The Enterprise Ethereum Alliance has published the first edition of its Privacy Working Group report: State of Privacy on Ethereum for Enterprise.
This is the result of three months of cross-institutional collaboration between seven EEA member organizations, and it represents a milestone for enterprise blockchain adoption.
The Problem We Set Out to Solve
Ask any CIO at a bank, insurance firm, or corporate treasury what keeps them from putting real assets on a public blockchain, and the answer is almost always the same: privacy.
Ethereum’s transparency — the property that makes it trustworthy — is also what makes it incompatible with enterprise confidentiality requirements. Transaction amounts are public. Counterparty identities are traceable. Smart contract logic can be reverse-engineered by competitors. None of that is acceptable for institutions operating under MiCA, GDPR, or basic competitive confidentiality requirements.
The technology to solve this exists. But until now, there has been no unified, independent view of what is available, how it works, and how to choose.
What the Report Contains
The report profiles seven solutions from EEA member organizations, each assessed against a standardized framework of eight enterprise requirements: transaction privacy, balance privacy, smart contract privacy, regulatory compliance, selective disclosure, mainnet settlement, technology stack, and trust model.
The participating organizations and their solutions are:
- Applied Blockchain: Silent Data — a TEE-based solution for off-chain data verification with on-chain attestation, currently in production.
- Consensys: Linea Enterprise — an enterprise ZK+TEE hybrid on an Ethereum L2, with active enterprise pilot programs.
- COTI: Garbled Circuits approach to secure computation over encrypted inputs without exposing data to any party, currently in production with enterprises and builders.
- EY: Nightfall — a public-domain ZK-ZK rollup for confidential token transfers, with active integration pilots.
- Kaleido: Paladin — a Modular Privacy framework for EVM-based applications, enabling programmable and privacy-preserving workflows across enterprise environments.
- Polygon: Polygon CDK Enterprise — a customizable enterprise chain framework with ZK-based privacy, actively in development.
- ZKsync / Matter Labs: Prividium — an enterprise privacy layer on ZKsync using Zero-Knowledge Proofs, in pilot.
The Framework: Three Trust Models
One of the report’s most actionable contributions is its trust model taxonomy. Before choosing a privacy solution, an institution must understand what it is ultimately trusting:
Cryptographic trust (ZK, GC, MPC): The math is publicly verifiable. No need to trust any operator. Hardware-anchored trust (TEE): Trust is placed in secure processor enclaves and remote attestation from hardware manufacturers. Organizational trust (FHE co-processors): A majority of co-processor operators must behave honestly.
Each model has different risk profiles, regulatory implications, and implementation complexity. The report provides guidance for navigating this decision.
What Comes Next
This is Version 1 of a recurring report series. Future editions will incorporate independent benchmarking, profiles of new entrants, and deployment post-mortems from live enterprise use cases. The EEA Privacy Working Group will continue to serve as the neutral coordination point for enterprise privacy on Ethereum.
Organizations interested in contributing their solutions to future editions or joining the working group are encouraged to contact the team at [email protected].
Read the Report
The full report is available at: https://entethalliance.github.io/wg-privacy/
It is designed for CIOs, compliance officers, and digital asset leads who need to evaluate options and ask the right questions. Single self-contained file, no login required.
