Blockchains are built as public networks in the best tradition of open source technology. But their future is private. And that future is coming faster than most people realize.
This month, Tempo – the Stripe-backed payments blockchain that raised $500 million at a $5 billion valuation with the likes of Visa, Mastercard, Paradigm and UBS – published a detailed architectural proposal for stablecoin transactions with private companies. Tempo is not a sloppy privacy-native project. It is perhaps the most institutionally recognized blockchain launch in years, built by people who deeply understand what banks, payment processors and businesses really need. When a network with that background makes privacy a priority during launch week, that’s not a signal. It’s a verdict.
The question of whether institutional chains will be private or not has been resolved. What remains is the more difficult one: what kind of privacy are we actually building?
The problem with public chains
Bitcoin solved a problem that had vexed computer scientists and bankers for decades: how to transfer value between strangers without a trusted intermediary. Ethereum took blockchains even further, offering programmable value beyond value transfer – smart contracts that could encrypt agreements, automate settlement, and eliminate entire categories of intermediaries. Then came stablecoins, which linked programmability to the stability of the dollar, and from there the migration of real assets to onchain protocols began.
Each wave has brought with it more institutional interest, capital and ambition. And now that there is clarity about the regulations, institutions are ready to deploy resources in the chain.
But there’s one thing holding them back: a fundamental flaw that becomes increasingly important as the numbers grow.
Everything is visible. Every wallet. Any balance. Every transaction is readable in real time by anyone with a browser. This is not a characteristic of the financial markets. It’s an existential problem. Imagine if every hedge fund’s holdings, every company’s holdings, and every pension fund’s rebalancing operation appeared on a public screen the moment it was executed. Sophisticated counterparties would lead the way. Competitors would map out your strategy. Criminals would identify targets. The financial system as it currently exists would crash overnight.
Blockchains have asked institutions to accept exactly that. Tempo’s April 16 announcement is the clearest possible signal that institutions have finally said no.
Architecture is destiny
Here the conversation becomes more consequential – and more nuanced.
Tempo’s solution is Zones: private parallel blockchains connected to the main network. Within a Zone, participants can conduct private transactions. The public only sees cryptographic proofs of validity, not underlying data. Compliance automatically checks traveling with the token. Assets remain interoperable with Tempo Mainnet. For businesses involved in payroll, treasury operations or settlement workflows, it is a thoughtful and practical design.
But Tempo’s privacy model is visible to the operator. The Zone operator – a company or infrastructure provider – sees all transactions within its Zone. The audience sees nothing. The operator sees everything. For many regulated institutions, this is acceptable and may even be required. But it means that privacy depends on trust in an intermediary. You’ve moved the visibility problem; you haven’t eliminated it.
This is not a criticism of Tempo. It is a description of a real architectural choice – a choice with real consequences for anyone who thinks carefully about risks.
Zero-knowledge cryptography offers a different path. With ZK proofs, a party can prove that a transaction is valid without revealing the underlying data. A new generation of ZK-native blockchains builds this privacy-protecting functionality into the execution layer itself. Accounts execute transactions locally, with the chain storing only a cryptographic commitment. Nothing sensitive ever touches a ledger. Transaction history is not searchable. And crucially, no operator has a God-perspective: privacy is enforced at the base layer and not delegated to an intermediary.
If Bitcoin gave us a trustworthy transfer and Ethereum gave us programmable trust, ZK-native blockchains offer verifiable privacy: the ability to prove that everything happened correctly without revealing what really happened.
Compliance without full transparency
The obvious objection is regulation. Privacy and compliance have long been considered incompatible: oil and water. That framework is becoming outdated.
Regulatory compliance doesn’t require everyone to see your transactions. It requires that the right parties, under the right circumstances, can verify that your transactions were legitimate. That’s a meaningful distinction, and it’s one that ZK cryptography is uniquely positioned to enforce. Selective, programmable disclosure – revealing what regulators need to see, nothing more – is not a solution. It is a more precise implementation of what compliance actually requires.
Tempo’s model takes care of this at operator level. ZK-native approaches handle it at the cryptographic level. Both meet the compliance requirement. But they distribute trust very differently.
The question that matters
The financial sector knows that it has to go on-chain. It now knows – Tempo’s announcement makes this unmistakable – that it cannot do this on a completely public infrastructure. The era of public-by-default blockchains as the assumed standard for institutional finance is coming to an end.
What comes next depends on a choice that the industry is only just beginning to make clear: privacy through trusted operators, or privacy through cryptographic guarantees that require no trust at all.
Both are legitimate answers. But they are not equal. The privacy model you choose determines your risk surface, your compliance position, and your exposure to the failure modes of the intermediaries you depend on. Architecture is not a technical detail to be solved later. It is the decision that determines everything else.
The question for the industry is not whether privacy. That debate is over.
The question is what kind of privacy – and who, if anyone, you are willing to trust with the view.