History of Privacy Development in the Crypto Sphere

Every major technological wave starts with specialized or single-user groups, then evolves into general-purpose or multi-user systems.

Early computers handled one task at a time—codebreaking, census processing, or ballistic calculations. Only much later did they become shareable, programmable machines.

The internet began as a small, peer-to-peer research network (ARPANET) and grew into a global platform, enabling millions to collaborate in a shared state.

Artificial intelligence followed a similar path: initial systems were narrow expert models built for specific domains (chess engines, recommendation systems, spam filters). Over time, they evolved into general-purpose models, capable of cross-domain work, fine-tuning for new tasks, and serving as shared foundations for new applications.

Technology consistently starts in a narrow or single-user mode, designed for one purpose or person, and only later expands to multi-user capability.

That’s exactly where privacy technology stands today. Crypto privacy technologies have never truly broken out of the “narrow” and “single-user” paradigm.

Until now.

Summary:

• Privacy technology has mirrored the evolution of computing, the internet, and AI: initially specialized and single-user, then general-purpose and multi-user.
• Crypto privacy has long been confined to a narrow, single-user mode because early tools couldn’t support shared state.
• Privacy 1.0 offered limited, single-user privacy—no shared state, mainly relying on zero-knowledge proofs, with client-side proof generation and custom circuit development, resulting in a challenging experience for developers.
• Early privacy innovations began with Bitcoin’s CoinJoin in 2013, followed by Monero in 2014, Zcash in 2016, and Ethereum tools like Tornado Cash (2019) and Railgun (2021).
• Most Privacy 1.0 tools depend on client-side zero-knowledge proofs, which has led to confusion between “zero-knowledge for privacy” and “zero-knowledge for verification,” even though many modern “zero-knowledge” systems are designed for verification, not privacy.
• Privacy 2.0 enables encrypted shared-state, multi-user privacy based on multi-party computation or fully homomorphic encryption, allowing users to collaborate privately in the same way they do on Ethereum and Solana’s public shared states.
• Encrypted shared state means the crypto industry now has general-purpose encrypted computing, unlocking new design spaces: dark pools, private liquidity pools, private lending, blind auctions, confidential tokens, and innovative markets—even on existing transparent chains.
• Bitcoin introduced public isolated state; Ethereum brought public shared state; Zcash delivered encrypted isolated state; Privacy 2.0 completes the puzzle with encrypted shared state.
• Arcium is developing this encrypted computer, with an architecture similar to proof networks like Succinct, but using multi-party computation instead of zero-knowledge proofs. Its Arcis tool compiles Rust into multi-party computation programs, enabling multi-user encrypted computation.
• Emerging Privacy 2.0 applications include: Umbra using Arcium for confidential balances and private exchanges in privacy pools, Pythia’s private opportunity markets, and Melee’s upcoming opinion markets with private odds and adjudication.

To understand how we got here—and why encrypted shared state is so critical—we must look back to the origins of privacy technology.

Privacy 1.0

The first wave of crypto privacy began here.

Mixers, private liquidity pools, and privacy coins finally gave users transactional privacy. Some applications later faced legal challenges, sparking debates about whether—and how—privacy tools should address illicit activity.

Privacy 1.0 launched the single-user privacy model. Coordination was possible, but dynamic collaboration—like on programmable blockchains—was out of reach, limiting privacy’s expressive power.

Key features of Privacy 1.0:

• No shared state—privacy remained in “single-user mode” with limited scope
• Relied primarily on zero-knowledge proof technology
• Client-side zero-knowledge proofs offered maximum privacy but slowed down complex applications
• Developer experience was challenging, requiring custom circuit design for privacy applications

Crypto privacy actually first appeared on Bitcoin, years before advanced cryptographic techniques like zero-knowledge proofs entered the space. Early Bitcoin privacy wasn’t truly “cryptographic privacy,” but rather clever coordination techniques to break deterministic associations on public ledgers.

The earliest example was CoinJoin in 2013, where users merged transaction inputs and outputs to obscure payment relationships. It involved minimal cryptography but introduced transaction-level privacy.

Subsequent solutions like CoinShuffle (2014), JoinMarket (2015), TumbleBit (2016), Wasabi (2018), and Whirlpool (2018) all used mixing processes to make Bitcoin harder to trace. Some added incentives, others layered encryption or improved the user experience.

None of these provided strong cryptographic privacy. They blurred associations but didn’t offer the mathematical guarantees and trustless privacy that later zero-knowledge proof systems delivered. Instead, they relied on coordination, heuristics, and mixing randomness—not formal anonymity proofs.

Privacy Cryptocurrencies

Monero launched in 2014, marking the first serious attempt to build a fully private blockchain for private transactions, rather than as an add-on privacy tool for transparent blockchains. Its model uses probabilistic privacy through ring signatures, mixing real inputs with 16 decoy signatures in every transaction. In practice, this can be weakened by statistical attacks like MAP decoders or network-layer attacks, reducing effective anonymity. Future upgrades like FCMP aim to expand the anonymity set to the entire chain.

Zcash launched in 2016, taking a very different approach from Monero. It doesn’t rely on probabilistic privacy but was designed from the ground up as a zero-knowledge proof token. Zcash introduced a zk-SNARK-powered privacy pool, providing cryptographic privacy rather than hiding among decoy signatures. When used correctly, Zcash transactions reveal no sender, receiver, or amount, and anonymity increases with every transaction in the privacy pool.

Programmable Privacy on Ethereum

Tornado Cash (2019)

Tornado Cash launched in 2019, bringing programmable privacy to Ethereum for the first time. Although limited to private transfers, users could deposit assets into smart contract mixers and later withdraw using zero-knowledge proofs, achieving true privacy on a transparent ledger. Tornado was widely used legally, but after significant DPRK laundering activity, it faced serious legal challenges. This highlighted the need to exclude illicit actors to maintain pool integrity—a measure now common in modern privacy applications.

Railgun (2021)

Railgun launched a bit later in 2021, aiming to push Ethereum privacy beyond simple mixing to enable private DeFi interactions. It not only mixes deposits and withdrawals, but also allows users to interact privately with smart contracts using zero-knowledge proofs, hiding balances, transfers, and on-chain actions while still settling on Ethereum. This was a major step forward from the Tornado model, providing ongoing private state within smart contracts instead of a simple mix-withdraw cycle. Railgun remains active and has seen adoption in certain DeFi circles. It’s still one of Ethereum’s most ambitious programmable privacy projects, though user experience is a major challenge.

Before continuing, it’s essential to clarify a widespread misconception. As zero-knowledge proof systems have proliferated, many assume anything labeled “zero-knowledge” implies privacy. That’s not accurate. Most technologies branded “zero-knowledge” today are validity proofs, powerful for scaling and verification but offering no privacy.

This disconnect between marketing and reality has led to years of confusion, with “zero-knowledge for privacy” and “zero-knowledge for verification” being conflated—though they solve entirely different problems.

Privacy 2.0

Privacy 2.0 is multi-user privacy. Users can now collaborate privately, just as they do on programmable blockchains.

Key features of Privacy 2.0:

• Encrypted shared state—privacy enters “multi-user mode”
• Built on multi-party computation and fully homomorphic encryption
• Privacy trust assumptions depend on multi-party computation. Fully homomorphic encryption shares the same assumptions, since threshold decryption of encrypted shared state requires multi-party computation
• Circuits are abstracted—developers no longer need to write custom circuits unless necessary

This is made possible by encrypted computers, allowing multiple parties to collaborate on encrypted state. Multi-party computation and fully homomorphic encryption are the core foundational technologies, both enabling computation on encrypted data.

What Does This Mean?

The shared-state model powering Ethereum and Solana can now exist under privacy conditions. This isn’t just a one-off private transaction or a tool for private proofs—it’s a general-purpose encrypted computer.

This unlocks entirely new design space for crypto. To understand why, it’s worth reviewing how state has evolved in the crypto world:

• Bitcoin brought public isolated state
• Ethereum introduced public shared state
• Zcash delivered encrypted isolated state

Encrypted shared state has always been missing.

Privacy 2.0 fills this gap. It’s driving new economies, new applications, and unprecedented innovation. In my view, it’s the most significant breakthrough in crypto since smart contracts and oracles.

Arcium is building this technology.

Its architecture is similar to proof networks like Succinct or Boundless, but instead of using zero-knowledge proofs for execution verification, it uses multi-party computation for encrypted data processing.

Unlike SP1 or RISC Zero, which compile Rust into zero-knowledge proof programs, Arcium’s Arcis compiles Rust into multi-party computation programs. In simple terms, it’s an encrypted computer.

Another analogy: “Chainlink for privacy.”

Privacy Across Chains and Assets

Arcium is blockchain-agnostic, able to connect to any existing blockchain and enable encrypted shared state on transparent chains like Ethereum and Solana. Users can gain privacy without leaving their familiar ecosystems. It will launch first on Solana, with the mainnet Alpha version releasing this month.

Zcash and Monero embed privacy within their own currencies. While effective, this creates a separate currency world with independent volatility. Arcium takes an asset-agnostic approach, adding privacy to users’ existing assets. The trade-offs are different, but the flexibility is valuable for users.

With this approach, almost any privacy use case can run on encrypted computation.

Arcium’s impact goes beyond crypto. It’s not a blockchain—it’s an encrypted computer. The same engine is clearly applicable to traditional industries.

From Zero to One: Applications and Capabilities

Encrypted shared state creates unprecedented design space for crypto. As a result, the following applications have emerged:

@ UmbraPrivacy: Solana privacy pool. Umbra leverages Arcium to deliver features Railgun can’t—confidential balances and private exchanges, with transfers handled via zero-knowledge proofs. It offers much more than simple private transfers under minimal trust assumptions, and provides a unified privacy pool SDK that any project can integrate for Solana transaction privacy.

@ PythiaMarkets: Opportunity markets with private windows for sponsors. This new class of information market allows scouts to bet on underdeveloped opportunities, while sponsors discover information without leaking alpha.

@ MeleeMarkets: Prediction markets with bonding curves. Similar to Pumpfun, but for prediction markets. Early entry means better prices. Opinion markets are in development, allowing users to express views genuinely, keep odds private, and handle adjudication privately—addressing groupthink and oracle manipulation issues. Arcium will provide the privacy required for opinion markets and confidential adjudication.

Dark pools: Projects like @ EllisiumLabs, @ deepmatch_enc, and Arcium’s dark pool demo use encrypted shared state for private trading, preventing front-running and quote disappearance, ensuring best execution prices.

On-chain gaming: Arcium enables hidden states and CSPRNG random numbers within encrypted shared state, restoring secrecy and fair randomness. Strategy games, card games, fog-of-war, RPGs, and bluffing games can now operate on-chain. Multiple games are already live on Arcium.

Private perpetuals, private lending, blind auctions, encrypted machine learning predictions, and collaborative AI training are also exciting future use cases.

Beyond these examples, nearly any privacy-centric product can be built. Arcium gives developers full customization through a general-purpose encrypted execution engine, and Umbra now offers an SDK for Solana transfers and exchanges. Together, they make privacy on Solana straightforward for both complex systems and simple integrations.

Confidential SPL: Solana’s New Privacy Token Standard

Arcium is also developing C-SPL, a confidential token standard for Solana. It solves previous Solana “Privacy 1.0” token privacy standard challenges: difficult integration, limited functionality, and incompatibility with on-chain programs. C-SPL improves on these, removing friction that hindered privacy token adoption.

Privacy tokens now integrate easily into any application, without added user burden.

By combining SPL Token, Token-2022, privacy transfer extensions, and Arcium’s encrypted computation, C-SPL provides a practical, fully composable standard for Solana confidential tokens.

Conclusion

We’re still at the early stage of this evolution, and the field is broader than any single approach. Zcash and Monero continue to address important challenges in their domains, and early privacy tools have proven what’s possible. Encrypted shared state enables multi-user private operations in the same state without leaving existing ecosystems, solving a completely different set of problems. It fills a gap—it doesn’t replace the past.

Privacy is shifting from an optional specialist feature to a core element of application development. It no longer requires new currencies, new chains, or new economic systems—it simply expands what developers can build. The last era established public shared state as the foundation; the next era will extend this with encrypted shared state, adding the missing layer.

Statement:

1. This article is reprinted from [Foresight News], with copyright belonging to the original author [milian]. If you have objections to this reprint, please contact the Gate Learn team, and we will process your request promptly according to relevant procedures.
2. Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute investment advice.
3. Other language versions of this article are translated by the Gate Learn team. Unless Gate is mentioned, do not copy, distribute, or plagiarize the translated article.