Written by: milian
Compiled by: AididiaoJP, Foresight News
Original title: The History of Privacy Development in the Crypto World
Every major technological wave begins with a specialized or single group of technologies before evolving into a general or multi-group technology.
Early computers did only one thing at a time: cracking passwords, processing censuses, and calculating ballistic trajectories. It was only much later that they became shareable, programmable machines.
The Internet started as a small peer-to-peer research network (ARPANET) before evolving into a global platform that allows millions of people to collaborate in a shared environment.
Artificial intelligence follows the same path: early systems were narrow expert models built for a single domain (chess engines, recommendation systems, spam filters), which later evolved into general models that can work across domains, be fine-tuned for new tasks, and become a shared foundation for others to build applications.
Technology always begins in a narrow or single-user mode, designed for one or one user, before expanding to a multi-user mode.
This is precisely where privacy technology stands today. Privacy technologies in the crypto world have never truly escaped the confines of "narrow" and "single-user" thinking.
Until now.
summary:
Privacy technologies follow the same development trajectory as computing, the internet, and artificial intelligence: dedicated to a single system and then general-purpose and multi-user.
Encrypted privacy has been confined to a narrow single-user model because early tools could not support shared state.
Privacy 1.0 is a single-user privacy with limited expressive power: there is no shared state, it mainly relies on zero-knowledge proofs, the client generates the proofs, developers need to write custom circuits, and the experience is difficult.
Early privacy initiatives began with Bitcoin's CoinJoin in 2013, followed by Monero in 2014, Zcash in 2016, and later Ethereum tools such as Tornado Cash (2019) and Railgun (2021).
Most privacy 1.0 tools rely on client-side zero-knowledge proofs, leading to confusion between "zero-knowledge proofs for privacy" and "zero-knowledge proofs for verification," even though many "zero-knowledge" systems today are designed for verification rather than privacy.
Privacy 2.0 is based on encrypted shared state multi-user privacy using multi-party computation or fully homomorphic encryption, allowing users to collaborate privately as they would on public shared state in Ethereum and Solana.
Encrypted shared state means that the crypto world finally has a universal encrypted computer, opening up entirely new design space: dark pools, privacy fund pools, private lending, blind auctions, confidential tokens, and new creative marketplaces, which can even be implemented on existing transparent chains.
Bitcoin brought about a public state of segregation; Ethereum brought about a public state of shared resources; Zcash brought about a cryptographic state of segregation; Privacy 2.0 fills the final piece of the puzzle: a cryptographic state of shared resources.
Arcium is building such a cryptographic computer, with an architecture similar to proof networks like Succinct, but using multi-party computation instead of zero-knowledge proofs. Its Arcis tool compiles Rust into a multi-party computation program to enable multi-user cryptographic computation.
Emerging applications based on Privacy 2.0 include: Umbra's privacy pool for confidential balances and exchanges using Arcium, Pythia's private opportunity marketplace, and Melee's upcoming opinion marketplace for private odds and rulings.
To understand how we got to where we are today, and why encrypted sharing of state is so important, we need to start with the origins of privacy technologies.
Privacy 1.0
The first storm of encrypted privacy has begun here.
Users finally gained transaction privacy through mixers, privacy pools, and privacy cryptocurrencies. Later, some applications faced legal issues, sparking debate about whether and how privacy tools should handle illegal activities.
Privacy 1.0 enables a single-user privacy mode. People can coordinate, but they cannot collaborate dynamically as they would on a programmable blockchain, limiting the expressive power of privacy.
Key features of Privacy 1.0:
Without sharing, privacy is in "single-user mode," limiting the scope of application.
Primarily relies on zero-knowledge proof technology
Client-side zero-knowledge proofs offer the highest privacy, but are slow for complex applications.
The developer experience is challenging, requiring the development of custom circuits to build privacy applications.
Cryptographic privacy actually originated in Bitcoin, predating advanced cryptographic techniques like zero-knowledge proofs in the cryptographic field by many years. Early Bitcoin privacy wasn't true "cryptographic privacy," but rather a cleverly coordinated technique aimed at breaking the deterministic associations of the public ledger.
The earliest example is CoinJoin in 2013, where users merge transaction inputs and outputs to obfuscate payment relationships. It uses almost no cryptography but introduces privacy at the transaction level.
Subsequently, applications such as CoinShuffle (2014), JoinMarket (2015), TumbleBit (2016), Wasabi (2018), and Whirlpool (2018) emerged, all based on the coin mixing process to make Bitcoin more difficult to trace. Some added incentives, while others added layered encryption or improved the user experience.
None of these provide strong cryptographic privacy. They obscure the connections but do not offer the mathematical guarantees and trustless privacy provided by later zero-knowledge proof systems. They rely on coordination, heuristics, and coin mixing randomness rather than formal proofs of anonymity.
Privacy Cryptocurrency
Monero, launched in 2014, was the first serious attempt to build a fully private blockchain for private transactions, rather than as an additional privacy tool to a transparent blockchain. Its model is based on probabilistic privacy using ring signatures, where each transaction by default mixes the real input with 16 decoy signatures. In practice, this setup can be weakened by statistical attacks such as MAP decoders or network layer attacks, reducing effective anonymity. Future upgrades like FCMP aim to extend the anonymity set to the entire chain.
Launched in 2016, Zcash took a radically different path from Monero. Instead of relying on probabilistic privacy, it was designed from the outset as a zero-knowledge proof token. It introduced a privacy pool powered by zk-SNARKs, providing users with cryptographic privacy rather than hiding it within booby signatures. When used correctly, Zcash transactions do not reveal sender, receiver, or amount information, and anonymity is enhanced with each transaction in the privacy pool.
The emergence of Ethereum programmable privacy
Tornado Cash (2019)
Launched in 2019, Tornado Cash enabled programmable privacy on Ethereum for the first time. While limited to private transfers, it allowed users to, for the first time, achieve true privacy on a transparent ledger by depositing assets into a smart contract mixer and then withdrawing them using zero-knowledge proofs. Tornado was widely used legally, but became embroiled in serious legal disputes after numerous DPRK money laundering activities were conducted through it. This highlighted the necessity of excluding illicit actors to maintain the integrity of the liquidity pool, a measure already implemented in many modern privacy applications.
Railgun (2021)
Railgun emerged late 2021, aiming to push Ethereum privacy beyond simple coin mixing to enable private DeFi interactions. It not only mixes deposits and withdrawals but also allows users to interact privately with smart contracts using zero-knowledge proofs, hiding balances, transfers, and on-chain operations while still settling on Ethereum. This is a significant step forward from the Tornado model, providing persistent private state within smart contracts rather than a simple mix-and-withdraw cycle. Railgun remains active and has gained adoption in some DeFi circles. It remains one of the most ambitious attempts at programmable privacy on Ethereum, although user experience is a major hurdle.
Before proceeding, it's necessary to clarify a common misconception. With the widespread adoption of zero-knowledge proof systems, many people believe that being labeled "zero-knowledge" equates to privacy. However, this is incorrect. Most technologies currently marketed as "zero-knowledge" are actually proofs of validity; while extremely powerful for expansion and verification, they offer absolutely no privacy.
The disconnect between marketing and reality has led to years of misunderstanding, with "zero-knowledge proofs for privacy" and "zero-knowledge proofs for verification" being conflated, even though they address completely different problems.
Privacy 2.0
Privacy 2.0 is multi-user privacy. Users no longer act alone, but can collaborate privately as if they were collaborating on a programmable blockchain.
Key features of Privacy 2.0:
Encrypted sharing mode; privacy enters "multi-user mode".
Based on multi-party computation and fully homomorphic encryption
The trust assumption regarding privacy depends on multi-party computation. Fully homomorphic encryption, which shares the same state, requires multi-party computation to decrypt the encrypted shared state.
The circuitry is abstracted, eliminating the need for developers to write custom circuits (unless required).
This is achieved through encrypted computing, allowing multiple people to collaborate in an encrypted state. Multi-party computation and fully homomorphic encryption are the core underlying technologies—both support computation on encrypted data.
what does that mean?
The shared state model that drives Ethereum and Solana can now exist under privacy conditions. This is not a single private transaction, nor is it a tool that can only prove something privately; rather, it is a general-purpose cryptographic computer.
It unlocked entirely new design possibilities in the crypto space. To understand why, we need to look back at the evolution of the state of the crypto world:
Bitcoin brought about a state of public segregation.
Ethereum brings public shared state
Zcash brings cryptographic isolation state
What has always been missing is the encrypted shared state.
Privacy 2.0 fills this gap. It spawns a new economy, new applications, and unprecedented new fields. In my view, this is the most significant breakthrough in the crypto space since smart contracts and oracles.
Arcium is building this type of technology.
Its architecture is similar to proof networks such as Succinct or Boundless, but it does not use zero-knowledge proofs to verify execution. Instead, it uses multi-party computation to perform encrypted data computation.
Unlike SP1 or RISC Zero, which compile Rust into zero-knowledge proof programs, Arcium has Arcis, which compiles Rust into multi-party computation programs. Simply put, it's an encrypted computer.
Another analogy is "Chainlink in the privacy field".
Privacy unrelated to blockchain and assets
Arcium is designed to be blockchain-agnostic, connecting to any existing blockchain and enabling encrypted state sharing on transparent chains like Ethereum and Solana. Users can maintain privacy without leaving their familiar ecosystem. It will first launch on Solana, with the mainnet Alpha version releasing this month.
Zcash and Monero embed privacy into their currencies. This is effective, but it also creates a world of currencies with independent volatility. Arcium takes an asset-agnostic approach, adding privacy to users' existing assets. The approach and trade-offs differ, but flexibility is important to users.
Therefore, virtually any use case that requires privacy can run on encrypted computing.
Arcium's impact extends beyond the crypto sphere. It's not a blockchain, but a cryptographic computer. The same engine also has clear applications in traditional industries.
Applications and Functions from Zero to One
Encrypted shared state has brought unprecedented design freedom to the crypto world, leading to the following applications:
@UmbraPrivacy: Solana Privacy Pools. Umbra uses Arcium to achieve functionality that Railgun cannot, supporting confidential balances and private exchanges, while processing transfers with zero-knowledge proofs. It provides far more than simple private transfers under minimal trust assumptions and offers a unified privacy pool SDK that any project can integrate to implement Solana transaction privacy.
@PythiaMarkets: An opportunity market that provides sponsors with a private window. A new information market where scouts bet on underdeveloped opportunities, and sponsors discover information without revealing alpha.
@MeleeMarkets: Prediction markets with binding curves. Similar to Pumpfun, but designed for prediction markets. The earlier you enter, the better the price. We will develop opinion markets where users can genuinely express their opinions, odds remain private, and rulings are conducted privately, addressing issues of herd collapse and oracle manipulation. Arcium will provide the necessary privacy for opinion markets and private rulings.
Dark pools: Projects such as @EllisiumLabs, @deepmatch_enc, and Arcium Dark Pool Demos use encrypted shared state to achieve private transactions, avoiding front-running and disappearing quotes, and obtaining the best execution price.
On-chain gaming: Arcium restores confidentiality and fair randomness by running hidden states and CSPRNG random numbers within an encrypted shared state. Strategy games, card games, fog of war, RPGs, and bluffing games can finally run on-chain. Several games are already available on Arcium.
Private perpetual contracts, private lending, blind auctions, encrypted machine learning predictions, and collaborative AI training are also exciting future use cases.
Beyond these examples, virtually any product requiring privacy can be built upon. Arcium offers developers complete customization capabilities through its universal cryptographic execution engine, and Umbra now also provides an SDK for Solana transfers and exchanges. The combination of these two makes implementing privacy on Solana straightforward for both complex systems and simple integrations.
Confidential SPL: Solana's New Privacy Token Standard
Arcium also developed C-SPL, the Solana Privacy Token Standard. It addresses the pain points of the previous Solana "Privacy 1.0" token privacy standard: integration difficulties, limited functionality, and inaccessibility to on-chain programs. C-SPL improves upon this, eliminating friction that hinders the widespread adoption of privacy tokens.
This makes privacy tokens easy to integrate into any application without increasing the burden on users.
By integrating SPL Token, Token-2022, privacy transfer extensions, and Arcium cryptographic computing, C-SPL provides a practical and fully composable standard for Solana confidential tokens.
Conclusion
We are still in the early stages of this wave of development, and the scope is broader than any single approach. Zcash and Monero continue to address important issues in their respective domains, and early privacy tools have demonstrated their potential. Cryptographic shared state addresses a completely different dimension by allowing multiple users to operate privately within the same state without leaving the existing ecosystem. It fills a gap, rather than replacing the past.
Privacy is gradually shifting from an optional professional feature to a core element of application building. It no longer requires new currencies, new blockchains, or new economic systems, but simply expands the scope of developers' capabilities. The previous era established a foundation of public shared state; the next era will extend this foundation through encrypted shared state, adding a previously missing layer.
Twitter: https://twitter.com/BitpushNewsCN
BitPush Telegram Community Group: https://t.me/BitPushCommunity
Subscribe to Bitpush Telegram: https://t.me/bitpush
