In this setup, the process itself acts as the trusted intermediary.

How does MPC work? Each participant’s input is mathematically split into pieces (shares) and distributed among all participants. For instance, if my secret is 42, I might generate random numbers that sum to 42 and give a share (random-looking piece) to each party. No single piece reveals anything, but collectively, they have the information. The participants then perform computations on these shares, passing messages back and forth, such that at the end they end up with shares of the output, which can then be combined to reveal the result. Throughout the process, nobody ever sees the raw inputs; they only see encoded or obscured data.

Why is MPC important? Because it’s inherently decentralized, it doesn’t rely on a single secure box (like a TEE) or a single prover (like ZK). It eliminates the need to trust any single party. One common definition describes it this way: when computations are distributed across participants, there’s no need to rely on any one party for privacy or correctness. This makes it a cornerstone of privacy-preserving technology. If you have 10 nodes doing an MPC computation, generally, you’d need a large fraction of them to collude or be compromised to leak the secret. This aligns well with blockchain’s distributed trust model.

Challenges of MPC: Privacy doesn’t come free. MPC protocols often incur overhead, primarily in communication. To jointly compute, parties must exchange multiple rounds of encrypted messages. The number of communication rounds (sequential back-and-forth messages), as well as their bandwidth requirements, can grow with the complexity of the function and number of parties. As more parties participate, ensuring the computation remains efficient is tricky. There’s also the question of honest vs malicious participants. Basic MPC protocols assume participants follow the protocol (maybe curious but not deviating). More robust protocols handle malicious actors (who might send wrong info to try to break privacy or correctness), but those add even more overhead to detect and mitigate cheating. Interestingly, blockchains can help here by providing a framework for punishing misbehavior. For example, staking and slashing can be used if a node deviates from the protocol, making MPC and blockchain a complementary pair.

In terms of performance, significant progress has been made. Preprocessing techniques can do heavy cryptographic lifting before actual inputs are known. For example, generating correlated random data, known as Beaver triples, can later be used to speed up multiplications. This way, when it’s time to actually compute on real inputs (the online phase), it can be much faster. Some modern MPC frameworks can compute fairly complex functions among a handful of parties in seconds or less. There’s also research into scaling MPC to many parties by organizing them in networks or committees.

MPC is particularly relevant for applications like private multi-user dApps (e.g., an auction where bids are secret, executed via MPC), privacy-preserving machine learning (several entities train a model on their combined data without sharing the data – an active area known as federated learning with MPC), and distributed secret management (like the threshold key example). A concrete crypto example is Partisia Blockchain, which integrates MPC at its core to enable enterprise privacy on a public blockchain. Partisia uses a network of MPC nodes to handle private smart contract logic, then posts commitments or encrypted results onchain.

3. Garbled Circuits (GC)

Garbled circuits are a fundamental concept in modern cryptography and were the first solution proposed to enable computations on encrypted data. In addition to supporting encrypted computation, GC methods are also used in various privacy-preserving protocols, including zero-knowledge proofs and anonymous/unlinkable tokens.

What is a Circuit? A circuit is a general computational model that can represent any function, from simple arithmetic to complex neural networks. Although the term is often associated with hardware, circuits are used extensively across DeCC technologies, including ZK, MPC, GC, and FHE. A circuit consists of input wires, intermediate gates, and output wires. When values (boolean or arithmetic) are provided to the input wires, the gates process these values and produce corresponding outputs. The layout of the gates defines the function being computed. Functions or programs are transformed into circuit representations using compilers such as VHDL or domain-specific cryptographic compilers.

What is a Garbled Circuit? A standard circuit reveals all data during execution, such as the values on input and output wires, as well as intermediate gate outputs, are in plaintext. A garbled circuit, in contrast, encrypts all of these components. The inputs, outputs, and intermediate values are transformed into encrypted values (garbled texts), and the gates are referred to as garbled gates. Garbled circuit algorithms are designed so that evaluating the circuit reveals nothing about the original plaintext values. The processes of transforming plaintext into garbled text and then decoding it are known as encoding and decoding.

How does GC solve computation on encrypted data? Garbled circuits were introduced by Andrew Yao in 1982 as the first general solution for computing on encrypted data. His original example, known as the Millionaires’ Problem, involves a group of individuals who want to find out who is the wealthiest without revealing their actual wealth to one another. Using a garbled circuit, each participant encrypts their input (their wealth) and shares the encrypted version with the others. The group then evaluates a circuit designed to compute the maximum value, step by step, using encrypted gates. The final output, such as the identity of the wealthiest person, is decrypted, but no one learns any other participant’s exact input. While this example uses a simple maximum function, the same approach can be applied to more complex tasks, including statistical analysis and neural network inference.

Breakthroughs that made GC suitable for DeCC. Recent research led by Soda Labs has adapted garbled circuit technology for decentralized environments. These advances focus on three key areas: decentralization, composability, and public auditability. In decentralized settings, computation is separated between two independent groups: garblers, who produce and distribute garbled circuits, and evaluators, who execute them. Garblers supply circuits to the evaluator's network, which runs them on demand as directed by smart contract logic.

This separation enables composability, or the ability to construct complex computations from smaller, atomic operations. Soda Labs implements this by producing a continuous stream of garbled circuits that correspond to low-level virtual machine instructions (e.g., for the EVM). These building blocks can be assembled dynamically at runtime to perform more complex tasks.

For public auditability, Soda Labs has proposed a mechanism that allows external parties, regardless of their involvement in the computation, to verify that results were computed correctly. This verification is possible without exposing the underlying data, adding an additional layer of trust and transparency.

The importance of GC to DeCC: Garbled circuits offer low-latency, high-throughput computation over encrypted inputs. As demonstrated on the COTI Network live mainnet, the initial implementation supports approximately 50 to 80 confidential ERC20 transactions per second (ctps), with higher throughput expected in future versions. GC protocols rely on widely adopted cryptographic standards such as AES and libraries like OpenSSL, which are used broadly in sectors including healthcare, finance, and government. AES also offers quantum-resistant variants, supporting future compatibility with post-quantum security requirements.

GC-based systems are compatible with client-side environments and do not require specialized hardware or GPUs, unlike some TEE or FHE deployments. This reduces infrastructure costs and enables deployment across a broader range of devices, including lower-capacity machines.

Challenges of GC: The primary limitation of garbled circuits is communication overhead. Current implementations require around 1 MB of data to be sent to evaluators per confidential ERC20 transaction. However, this data can be preloaded well in advance of execution, so it does not introduce latency during real-time use. Continued improvements in bandwidth availability, including trends described by Nielsen’s Law (which predicts bandwidth doubling every 21 months), along with active research into garbled circuit compression, are helping to reduce this overhead.

4. Fully Homomorphic Encryption (FHE)

Fully Homomorphic Encryption is often viewed as a cryptographic magic trick. It allows one to perform arbitrary computations on data while it remains encrypted, and then decrypt the result to get the correct answer as if it had been computed on the plaintext. In other words, with FHE, you could outsource a computation on your private data to an untrusted server, and the server, working only on ciphertexts, would still produce a ciphertext that you can decrypt to get the right answer, all without the server ever seeing your data or the result in plaintext.

For a long time, FHE was purely theoretical. The concept was known since the 1970s, but a practical scheme was not discovered until 2009. Since then, there has been steady progress in making FHE less slow. Even so, it remains computationally heavy. Operations on encrypted data can be thousands or millions of times slower than on clear data. But what was once astronomically slow is now merely quite slow, and optimizations and special-purpose FHE accelerators are rapidly improving the landscape.

Why is FHE revolutionary for privacy? With FHE, you can have a single server or blockchain node do computations for you, and as long as the encryption holds strong, that node learns nothing. It is a very pure form of confidential computing where data is always encrypted, everywhere. For decentralization, you could also have multiple nodes each perform the FHE computation for redundancy or consensus, but none of them have any secret info. They are all just manipulating ciphertext.

In the context of blockchains, FHE opens up the possibility of completely encrypted transactions and smart contracts. Imagine an Ethereum-like network where you send your transaction encrypted to the miners, they execute the smart contract logic on the encrypted data, and include an encrypted result in the chain. You or authorized parties can later decrypt the result. To everyone else, it is opaque gibberish, but they might have a proof that the computation was valid. This is where combining ZK with FHE could come in, proving that encrypted transactions followed the rules. This is essentially what the project Fhenix is pursuing: an EVM-compatible Layer-2 that natively supports FHE for all its computations.

Real-world use cases enabled by FHE: Beyond blockchain, FHE is already attractive for cloud computing. For example, letting you send encrypted database queries to a cloud and get encrypted answers back, with only you able to decrypt the answer. In the blockchain context, a compelling scenario is privacy-preserving machine learning. FHE could let a decentralized network run AI model inference on user-provided encrypted data, so that the network does not learn your inputs or the result, only you do when you decrypt. Another use case is in the public sector or health data collaboration. Different hospitals could encrypt their patient data with a common key or a federated key setup, and a network of nodes could compute aggregate statistics on all hospitals’ encrypted data, delivering results that researchers can decrypt. This is similar to what MPC can do, but FHE might do it with simpler architecture, just an untrusted cloud or miner network crunching numbers, at the cost of heavier computation per operation.

Challenges of FHE: The biggest is performance. While strides have been made, FHE is still often between a thousand and a million times slower than plaintext operations, depending on the computation and scheme. This means it is currently practical for limited tasks, such as simple functions or batching many operations in one go in some schemes, but not yet something you would use to run a complex VM executing millions of steps, at least not without serious hardware support. There is also the issue of ciphertext size. Fully homomorphic operations tend to bloat data. Some optimizations, like bootstrapping, which refreshes ciphertexts that start to accumulate noise as operations are performed, are necessary for arbitrary-length computations and add overhead. However, many applications do not need fully arbitrary depth. They can use leveled HE, which performs a fixed number of multiplications before decrypting, and can avoid bootstrapping.

For blockchain, integrating FHE is complex. If every node has to perform FHE operations on every transaction, that could be extremely slow with today’s technology. That is why projects like Fhenix start as an L2 or sidechain, where perhaps one powerful coordinator or subset of nodes does the heavy FHE lifting and the L2 batches results. Over time, as FHE becomes more efficient or as specialized FHE-accelerator ASICs or GPUs become available, it could be more broadly adopted. Notably, some companies and academia are actively working on hardware to speed up FHE, seeing its importance for the future of data privacy across both Web2 and Web3 use cases.

Combining FHE with other techniques: Often, FHE might be used in conjunction with MPC or ZK to tackle its weaknesses. For instance, multiple parties could hold shares of the FHE secret key so no single party can decrypt alone, essentially creating a threshold FHE scheme. This mixes MPC with FHE to avoid a single point of decryption failure. Or, a zero-knowledge proof could be used to prove that an FHE-encrypted transaction is well-formed without decrypting it, so that blockchain nodes can be sure it is valid before processing it. This is the kind of hybrid model some call ZK-FHE. In fact, a composable DeCC approach might be to use FHE for the heavy lifting of data processing since it is one of the only ways to compute while always encrypted, and use ZK proofs to ensure the computation did not do anything invalid or to allow others to verify outcomes without seeing them.

5. Trusted Execution Environments (TEE)

Trusted Execution Environments are a foundational component of Decentralized Confidential Computing. A TEE is a secure area within a processor that isolates code and data from the rest of the system, ensuring that the contents remain protected even if the operating system is compromised. TEEs provide confidentiality and integrity during computation with minimal performance overhead. This makes them one of the most practical technologies available for secure general-purpose computing.

Think of it this way: a TEE is like reading a confidential document inside a locked room that no one else can enter or see into. You can review and work with the document freely, but as soon as you leave the room, you take the results with you and lock everything else behind. No one outside ever sees the document directly, only the final outcome you choose to reveal.

Modern TEEs have advanced significantly. Intel’s TDX and AMD SEV support the secure execution of entire virtual machines, while NVIDIA’s high-performance GPUs, including the H100 and H200, now also include TEE capabilities. These upgrades make it possible to run arbitrary applications inside confidential environments, including machine learning models, backend services, and user-facing software. For instance, Intel TDX combined with an NVIDIA H100 can run inference on models with over 70 billion parameters at only a modest performance penalty. Unlike cryptographic approaches that require custom tooling or constrained environments, modern TEEs can run containerized applications without modification. This allows developers to deploy applications written in Python, Node.js, or other standard languages while maintaining data confidentiality.

A prime example is Secret Network, the first blockchain that enabled general smart contracts with private state by leveraging TEEs, specifically Intel SGX. Every Secret node runs the smart contract execution runtime inside an enclave. Transactions to the smart contracts are encrypted so that only the enclave can decrypt them, execute the smart contracts, and produce encrypted outputs. The network uses remote attestation to ensure nodes are running genuine SGX and the approved enclave code. This way, smart contracts on Secret Network can handle private data, like an encrypted input, and even the node operator cannot read it. Only the enclave can, and it only releases what it is supposed to, often just a hash or encrypted result. Phala Network and Marlin use a similar but distinct model. Its architecture is built around TEE-powered worker nodes that perform secure offchain computations and return verified results to the blockchain. This setup enables Phala to preserve data confidentiality and execution integrity without exposing raw data to any external party. The network is designed for scalability and interoperability, supporting privacy-preserving workloads across decentralized applications, cross-chain systems, and AI-related services. Like Secret Network, Phala illustrates how TEEs can be used to extend confidential computing into decentralized environments by isolating sensitive logic in verifiable hardware enclaves.

Modern deployments of TEEs in DeCC incorporate several best practices:

1. Remote Attestation and Open Source Runtimes: Projects publish the code that will run inside enclaves, often a modified WASM interpreter or specialized runtime, and provide a procedure for attesting it. For instance, every Secret Network node produces an attestation report proving it is running the Secret enclave code on a genuine SGX. Other nodes and users can verify this attestation before trusting that node with encrypted queries. By using open source runtime code, the community can audit what the enclave should be doing, though they still must trust the hardware to do only that.
2. Redundancy and Consensus: Instead of a single enclave doing a task, some systems have multiple nodes or enclaves perform the same task and then compare results. This resembles an MPC approach but at a higher level. If one enclave deviated or was compromised and produced a different result, it could be detected by majority voting, assuming not all enclaves are compromised. This was the approach of the earlier Enigma project, which evolved into Secret. They planned for multiple SGX enclaves computing and cross-checking. In practice, some networks currently trust a single enclave per contract for performance, but the design can extend to multi-enclave consensus for higher security.
3. Ephemeral Keys and Frequent Reset: To mitigate risks of key leakage, TEEs can generate fresh encryption keys for each session or task and avoid storing long-term secrets. For example, if a DeCC service is doing confidential data processing, it might use ephemeral session keys that get thrown away often. This means even a later compromise might not expose past data. Key rotation and forward secrecy are recommended so that even if an enclave is breached at time T, data from time less than T, remains safe.
4. Use for Privacy, Not Consensus Integrity: As noted earlier, TEEs are best used to protect privacy rather than core consensus integrity. So, a blockchain might use TEEs to keep data secret but not to validate blocks or secure the ledger’s state transition, which is better left to consensus protocols. In this setup, a compromised enclave might leak some private information but cannot, for example, fake a coin transfer on the ledger. This design relies on cryptographic consensus for integrity and enclaves for confidentiality. It is a separation of concerns that limits the impact of a TEE failure.
5. Confidential Virtual Machine Deployments: Several networks have begun deploying full Confidential Virtual Machines (CVMs) using modern TEE infrastructure. Examples include Phala’s cloud platform, Marlin Oyster Cloud, and SecretVM. These CVMs can run containerized workloads in secure environments, enabling general-purpose privacy-preserving applications across decentralized systems.

TEEs can also be combined with other technologies. One promising idea is running an MPC within TEEs. For instance, multiple enclaves on different nodes, each holding a share of the secret data, could jointly compute via MPC while each enclave keeps its share secure. This hybrid provides defense in depth: an attacker would need to both break the enclave and corrupt enough parties to access all secret shares. Another combination is using a ZK proof to attest to what an enclave did. For example, an enclave could output a short zk-SNARK proving it followed the protocol correctly on certain encrypted inputs. This can reduce the level of trust required in the enclave. Even if the enclave were malicious, it could not produce a valid proof if it deviated from the prescribed computation unless it also broke the ZK cryptography. These ideas are still at the research stage but are being actively explored.

In current practice, projects like TEN, The Encrypted Network, an Ethereum Layer-2 solution, use secure enclaves to implement confidential rollups. TEN’s approach uses enclaves to encrypt transaction data and execute smart contracts privately while still producing an optimistically verified rollup block. They emphasize that secure enclaves give high confidence over the code that is running, meaning users can be assured of how their data is handled because the code is known and attested, even if they cannot see the data itself. This highlights a key benefit of TEEs: deterministic, verifiable execution. Everyone can agree on the code hash that should run, and the enclave ensures only that code executes while keeping inputs hidden.

Composable DeCC Stacks (Hybrid Approaches)

One exciting aspect of Privacy 2.0 is that these technologies are not siloed (although they can and are used independently); they can be composed. Much like how traditional cloud security uses multiple layers such as firewalls, encryption, and access control, DeCC confidential computing can layer techniques to leverage their respective strengths.

Several combinations are already being explored: MPC with TEE, ZK with TEE, GC with ZK, FHE with ZK, and others. The end goal is clear: no single technique is perfect. Combining these methods allows offsetting their individual limitations.

Here are a few patterns under development:

• MPC with TEE (MPC inside enclaves): In this approach, an MPC network runs where each node’s computations happen inside a TEE. For example, consider a network of ten nodes jointly analyzing encrypted data using MPC. If an attacker compromises one node, they gain access only to the enclave that holds a single share of the secret, which by itself reveals nothing. Even if SGX is broken on that node, only a fragment of the data is exposed. To compromise the full computation, a threshold of enclaves would need to be subverted. This dramatically improves security, assuming enclave integrity remains intact. The tradeoff includes higher overhead from MPC and reliance on TEEs, but for high-assurance scenarios, this hybrid can be justified. This model effectively layers cryptographic and hardware trust guarantees.
  
• ZK Proofs with MPC or FHE: ZK proofs can function as audit layers. For instance, an MPC network may compute a result and then collectively generate a zk SNARK proving the computation adhered to a defined protocol without exposing inputs. This adds verification confidence for external consumers, such as a blockchain ingesting the result. Similarly, in an FHE context, since the data remains encrypted, ZK proofs can be used to prove that computations were correctly executed on ciphertext inputs. Projects like Aleo pursue this strategy. Computations are done privately, but verifiable proofs certify correctness. The complexity is nontrivial, but the composability potential is significant.
  
• ZK Proofs with GC: Zero knowledge proofs are often used alongside garbled circuits to protect against potentially malicious garblers. In more complex GC-based systems involving multiple garblers and evaluators, ZK proofs also help verify that individual garbled circuits have been correctly composed into a larger computational task.
  
• TEE with ZK (Shielded execution with proof): A TEE can produce a proof of correct execution. For example, in a sealed bid auction, an enclave could calculate the winner and output a ZK proof that confirms the computation was correctly performed on encrypted bids without revealing any bid details. This approach allows anyone to verify the outcome even if trust in the enclave is limited. Though still largely experimental, early research prototypes are investigating these proofs of confidential knowledge to merge TEE performance with ZK verifiability.
  
• FHE with MPC (Threshold FHE): One known challenge in FHE is that the decryption step reveals the result to the entity holding the secret key. To decentralize this, the FHE private key can be split among multiple parties using MPC or secret sharing. After the computation, a decryption protocol is executed collectively, ensuring no single party can decrypt the result independently. This structure eliminates centralized key custody, making FHE viable for threshold use cases such as private voting, encrypted mempools, or collaborative analytics. Threshold FHE is an active research area with strong relevance to blockchain.
  
• Secure Hardware with Cryptography for performance segregation: Future architectures may assign different workloads to different privacy-preserving technologies. For example, computationally heavy AI tasks could run in secure enclaves, while more security-sensitive logic, such as key management, is handled by cryptographic protocols such as MPC, GC, or FHE. Conversely, enclaves may be used for lightweight tasks where performance is key but the consequences of leakage are limited. By decomposing an application’s privacy requirements, developers can allocate each component to the most suitable trust layer, similar to how encryption, access control, and HSMs are layered in traditional systems.

The Composable DeCC Stack model emphasizes that applications do not need to choose one privacy method. They can integrate multiple DeCC technologies, tailored to the needs of specific components. For instance, many emerging privacy networks are being built modularly, supporting both ZK and MPC, or providing configurable confidentiality layers depending on use case.

Admittedly, combining techniques adds engineering and computational complexity, and the performance cost may become prohibitive in some contexts. However, this layered security model can be justified for high-value workflows, especially in finance, AI, or governance. Early examples are already operational. Oasis Labs has prototyped TEE MPC hybrids for private data markets. Academic projects have demonstrated MPC and GC computations verified by zk SNARKs, highlighting growing interest in cross-model validation.

A future dApp may run encrypted storage via AES or FHE, compute using a blend of MPC, GC, and TEEs, and post verifiable ZK attestations onchain. Though invisible to the user, this privacy stack would enforce robust protections against data exposure and unauthorized inference. The end goal is to make this level of privacy infrastructure default and transparent, delivering applications that feel familiar but operate with fundamentally different trust assumptions.

Venture Capital and Developer Momentum

Privacy-preserving computation has become a notable area of capital allocation within the crypto sector, with investment activity continuing to increase. Investors and builders are increasingly betting that decentralized confidential computing (DeCC) will unlock new market opportunities by enabling private applications that would otherwise be infeasible on public blockchain infrastructure.

Cumulative venture capital funding across leading DeCC projects has surpassed several hundred million dollars. Notable examples include:

• Aleo, a Layer-1 network using zero-knowledge proofs for private applications, has raised approximately $228 million. This includes a $28 million Series A in 2021 led by a16z and a $200 million Series B in 2022 at a $1.45 billion valuation. Aleo is investing in developer tooling and its broader ecosystem for privacy-preserving applications.
  
• Partisia Blockchain, which combines secure multi-party computation (MPC) with blockchain infrastructure, raised $50 million in 2021 to expand its privacy-preserving Layer-1 and Layer-2 platforms. Its funding came from both strategic and institutional backers focused on confidential data use cases.
  
• Fhenix, an Ethereum Layer-2 that implements fully homomorphic encryption (FHE), raised $15 million in a Series A round in June 2024, bringing total funding to $22 million. Early investors include a16z and Hack VC, reflecting confidence in the viability of encrypted smart contract execution.
  
• Mind Network, focused on building an FHE-based privacy layer for data processing, raised $10 million in a Pre-A round in September 2024, bringing their total funding to $12.5 million. The project targets applications in secure voting, private data sharing, and confidential AI execution.
  
• Arcium, a confidential computing network on Solana, raised $5.5 million in early 2025 from Greenfield Capital, with a total raise of $9 million to date. Arcium positions itself as an encrypted compute layer for high-throughput chains.
  
• COTI, in partnership with Soda Labs, committed $25 million from its ecosystem fund to develop an MPC-based privacy Layer-2. The collaboration focuses on advancing garbled circuits technology for privacy-preserving payments.
  
• TEN, an Ethereum-based Layer-2 using trusted execution environments (TEEs), raised $9 million in late 2023 in a round led by the R3 consortium to a total of $16 million The team includes engineers with experience building permissioned blockchain infrastructure.
  
• Penumbra, a Cosmos-based privacy zone for DeFi, raised $4.75 million in a seed round led by Dragonfly Capital in 2021. The project aims to support shielded swaps and MEV-resistant trading.
  
• Aleph Zero, a privacy-enabled Layer-1 using DAG consensus and zero-knowledge techniques, raised roughly $21 million through public and private token sales. It is positioning itself as a base layer with built-in confidentiality features.

Legacy projects also continue to contribute to the momentum. Secret Network, which evolved from the Enigma project, raised $45 million via a token sale in 2017 to launch the first TEE-based smart contract platform with a total investment of upwards of $400 million. iExec, a decentralized cloud platform that supports TEEs, raised around $12 million and has since received grants to advance confidential data tooling.

When including token allocations, ecosystem funds, and public sale proceeds, overall investment in the DeCC sector likely approaches $1 billion. This is comparable to funding levels seen in sectors such as Layer-2 scaling or modular infrastructure.

The DeCC ecosystem is also expanding through partnerships and open-source collaboration. Organizations such as the Confidential Computing Consortium have added blockchain-based members like iExec and Secret Network to explore standards across private computation. Academic initiatives, developer hackathons, and privacy-focused conferences are cultivating technical talent and community participation.

Projects are also improving accessibility through SDKs, languages, and APIs that abstract away the cryptographic complexity. For example, tooling frameworks like Circom, ZoKrates, and Noir simplify zero-knowledge development, while platforms like Arcium’s Arcis lower the barrier to building with MPC. Developers can now integrate privacy into decentralized applications without advanced cryptographic expertise.

Partnerships with enterprises and government bodies are further validating the space. Partisia has collaborated with Okinawa Institute of Science and Technology (OIST) on joint cryptographic research projects, while Secret Network has engaged with Eliza Labs to develop confidential AI solutions.

As funding and ecosystem activity continue to grow, DeCC is becoming one of the most well-capitalized and rapidly developing areas of crypto infrastructure, with a high degree of interest from both builders and institutional stakeholders. That said, as with any emerging technology cycle, many projects in the space may fail to deliver on their vision or gain meaningful adoption. However, a small subset is likely to endure, setting the technical and economic standards for privacy-preserving computation across decentralized systems.

DeCC Ecosystem

The Decentralized Confidential Computing (DeCC) ecosystem is made up of technologies and frameworks that support secure computation across distributed systems. These tools enable sensitive data to be processed, stored, and transmitted without being exposed to any single party. By combining cryptographic techniques, hardware-enforced isolation, and decentralized network infrastructure, DeCC addresses key privacy limitations in public blockchain environments. This includes challenges related to transparent smart contract execution, unprotected offchain data usage, and the difficulty of preserving confidentiality in systems designed for openness.

DeCC infrastructure can be broadly categorized into six technical pillars:

• Zero Knowledge Proofs (ZKPs) for verifiable private computation.
  
• Multi Party Computation (MPC) for collaborative computation without data sharing.
  
• Garbled Circuits (GC) for computing on standard encrypted data.
  
• Fully Homomorphic Encryption (FHE) for computing directly on encrypted inputs.
  
• Trusted Execution Environments (TEEs) for hardware-based confidential processing.
  
• Decentralized Privacy Networks for routing and infrastructure-level metadata protection.

These components are not mutually exclusive and are often composed together to meet specific performance, security, and trust requirements. The following section highlights projects implementing these technologies and how they fit into the broader DeCC landscape.

Fully Homomorphic Encryption (FHE) Based Projects

A number of DeCC projects use Fully Homomorphic Encryption (FHE) as their primary mechanism for enabling encrypted computation. These teams are focused on applying FHE to domains such as private smart contracts, secure data processing, and confidential infrastructure. While FHE is computationally intensive compared to other approaches, its ability to compute on encrypted data without decryption offers strong security guarantees. Key projects in this category include Octra, Mind Network, and Fhenix, each experimenting with different architectures and use cases to bring FHE closer to practical deployment.

Fhenix

Fhenix is an FHE research and development company building scalable, real-world applications of Fully Homomorphic Encryption. Fhenix’s FHE Coprocessor (CoFHE) is an offchain computation layer designed to process encrypted data securely. It offloads heavy cryptographic operations from the main blockchain (e.g., Ethereum or L2 solutions) to enhance efficiency, scalability, and privacy without compromising decentralization, while offering an easy method for integration. This architecture allows computations on encrypted data without decryption, ensuring end-to-end privacy for decentralized applications. Fhenix is fully EVM-compatible, allowing developers to quickly build FHE-based applications with ease of use, using Solidity and existing Ethereum tools like Hardhat and Remix. Its modular design includes components like FheOS and Fhenix’s Threshold network, which manage FHE operations and FHE decryption requests, respectively, providing a flexible and adaptable platform for privacy-preserving applications.​

Key Innovations and Features​

• Seamless Integration with EVM Chains: Fhenix enables any EVM chain to access encryption capabilities with minimal modifications. Developers can incorporate FHE-based encryption into their smart contracts using a single line of Solidity code, simplifying the adoption of confidential computing across various blockchain networks.
• Fhenix Coprocessor: Fhenix offers a coprocessor solution that connects natively to any EVM chain, providing FHE-based encryption services. This approach allows existing blockchain platforms to enhance their privacy features without overhauling their infrastructure.
• Institutional Adoption and Collaboration: FHE-based confidentiality is crucial for institutional adoption of Web3 technologies. Fhenix's collaboration with JPMorgan Chase on a proof-of-concept project demonstrated the platform's potential to meet stringent privacy requirements in financial services.
• Enhanced Decryption Solutions: The Fhenix team has developed a high-performance Threshold network for decryption FHE operations using a combination of MPC and FHE. Fhenix TSN network advancements reduce decryption latency and computational overhead, enhancing the user experience in privacy-preserving applications. ​
• Diverse Use Cases Under Development: Fhenix focuses on bringing encrypted computation to developers within existing ecosystems, such as EVM chains. Current developments include applications like confidential lending platforms, dark pools for private trading, and confidential stablecoins, all of which benefit from FHE's ability to maintain data privacy during computation. ​

Mind Network

​Mind Network is a decentralized platform pioneering the integration of FHE to establish a fully encrypted Web3 ecosystem. Mind Network functions as an infrastructure layer, enhancing security across data, consensus mechanisms, and transactions by enabling computations on encrypted data without the need for decryption. ​

Key Innovations and Features

• First to Implement FHE on Mainnet: Mind Network has achieved a significant milestone by bringing FHE to its mainnet, enabling quantum-resistant, fully encrypted data computation. This advancement ensures that data remains secure throughout its lifecycle - during storage, transfer, and processing - addressing vulnerabilities inherent in traditional encryption methods. ​
• Introduction of HTTPZ: Evolving beyond the standard HTTPS protocol, Mind Network contributes to the vision of HTTPZ, put forth by Zama, a next-generation framework that maintains continuous data encryption for a fully encrypted web This innovation ensures that data remains encrypted during storage, transfer, and computation, eliminating reliance on centralized entities and enhancing security across various applications, including AI, DeFi, DePIN, RWA, and gaming. ​
• Agentic World: Mind Networks FHE computation network is put to work for AI Agents in Agentic World, which stands on three pillars:
  • Consensus Security, where AI agents in a distributed system must reach reliable decisions without manipulation or conflict.
  • Data Privacy, where AI agents can process encrypted data without ever exposing it.
  • Value Alignment, where ethical constraints are embedded within AI agents to ensure their decisions align with human values.
• FHE Bridge for Cross-Chain Interoperability: Mind Network offers the FHE Bridge to promote a seamless decentralized ecosystem. This bridge facilitates secure interoperability between different blockchain networks. It enables encrypted data to be processed and transferred across chains without exposing sensitive information, supporting the development of complex, multi-chain applications. Chainlink is currently integrating it with CCIP.
• DeepSeek Integration: Mind Network became the first FHE project to be integrated by DeepSeek, a platform known for its advanced AI models. This integration leverages Mind Network's FHE Rust SDK to secure encrypted AI consensus.

Octra

​Octra is a general-purpose, chain-agnostic network founded by former VK (Telegram) and NSO team members with a decade of experience in encryption. Since 2021, Octra has been developing a proprietary Fully Homomorphic Encryption (FHE) scheme based on hypergraphs (HFHE), allowing near-instant computations on encrypted data. Unlike other FHE projects, Octra is entirely independent and does not rely on third-party technology or licenses.​

Key Innovations and Features

• Proprietary HFHE Scheme: Octra's unique HFHE enables efficient binary operations using hypergraphs, supporting parallel computations where different nodes and hyperedges are processed independently. ​
• Isolated Execution Environments: The network supports isolated execution environments, enhancing security and privacy for decentralized applications. ​
• Diverse Codebase: Developed mainly in OCaml and C++, with support for Rust in contracts and interoperability solutions, Octra offers flexibility and robustness in its infrastructure. ​

Current Developments

• HFHE Sandbox: A demonstration of Octra's HFHE is available at their sandbox environment, showcasing the practical applications of their encryption technology.
• Testnet Progress: The first validators have connected to the testnet, marking a significant step toward network stability and reliability.​
• Academic Contributions: An upcoming publication in the International Association for Cryptologic Research (IACR) will detail Octra's HFHE advancements, reflecting their commitment to contributing to the broader cryptographic community.​
• Mainnet and Rollup Builder: Octra plans to launch its mainnet for key management and storage in 2025, with an EVM/SVM rollup builder expected in 2026, aiming to enhance scalability and interoperability across blockchain platforms.​

Funding and Community Engagement

In September 2024, Octra secured $4 million in pre-seed funding, led by Finality Capital Partners, with participation from investors like Big Brain Holdings, Karatage, Presto Labs, and Builder Capital. In January 2025, Octra raised a further $1.25M through Cobie’s angel syndicate investing platform, Echo, with the allocation selling out in under a minute. These investments underscore confidence in Octra's potential to revolutionize data privacy and security. The project maintains active engagement with the developer community through platforms like GitHub, and has recently released a public WASM sandbox, where experimental versions of their HFHE library are available for testing and feedback.

By integrating proprietary HFHE technology with a robust and flexible infrastructure, Octra aims to set new standards in secure, efficient, and decentralized data processing across various applications.

​Garbled Circuits (GC) Based Projects

Garbled Circuits (GC) are a specialized form of computation on encrypted data that allows two or more parties to jointly evaluate a function without revealing their individual inputs. While GC is mostly known to solve computation on encrypted data, it can also solve various privacy and security problems, such as zero-knowledge proofs and anonymous-token-based authentication over the Internet.
Projects such as COTI and Soda Labs are applying GC-based techniques to enable confidential messaging, private payment protocols, and scalable privacy layers.

COTI

COTI is a fast, lightweight L2 privacy solution built on Ethereum, serving privacy-on-demand across 70+ chains. COTI enables low-cost, scalable confidentiality that secures both financial transactions and sensitive data. Individuals can engage in Web3 without giving away personal information, businesses can protect proprietary data, and AI agents can operate as sovereign entities. Originally launched in 2017, COTI’s cross-chain capabilities bring permissioned privacy to dApps across all major blockchains without compromising speed, cost, or composability.

At the core of COTI’s privacy stack is its use of Garbled Circuits, developed in collaboration with Soda Labs. This cryptographic technique allows for private computation on encrypted data, achieving privacy while remaining highly efficient compared to FHE. COTI supports a wide range of real-world use cases, from consumer payments to enterprise integrations and government-grade digital currency pilots. For highly regulated environments, COTI’s proprietary Data Privacy Framework (DPF) allows regulatory audits of encrypted data without compromising user privacy, ideal for regulated sectors such as banking, lending, and government.

Key Innovations and Features

• Onchain Garbled Circuits: COTI is the first Ethereum L2 to implement Garbled Circuits onchain, enabling encrypted computation without revealing inputs. This offers strong privacy guarantees with minimal overhead across 70+ networks.
• Performance & Efficiency: COTI's privacy stack delivers exceptional performance, with its Garbled Circuit implementation being 1,000x faster and 250x more storage-efficient than FHE-based alternatives.
• EVM Compatibility: Fully compatible with Solidity and existing Ethereum tooling, allowing developers to easily integrate privacy-preserving logic without new languages or infrastructure.
• Major Partnerships: COTI has secured integrations with platforms such as MyEtherWallet, Bancor, Hacken, and AnChain.ai, showcasing ecosystem-wide adoption.

Enterprise Blockchain Participation

COTI is a member of the Enterprise Ethereum Alliance and has collaborated with central banks on CBDC pilots, including the European Central Bank’s Digital Euro and Bank of Israel’s Digital Shekel projects.

Soda Labs

Soda Labs is a cryptographic infrastructure company specializing in Garbled Circuits, a technology enabling computations directly on encrypted data without ever needing to decrypt it. This approach guarantees data privacy and security, crucial for sensitive applications in blockchain, AI, finance, and healthcare.

Through its flagship innovation, the gcEVM, a unique adaptation of Garbled Circuit technology for blockchain environments, Soda Labs empowers dApps to accept and process encrypted data onchain. The platform emphasizes efficiency, compatibility with existing developer tools, and adherence to established cryptographic standards like AES. This innovation unlocks practical, privacy-sensitive use cases that meet the stringent requirements of individuals, businesses, and regulated financial institutions. Key applications include confidential stablecoins and payments, private decentralized exchanges (DEX) and over-the-counter (OTC) trading, secure tokenization of real-world assets (RWAs), private identity management systems, and robust governance solutions.

Technology Overview

Soda Labs leverages Garbled Circuits (GC), a robust cryptographic technique enabling secure computation directly on encrypted data. GC primarily utilizes widely adopted, standardized symmetric-key encryption schemes, such as AES. This enables avoiding the need for heavy computation on the client side, such as generating complex zero-knowledge proofs, as required in ZK or FHE based solutions. Instead, users of Soda Labs’ decentralized secure computation platform interact with a lightweight SDK powered only by standard Open-SSL, similar to those used in modern browsers, that runs seamlessly on virtually any device.

Its architecture supports user-specific encryption keys and contract-defined decryption logic. This makes it possible to enforce data confidentiality at multiple layers, ranging from value transfers and bids to user identities and application logic, across both native chains and existing EVM networks via a modular coprocessor model.

Key Innovations and Features

• From Yao to multiparty DeCC: Soda Labs’ innovative GC-based computation separates the garbling and evaluation phases, allowing many (potentially thousands) evaluators to participate in safeguarding encrypted data without degrading performance.
• High performance, even on peak demand: Soda Labs invented the Offline Soldering technique that allows preprocessing for peak computation demand, even without knowing what computation (contract functions) will be requested in real-time.
• Strong security guarantees to users: one of the main concerns in DeCC is the collusion of the network nodes, either for breaking privacy or to steal users’ funds. Soda Labs developed a protocol to guarantee full verifiability, meaning that users can be financially protected even from a catastrophic event of collusion of all nodes.
• gcEVM – Confidential Virtual Machine: A modified Ethereum-compatible virtual machine that introduces new instructions for encrypted data processing. Developers use Solidity-like syntax to build dApps that can compute and selectively decrypt data.
• Two Modes of Deployment:
  • gcEVM Chain (Integrated Privacy): Fully integrated into a blockchain's node software for native confidential computing.
  • gcCo-Processor (Async Privacy): An overlay network for existing chains (L1, L2 and oracles) that offloads confidential computation and returns decrypted outputs onchain.
• Enterprise and Network Adoption: adopted and in production by a major blockchain - the COTI V2 network, as well as being evaluated by significant entities like the ECB Digital EURO program and Chainlink Labs. Soda Labs has partnered with the Nvidia Inception Program to further optimize its performance by utilizing Nvidia’s hardware.
• Performance: Current benchmarks show 80–100 confidential transactions per second (ctps) for ERC-20 operations, with potential for ~1000 ctps with upcoming optimizations.

Soda Labs’ infrastructure provides a practical, cryptographically secure alternative to more computationally intensive cryptographic models, enabling scalable, programmable privacy for both decentralized and traditional applications.

Multi-Party Computation (MPC) Based Projects

Multi-Party Computation (MPC) enables multiple parties to compute a function over their combined inputs without any party revealing its own data. MPC is one of the most established techniques in the confidential computing space, known for its strong security guarantees and flexible deployment models. In the DeCC ecosystem, projects such as Arcium and Partisia are leveraging MPC to support private computation across use cases, including cross-organizational data collaboration, secure key management, and decentralized identity systems.

Arcium

Arcium, known as "The Encrypted Supercomputer," is a decentralized confidential computing network designed to enable secure, verifiable computation on fully encrypted data. Rather than functioning as a traditional Layer-2, Arcium operates as an independent decentralized execution layer that integrates with high-performance blockchains like Solana. Its architecture leverages Multi-Party Computation (MPC) protocols to ensure that no single participant can access sensitive data during processing, while maintaining auditability and performance. ​

Key Innovations and Features

• Multi-Party eXecution Environments (MXEs): Arcium's architecture features MXEs, allowing independent clusters of nodes to process encrypted computations in parallel. This design enhances speed and scalability, requiring only one honest participant to ensure privacy, supported by cryptographic proofs and economic incentives like staking and slashing.
• arxOS: At the core of Arcium's network is arxOS, a distributed operating system that coordinates the decentralized nodes, known as Arx. This system manages resources and executes programs securely across the network, enabling efficient and confidential computations.
• Arcis Developer Framework: To facilitate the development of privacy-preserving applications, Arcium offers Arcis, a Rust-based framework. Arcis enables developers to integrate encrypted computing into their applications seamlessly, promoting the creation of secure and private solutions.
• Inpher Integration: Arcium acquired the core technology and team from Inpher, a leading Web2 confidential computing company. This acquisition brings advanced MPC solutions for confidential machine learning into Arcium's ecosystem, accelerating its mainnet launch and expanding its confidential computing capabilities. ​

Vision and Impact

Arcium aims to redefine digital interactions by enabling secure computations on fully encrypted data, eliminating the need to expose information during processing. This approach addresses the fundamental flaw in traditional data usage, where data must be exposed to be utilized, leading to privacy erosion and potential exploitation. By preserving privacy, Arcium unlocks novel on and offchain use cases while enhancing existing ones, empowering industries such as AI, DeFi, and decentralized physical infrastructure networks (DePIN).

Funding and Support

Backed by over $10 million in funding from investors, including Coinbase Ventures, LongHash, Greenfield, Jump, Anatoly (Solana), Keone (Monad), Santiago R Santos, Mert (Helius), and Balaji Srinivasan, Arcium is leading a significant technological revolution in confidential computing.

By providing a trustless, verifiable, and high-performance framework for encrypted computation, Arcium is poised to transform the digital landscape, ensuring that data can be fully utilized without ever being exposed, a paradigm shift for the digital world.

Partisia Blockchain

Partisia Blockchain is a L1 public blockchain that uniquely integrates secure Multi-Party Computation (MPC) with blockchain technology to deliver privacy-preserving and scalable solutions. This integration enables computations to be performed directly on encrypted data without exposing it to participating nodes, ensuring both confidentiality and data integrity. ​

Key Innovations and Features

• Extensive MPC Research and Expertise: With over 35 years of research and more than 1,000 research papers published, Partisia Blockchain's foundation is built on extensive expertise in MPC. The founders are renowned cryptographers who have significantly contributed to the field, bringing unparalleled knowledge to the platform's development.
• Customizable MPC Smart Contract Language: Partisia Blockchain offers a customizable MPC smart contract language that can be invoked as a service from any blockchain. This feature allows Partisia to provide its MPC technology as a service to other chains, enhancing privacy and security across various blockchain ecosystems.
• Sharding for Scalability: The platform supports sharding at both the protocol and smart contract layers, enhancing scalability and transaction throughput. This design ensures that the network can handle a high volume of transactions efficiently, addressing scalability challenges commonly faced by blockchain networks. ​
  Bring Your Own Coin (BYOC) Model: Partisia Blockchain's BYOC model enables users to utilize tokens from other blockchains within its ecosystem, promoting interoperability and flexibility. This approach allows for seamless integration of various digital assets, enhancing the utility and accessibility of the platform. ​

Foundational Leadership

The leadership team comprises pioneers in cryptography and blockchain technology:​

• Ivan Damgård: A co-founder and Chief Cryptographer, Ivan is a professor and head of the cryptography research group at Aarhus University. He co-founded Cryptomathic, Partisia Blockchain, and Sepior and is recognized as one of the most cited researchers in cryptography.
• Kurt Nielsen: As co-founder and President of the Foundation Council, Kurt holds a PhD in Economics and has co-founded Partisia, Sepior, and Partisia Blockchain. He has over 15 years of experience turning advanced cryptography solutions into innovative high-tech businesses.
• Peter F. Frandsen: A co-founder and member of the Foundation Council, Peter has a strong background in software building and project management, having worked exclusively in blockchain and MPC over the last 10 years. Peter managed the building of the Partisia Blockchain platform, demonstrating the practical application of MPC and blockchain integration.

Vision and Impact

Partisia Blockchain aims to establish a new standard for secure solutions that manage confidential data across users and platforms. By combining MPC with blockchain technology, it addresses the challenges of privacy, interoperability, and scalability, fostering transparency and accountability across various sectors.

Through its innovative approach, Partisia Blockchain is expanding the possibilities of Web3 applications, enabling developers to build decentralized apps that require secure and private data processing. This advancement is pivotal in growing the Web3 ecosystem and attracting new users by solving real-world problems with blockchain technology.

Trusted Execution Environment (TEE) Based Projects

Trusted Execution Environments (TEEs) provide hardware-based isolation for secure computation and remain a core component of many DeCC architectures. TEEs are especially effective for executing general-purpose applications with low performance overhead, making them well-suited for use cases such as confidential smart contracts, secure data processing, and private AI workloads. Projects including iExec, Marlin, TEN, Phala Network, and Secret Network are actively deploying TEE infrastructure to bring confidential execution to decentralized systems.

iExec

iExec is a decentralized confidential computing platform that enables trusted offchain execution using a TEE-based CPU and GPU infrastructure. It provides developers with tools and resources to build and monetize privacy-preserving applications across AI, DeFi, RWA, and data-driven use cases.

The iExec ecosystem allows participants to control, protect, and monetize digital assets such as computing power, personal data, code, and AI models. The RLC token, an ERC-20 utility token, underpins the platform's operations by enabling access to infrastructure, developer tools, and rewards for contributors.

Key Innovations and Features

• Confidential Computing Infrastructure: Supports secure execution environments powered by Intel SGX and upcoming support for Intel TDX and NVIDIA CCA GPUs, allowing the deployment of arbitrary confidential services, including AI agents and model training.
• Monetization of Digital Assets: Users can monetize digital assets, such as AI models or datasets, directly through the protocol using the RLC token.
• Tokenomics Initiatives: iExec has introduced new tokenomics mechanisms aimed at incentivizing builders, holders, and end-users to enhance engagement and ensure a sustainable circular token economy.
• AI Framework: Offers tools for AI developers, including TensorFlow and PyTorch-based templates that streamline the development and deployment of AI agents and inference workloads.
• Confidential Services Support: New features enable hosting verifiable and secure services for AI, analytics, and other sensitive workloads in TEEs, advancing the concept of Confidential AI.

Developer Ecosystem & Tools

• Developer SDKs: Provide seamless access to confidential infrastructure with built-in monetization and encryption protections.
• iApp Generator: Enables quick packaging and deployment of apps into TEEs with minimal configuration.iExec Vouchers: Fixed pricing options for accessing infrastructure and tools, supporting predictable development costs.

Ecosystem Growth and Recent Developments

iExec continues to expand its ecosystem through strategic collaborations, infrastructure enhancements, and product innovation. In 2024, it launched a 1M RLC Ecosystem Fund to accelerate leading Web3 projects via investment, technical guidance, and developer support. To scale its computing capabilities, iExec is onboarding GPU and CPU providers, partnering with high-traction Layer 2 networks, and integrating decentralized storage solutions for secure, scalable data handling.

As part of its broader vision for Confidential AI, it joined AI Unbundled, a cross-industry alliance uniting decentralized compute, storage, and blockchain infrastructure. That same year, iExec introduced DataProtector, a tool for integrating confidential workflows into dApps, and was featured in Intel’s 2024 AI Inference Catalogue for enabling private data processing in medical diagnostics. iExec also remains an active member of the DeCC Alliance, a coalition advancing standards for decentralized confidential computing.

Marlin

Marlin is a verifiable computing protocol that utilizes TEEs and ZK–based coprocessors to delegate complex workloads over a decentralized cloud infrastructure. Unlike traditional L1 blockchains, Marlin functions as a decentralized cloud platform, offering secure and private computations without depending on a single underlying blockchain. ​

The protocol offers two primary services:​

• Oyster: This sub-network specializes in providing TEE-based serverless coprocessors that can scale with demand. Oyster allows instances to be rented individually for any duration or enables tasks to be delegated among a pool of nodes in a serverless manner, ensuring users pay only for the execution time. Nodes can be rented, and tasks delegated using both smart contract calls and Web2 APIs, enhancing flexibility and integration capabilities. ​
• Kalypso: Serving as a permissionless ZK proof marketplace for any circuit, Kalypso facilitates the generation and verification of zero-knowledge proofs. It operates transparently and trustlessly, allowing secure and public registration, tracking, and validation of services. Kalypso's architecture integrates contracts and Marlin Oyster enclaves to provide users with hardware-level guarantees of integrity and confidentiality. ​

Key Innovations and Features

• Serverless Capabilities: Beyond leasing confidential virtual machines, Marlin uniquely offers serverless functionalities, allowing users to pay per request and benefit from on-demand scalability. ​
• Simplified Enclave Deployment: Developers can easily build and deploy enclaves using Docker images, streamlining the process of creating secure environments for application execution. ​
  Flexible Key Management Service (KMS): Marlin provides a versatile KMS where code running in enclaves can securely retrieve persistent private keys through Remote Attestation–based authentication. These keys can be used to encrypt, store, and decrypt content, allowing TEE-based applications to recover state upon enclave failure or shutdown. ​
• Reproducible Builds: Utilizing Nix, Marlin ensures fully reproducible builds, enabling users to verify through Remote Attestations that applications they interact with were built from a specific codebase. ​
• Custom TLS Protocol (Scallop): Marlin introduces Scallop, a custom TLS protocol that allows enclaves to establish secure encrypted channels with other enclaves or users, using Remote Attestations instead of traditional SSL certificates.

Marlin has also pioneered several innovations:​

• Decentralized Frontends: By leveraging TEEs, Marlin enables SSL certificates to be issued to enclaves, facilitating the development of verifiable decentralized frontends.
• Confidential ZK Proof Generation: Marlin supports the generation of zero-knowledge proofs within TEEs, preserving the confidentiality of private inputs during the proof generation process.

Phala Network

Phala Network is a next-generation cloud platform that provides a low-cost, user-friendly, trustless environment, making zero-trust computing accessible to a broad range of developers. By leveraging a hybrid infrastructure including Trusted Execution Environments (TEEs), blockchain, Multi-Party Computation (MPC), and Zero-Knowledge Proof (ZKP), Phala delivers flexible, open-source, and affordable verification solutions for any developer, in any type of program.

Key Innovations and Features:

• TEE Abstraction via Decentralized Key Management: Phala’s architecture abstracts diverse TEE hardware (Intel SGX/TDX, AMD SEV, NVIDIA CC) into a unified, virtualized compute layer. This is made possible through a decentralized Key Management System (KMS), eliminating central points of trust and enabling seamless, secure workload execution across varied hardware environments.
• Dstack: Developer Stack for Trusted Apps: A lightweight, open-source SDK that lets developers deploy Dockerized TEE applications in minutes. Dstack is fully vendor-agnostic and optimally designed for fast integration into existing Web2 and Web3 workflows, no rewrites, no hassle.
• AI-Native Verifiable Cloud: Optimized for AI workloads, Phala supports GPU-based TEEs and verifiable compute execution, ensuring that outputs are auditable, tamper-proof, and privacy-preserving. Ideal for AI agents, MEV protection, and ML inference engines.
• T16Z Philosophy: Composable Cryptographic Stack: Phala introduces the T16Z framework, a layered architecture combining Trusted Execution (TEE), ZKP, MPC, and blockchain game theory. This stack supports composable trust models for applications requiring dynamic security and privacy guarantees.
• DePIN: Decentralized Physical Infrastructure Network: Phala operates one of the world’s largest TEE-based DePINs, with 25,000+ secure nodes. It empowers a community-owned compute layer for AI and Web3, backed by real economic security (>$5M in computational value secured).

Developer Ecosystem and Tools

Phala offers a robust developer environment, including:

• Dstack (Developer Stack): One-click deployment of TEE containers. Supports Intel TDX, AMD SEV, and NVIDIA Confidential Computing.
• TEE-as-a-Service: Confidential and auditable computing environment. GPU/CPU abstraction across hardware vendors.
• Phala Cloud (DePIN): Decentralized infrastructure for AI-native and Web3 applications. Run inference engines, secure MEV relays, and confidential dApps.
• RA Explorer: View and verify remote attestation.

Network Security and Decentralization

Phala addresses core limitations of traditional TEEs, such as centralized attestation and vendor lock-in through:

• Blockchain-based Attestation: Eliminates dependence on Intel or AMD attestation authorities.
• Decentralized Key Management: Secure, self-sovereign key control across nodes.
• Open Enclave Updates: Hardware abstraction across SGX, TDX, SEV, and NVIDIA CC for resilience and flexibility.
• Verifiability at Scale: All computation is backed by cryptographic proofs and traceable onchain.

Secret Network

Secret Network is an L1 that integrates advanced encryption techniques and TEEs to ensure data privacy in dApps. Built using the Cosmos SDK and Tendermint consensus, it offers scalability and interoperability within the blockchain ecosystem. ​

Key Innovations and Features

• Secret Contracts: These smart contracts process encrypted inputs and outputs, maintaining data confidentiality throughout computation. This allows developers to create dApps with enhanced privacy features, catering to use cases that require secure data handling. ​
• Confidential Computing: By leveraging TEEs, Secret Network ensures that data is stored, processed, and protected in a trusted environment, inaccessible even to the nodes performing the computations. ​
• Interoperability: As part of the Cosmos ecosystem, Secret Network utilizes the Inter-Blockchain Communication (IBC) protocol, enabling seamless interaction with over 110 interconnected blockchains. ​

Recent Developments

• Secret AI: Expanding its capabilities, Secret Network has introduced Secret AI, a decentralized confidential computing solution that brings trusted AI to users who value their privacy. Built on the Secret Network, Secret AI leverages NVIDIA Confidential Computing with TEE capabilities to provide fully confidential AI interactions.
• Verifiable Agents Infrastructure: As announced in the 2025 roadmap, Secret is rolling out infrastructure for running arbitrary workloads (e.g. AI agents, MCP servers, etc.) inside confidential virtual machines.
• E2E Confidential Solution: Secret’s AI and Verifiable Agents infrastructure leverages the project’s battle-tested Confidential Computing blockchain to offer an end-to-end confidential solution. Secret’s blockchain is used for payments and provisioning of Confidential AI and Confidential VM services, protecting sensitive metadata about the users’ activities and financials.
• Partnerships: Secret Network has formed strategic partnerships to advance privacy-preserving AI agents. Key partnerships include Aethir, Eliza OS, Zekret and Kuvi.ai. For instance, collaborating with Project Zero, they aim to integrate confidential computing infrastructure with advanced data solutions, setting the foundation for secure, customizable, and private AI-driven economies.

Ecosystem and Community

Since its mainnet launch in September 2020, Secret Network has processed millions of transactions and fostered a vibrant ecosystem of dApps, such as Shade DeFi suite, Stashh NFT marketplace, and more. The platform's native coin, SCRT, is used for transaction fees, staking, and governance, playing a crucial role in network security and decision-making processes.

TEN

​TEN is a L2 rollup on Ethereum that leverages TEEs to provide confidential and scalable smart contract execution. By utilizing TEEs, TEN enables encrypted transactions and confidential computations, allowing developers to create dApps with enhanced privacy features. The platform maintains full compatibility with the Ethereum Virtual Machine (EVM), enabling seamless migration of existing Ethereum dApps without requiring modifications. Additionally, TEN addresses issues related to Maximal Extractable Value (MEV) by encrypting transaction data, thereby mitigating front-running and other exploitative behaviors.​

Background and Expertise

The team behind TEN has a proven track record in blockchain development, having previously built the Corda blockchain, which currently handles over $10 billion in onchain assets. Leveraging this experience, the founders have integrated TEE encryption technology from Corda into Ethereum, bringing decentralized confidential computing to one of the largest communities in Web3.​

Key Innovations and Features

TEN has introduced several novel features to the Ethereum ecosystem:

• Programmable Cryptography: As the first Ethereum L2 with programmable cryptography, TEN allows any Web2 application to transition seamlessly into the Web3 space, expanding the potential for decentralized applications.​
• TEE Rollups: By leveraging TEE rollups, TEN significantly broadens the design space of Web3 applications, enabling more complex and secure functionalities.​
• Incentivized Validator Network: TEN is the first L2 to share sequencer profits with its users through an incentivized validator network, promoting greater decentralization and community participation.​
• Gamified User Rewards: The platform introduces novel, proactive, gamified rewards to incentivize user engagement, enhancing the overall ecosystem's vibrancy.​

Use Cases and Applications

TEN's unique capabilities facilitate a wide range of applications:

• Autonomous AI Agents: TEN's infrastructure supports the deployment of autonomous AI agents within decentralized environments, enabling innovative interactions and functionalities.
• Smart Transparency: The platform introduces smart transparency, allowing for sophisticated access control mechanisms within smart contracts, thereby enhancing privacy and security.
• Onchain Gaming: TEN enables complex gaming scenarios, such as poker, to be conducted entirely onchain, ensuring fairness and transparency.
• Secure Token Launches: The platform facilitates the creation of unruggable launchpads, providing a secure environment for token launches and protecting investors from potential scams.

Zero-Knowledge Proof (ZKP) Based Projects

Zero-knowledge proofs (ZKPs) allow one party to prove the validity of a statement without revealing the underlying data. This makes ZKPs a foundational technology for privacy-preserving verification in decentralized systems. In the DeCC ecosystem, projects such as Penumbra, Aleph Zero, and Aleo are applying ZKPs to enable private transactions, encrypted state machines, and scalable confidential smart contracts.

Aleph Zero & Common

Aleph Zero is a L1 network that combines a Directed Acyclic Graph (DAG) architecture with its novel AlephBFT consensus protocol, achieving high scalability and near-instant transaction finality as well as an EVM-compatible L2. Common is a multichain privacy layer built on Aleph Zero that lets users hold, transfer, and earn yield on crypto assets without exposing their onchain activity. Built on ZKPs, it enables private interactions across EVM chains through a unified shielded pool architecture. Users access Common via a web app or mobile wallet, both designed to deliver a smooth, fintech-style experience while keeping assets private by default. Unlike many privacy-first platforms that require entirely new ecosystems, Common is designed to integrate privacy directly into the existing DeFi stack. By abstracting away the complexity of ZKPs, it makes privacy usable and composable within the tools and apps users already rely on.

Key Innovations and Features

• Aleph Zero Shielder Network: Privacy-preserving asset layer across multiple EVM chains, based on ZKPs, enabling private balances and transfers with shared anonymity sets.
• Optimized ZK Performance: Through heavily optimized zk-circuits, Common achieves state-of-the-art efficiency in client-side proof generation. This makes it the first platform to offer private asset management without compromising user experience. Proofs are fast enough to keep interactions smooth and responsive.
• Web App Interface: A browser-based interface compatible with most existing EVM wallets, making it easy for users to start using shielded pools without switching wallets or changing habits. It acts as a gateway to privacy with minimal onboarding friction.
• Common Mobile: A dedicated mobile wallet designed for maximum usability, offering a smooth, neobank-like experience while handling all shielded pool interactions under the hood. Assets are private by default, and the technical complexity of ZK and cross-chain privacy is fully abstracted away for the user.
• Shielded Yield: Private assets can earn yield via integrated DeFi strategies, no need to unshield or compromise privacy.
• Private dApp Interactions: Ephemeral accounts allow users to interact with apps like Uniswap or Aave without linking activity to their main wallet.
• Anonymity Revocation: A TEE-governed mechanism for revoking privacy in extreme cases, built-in compliance without compromising everyday user privacy but with the goal of preventing misuse by various bad actors in the space.

Common introduces a practical, composable privacy layer for DeFi, enabling confidential asset management, yield generation, and cross-chain interactions without sacrificing usability. By integrating optimized ZKP infrastructure with existing EVM tooling, it brings scalable privacy to mainstream crypto workflows without requiring new ecosystems or fragmented UX.

Aleo

Aleo is a privacy-centric L1 blockchain purpose-built for private and scalable decentralized applications using ZKPs. Unlike traditional blockchains that prioritize transparency, Aleo enables fully private computation, allowing developers to build applications where sensitive user data and logic remain confidential. It achieves this through a combination of its proprietary Coinbase Puzzle, AleoBFT consensus, and advanced ZK infrastructure, allowing validators to confirm transaction validity without revealing sender, receiver, or transaction value. Aleo is fully programmable on top of being private by default enabling developers to set what data is revealed and to whom.

Key Innovations and Features

• ZK-First Execution Model: Aleo enables programmable privacy using its Leo programming language, which compiles to ZK circuits. Developers can build private applications while maintaining verifiability.
• Private Transactions: Roughly 6.1% of all transactions in Q4 2024 were private, indicating real user demand for confidentiality in public blockchain environments.
• Resilient Network Growth: Despite a steep token price decline in Q4, Aleo saw a 10.6% increase in daily active addresses and a 34.4% rise in new addresses, showing strong underlying user adoption.
• Decentralized Application Ecosystem: Aleo supports a growing set of financial and non-financial applications, including Arcane Finance, Pondo, Puzzle, Verulink Bridge, and zPass.

Ecosystem and Developer Tools

• Infrastructure Support: Tools like Amareleo - an open source toolset for Leo developers, snarkOps from Monadic.us - a suite of tools that can be used to maintain network environments for Aleo's zero-knowledge decentralized operating system, snarkOS, and DokoJS from V23 - specialized library that provides a simplified CLI (Command Line Interface) for interacting with the Aleo blockchain, provide developers with everything they need to build privacy focused applications.
• Community-Led Governance: Aleo’s governance process includes ARC-721 (NFT standard), ARC-101 (validator criteria), and ARC-0042 (block rewards), all passed with high community approval rates.

Validator and Staking Landscape

• Staking Participation: Over 1.2 billion ALEO were staked at the end of Q4 2024, averaging $1.7 billion in value throughout the quarter.
• Validator Incentives: The protocol rewards both validators and ZK provers, creating a two-sided incentive model supporting privacy and security.

Penumbra

Penumbra is a L1 blockchain within the Cosmos ecosystem, enabling fully private, end-to-end encrypted transactions and DEX trading. All activity, including transfers, staking, and swaps, is shielded and remains confidential using zero-knowledge proofs. Penumbra’s wallet, Prax, runs an embedded ultralight node that generates these proofs locally on users' devices, keeping user data private. ​

Key Innovations and Features

• Fully Private Proof-of-Stake Network and DEX: Penumbra integrates privacy with proof-of-stake through a novel private delegation mechanism that provides staking derivatives, tax-efficient staking, and onchain governance with private voting.
• Inter-Blockchain Communication (IBC) Integration: By leveraging IBC, Penumbra connects to over 110 chains in the Cosmos ecosystem, acting as an ecosystem-wide shielded pool and allowing private transactions in any IBC-compatible asset or any EVM asset via IBC v2, Eureka.
• End-to-End Encrypted Transactions: All transactions and DEX actions are end-to-end encrypted, enabling users to transact, stake, swap, or market make without revealing any personal information. ​
• Anonymous Governance: Network governance is anonymous, with delegator votes being private and untraceable, while validator votes remain public for accountability.
  
• Default Privacy: Privacy is the default state in the network, not an optional add-on, ensuring comprehensive confidentiality for all users. ​
• Shielded Pool for IBC Ecosystem: Penumbra acts as a shielded pool for the entire IBC ecosystem, enhancing privacy across multiple chains.
• Advanced Trading Features: The platform offers concentrated liquidity, competitive fees for liquidity providers, and optimal prices for users.

Technological Developments

• Ultralight Nodes: Penumbra's ultralight nodes generate zero-knowledge proofs locally on users' devices, ensuring that privacy begins and ends on the user's device.
• Batch Execution: The Penumbra DEX implements an orderbook style AMM that enables efficient onchain routing and batch execution.
• Concentrated Liquidity: Liquidity positions are created anonymously on the DEX, allowing traders to approximate their desired trading function without revealing their individual beliefs about prices.

Decentralized Privacy Networks (DePIN + Private Data Routing) Projects

Decentralized Privacy Networks focus on protecting metadata and network-level information through private routing, relay networks, and infrastructure designed for confidentiality. These systems complement onchain privacy by addressing offchain communication and interaction layers. Projects like SilentSwap and Anyone Protocol are building network-level privacy solutions that enable anonymous transactions, censorship resistance, and private peer-to-peer communication.

Anyone Protocol

Anyone Protocol is a decentralized privacy network designed to provide secure and anonymous internet access to any user or application by routing traffic through a global network of community-operated relays using multi-hop encryption. This approach ensures that no single relay can trace user activity or access complete data, thereby enhancing privacy.

Key Innovations and Features

• Network-Level Privacy: Anyone focuses on protecting network metadata, including IP addresses and locations, by routing traffic through its decentralized network. This ensures that applications can safeguard user information effectively. ​
• Developer Tools: The protocol offers tools for developers, such as the Anyone Software Development Kit (SDK), enabling seamless integration of privacy features into applications. This facilitates the adoption of decentralized confidential computing solutions.
• Interoperability: Anyone is highly compatible with projects utilizing Trusted Execution Environments (TEEs), Fully Homomorphic Encryption (FHE), and Multi-Party Computation (MPC). By protecting transaction and remote procedure call (RPC) data, it creates comprehensive anonymity both on and off-chain.
• AI Privacy: With the growth of AI, Anyone enhances the privacy of AI-enabled applications, preventing single entities from profiling users based on their or their AI agents' requests. ​

Incentive Mechanism

The protocol incentivizes participants to operate relays by rewarding them with ANYONE tokens, fostering network growth and resilience. The token drives the economic security of the network, staked to relays to protect it from singular adversaries.

Through these features, Anyone Protocol aims to establish a decentralized, highly performant privacy-centric internet infrastructure that empowers users and developers alike.

SilentSwap

SilentSwap is a privacy-preserving swap aggregation service designed for permissionless, non-custodial asset transfers across chains. It integrates advanced cryptographic techniques with a novel routing architecture that leverages existing DeFi infrastructure to enhance user privacy without compromising usability, compatibility, or security.

Key Innovations and Features:

1. Uses Existing Infrastructure

SilentSwap does not deploy its own smart contracts or bridges. Instead, it routes swaps through established decentralized infrastructure — including well-known bridges and liquidity aggregators. This architecture enables:

• Non-custodial asset control
  
• Inherited decentralization and security from underlying protocols
  
• Enhanced privacy by embedding user activity within standard DeFi transaction flows

By avoiding custom onchain infrastructure, SilentSwap minimizes its attack surface and avoids creating new points of failure.

2. Cross-Chain Compatibility

SilentSwap supports all major EVM-compatible chains and is expanding to include Solana, SUI, TRON, and native Bitcoin. The system allows:

• Initiating swaps on one chain and receiving outputs on one or more different chains
  
• Splitting outputs across chains to increase obfuscation and transaction unlinkability

3. Minimal On-Chain Footprint

All swaps occur via standard token transfer and bridge transactions, making them indistinguishable from typical DeFi activity. This obfuscation approach ensures:

• Lower traceability
  
• Plausible deniability through alignment with everyday onchain volume
  
• Stronger privacy via the base-layer characteristics of each integrated chain

SilentSwap’s privacy model is built around default obfuscation while remaining aligned with regulatory standards, including OFAC compliance. Rather than relying on peer-to-peer mechanisms, it uses stealth addressing, cryptographic routing, and standard transaction pathways to deliver practical privacy without custom infrastructure. This makes SilentSwap particularly useful for a range of privacy-aware workflows, such as discreet company payroll operations, private position management for whales, funds, and DAOs, anonymous on-chain portfolio rebalancing, arbitrage or market-making strategies resistant to front-running, and transaction obfuscation for treasuries or entities operating under sensitive regulatory conditions.

Closing Summary

Decentralized Confidential Computing (DeCC) represents a foundational shift in how sensitive data is handled in decentralized systems. While early blockchain infrastructure prioritized transparency and auditability, this came at the expense of privacy, limiting the scope of applications that could be built. DeCC addresses that limitation by enabling encrypted computation, allowing private logic, inputs, and data to remain protected even in trustless public environments.

The technologies that make this possible include Zero Knowledge Proofs, Multi Party Computation, Garbled Circuits, Fully Homomorphic Encryption, and Trusted Execution Environments. Each offers unique tradeoffs in performance, trust, scalability, and composability. In practice, these tools are not used in isolation. They are increasingly combined to deliver privacy-preserving applications that meet the demands of decentralized finance, decentralized identity, AI model training, and cross-domain collaboration.

With over $1 billion in capital allocated to projects in this space, the momentum behind DeCC is no longer speculative. Across cryptographic primitives, secure hardware, and protocol infrastructure, teams are moving beyond theoretical capabilities to real world deployments. As adoption grows, DeCC is positioned to become a standard layer of the decentralized technology stack, enabling a broader class of secure, trust minimized applications that were previously not possible on public infrastructure.