Enterprise Ethereum finally has a privacy manual

The Enterprise Ethereum Alliance has released the first edition of its Privacy Working Group Report: State of Privacy on Ethereum for Business.

This is the result of three months of cross-institutional collaboration between seven EEA member organizations and represents a significant milestone in enterprise adoption of blockchain.

Ask any CIO at a bank, insurance company, or corporate treasury what’s stopping them from putting real assets on a public blockchain, and the answer is almost always the same: privacy.

Ethereum’s transparency – the property that makes it trustworthy – is also what makes it incompatible with corporate privacy requirements. Transaction amounts are public. The identities of the counterparties are traceable. The logic of smart contracts can be reverse-engineered by competitors. None of this is acceptable to institutions operating under MiCA, GDPR, or basic competitive privacy requirements.

The technology to solve this problem exists. But so far there is no unified, independent view of what is available, how it works and how to choose.

The report features seven solutions from EEA member organizations, each assessed against a standardized framework of eight enterprise requirements: transaction privacy, balance privacy, smart contract privacy, regulatory compliance, selective disclosure, mainnet regulation, technology stack and trust model.

The participating organizations and their solutions are:

• Applied Blockchain: Silent Data – a TEE-based solution for off-chain data verification with on-chain attestation, currently in production.
• Consensys: Linea Enterprise – a ZK+TEE enterprise hybrid on an Ethereum L2, with active enterprise pilot programs.
• COTI: Garbled Circuits approach to secure computation on encrypted inputs without exposing the data to anyone, currently in production with companies and manufacturers.
• EY: Nightfall – a public domain ZK-ZK rollup for confidential token transfers, with active integration drivers.
• Kaleido: Paladin — a modular privacy framework for EVM-based applications, enabling programmable, privacy-preserving workflows in enterprise environments.
• Polygon: Polygon CDK Enterprise – a customizable enterprise channel framework with privacy based on ZK, actively in development.
• ZKsync / Matter Labs: Prividium – an enterprise privacy layer on top of ZKsync using Zero-Knowledge Proofs, in pilot.

One of the most concrete contributions of the report is its taxonomy of the trust model. Before choosing a privacy solution, an institution must understand what it ultimately trusts:

Cryptographic trust (ZK, GC, MPC): calculations are publicly verifiable. No need to trust an operator. Hardware-Anchored Trust (TEE): Trust is placed in secure processor enclaves and remote attestation from hardware manufacturers. Organizational trust (FHE coprocessors): A majority of coprocessor operators must behave honestly.

Each model has different risk profiles, regulatory implications and implementation complexity. The report provides guidance for navigating this decision.

This is version 1 of a series of recurring reports. Future editions will incorporate independent benchmarking, new entrant profiles and deployment post-mortem analyzes from real enterprise use cases. The EEA Privacy Working Group will continue to serve as a neutral coordination point for enterprise privacy on Ethereum.

Organizations interested in contributing their solutions to future editions or joining the working group are encouraged to contact the team at (email protected).

It is designed for CIOs, compliance officers, and digital asset managers who need to evaluate options and ask the right questions. Single standalone file, no login required.