Privacy stewards

What the new unit in the Ethereum Foundation proposes

Privacy Stewards for Ethereum (PSE), a new team within the Ethereum Foundation (EF), has unveiled a roadmap to bring privacy to every layer of the network, right up to applications. Delivering on it would enable anonymous transactions and computation without revealing user information.

ForkLog reviewed PSE’s proposals and sets out how the organisation plans to put them into practice.

Rebranding

On July 30th, at a video conference marking Ethereum’s tenth anniversary, Vitalik Buterin defined privacy as a key principle for the ecosystem over the next ten years. He noted that the mission would remain to build applications “that advance humanity and improve co-operation” while protecting users’ digital rights.

On September 12th the EF introduced a team tasked with integrating privacy across Ethereum. The responsible organisation, PSE, produced a roadmap that sets out how its team will allocate work and demonstrate results.

Since 2018 PSE, previously called Applied ZKP, has worked on zero-knowledge proofs (ZKPs). In 2021 the team broadened into programmable cryptography and full-stack solutions, and rebranded as Privacy & Scaling Explorations. For Ethereum developers this effort served a mentoring role: startups could rely on open-source research and tooling.

According to the roadmap, PSE will focus on practical privacy problems and on shaping the Ethereum ecosystem:

“We are taking responsibility within the Ethereum Foundation for achieving application-level privacy goals and will work with protocol teams to deliver any L1 changes required for strong, censorship-resistant and non-custodial privacy.”

The Ethereum stack should end up with “comprehensive, end-to-end privacy”: from the protocol and infrastructure to dapps and wallets. 

PSE believes anonymity can be achieved alongside a friendly user interface, high performance and economic efficiency. The new programme should comply with regulatory requirements.

“Our vision is to make privacy in Ethereum the norm, not the exception”, the statement says.

The strategy’s main components:

• iteratively mapping ecosystem privacy problems;
• maintaining a checklist: deciding whether PSE should lead, support or observe, and defining metrics to track progress;
• public communication with steady feedback loops.

PSE does not plan to blanket-fund startups. Rather, the team says it aims to allocate money only to specific digital-protection tasks and related problems. 

All areas under scrutiny

PSE extends the sweeping reorganisation at the EF begun in 2025. The team promises, when analysing existing initiatives, to heed popular user reviews. For this it plans to use the ecosystem developers’ EcoDev communications model and the updated Protocol programme for protocol engineers (formerly Protocol R&D). All activity proceeds under the “friendly” oversight of the Silviculture Society, a non-profit that safeguards the network’s values.

Implementing privacy across key components, including L2 and DeFi, effectively means enabling transactions without exposing personal data. PSE highlights three main workstreams:

• private writes. Improve the usability and accessibility of private writes such as sending funds, voting or interacting with dapps. This includes long-term plans for fully homomorphic encryption (FHE) and pushing cutting-edge techniques towards practical obfuscation;
• private reads. Requests, views and authentication in dapps without tracking or metadata leakage;
• private proving. Ensure data portability and verifiability across environments by providing purpose-bound proofs with minimal information.

“These workstreams do not cover everything PSE does, but they form the backbone of what we aim to implement and grow. Specific priorities and initiatives within these streams will vary in investment horizons and expected outcomes and will evolve with the ecosystem. However, we expect these key directions to persist over the next few years.”

Priority initiatives 

Over the next three to six months the PSE team plans to focus on priority tasks in each of the outlined areas. To that end it has compiled an initial checklist.

In private transfers the developers will devote particular attention to Plasma Fold—an L2 with an experimental architecture that blends the original Plasma design with modern folding schemes based on ZKPs. 

Unlike traditional solutions that post extensive transaction data to mainnet, Plasma Fold follows a minimal data-availability model inspired by Buterin’s vision of a Plasma‑EVM hybrid and the Intmax L2 network. PSE plans to continue close coordination with the latter.

Plasma Fold offers a low-cost, high-throughput alternative that is efficient in node RAM and in proof-generation speed. In this model only key metadata, such as Merkle roots and signer indices, is written to the blockchain—ideal for mobile or browser applications.

In anonymous governance PSE intends to continue working with Aragon, which develops private-DAO solutions. The MACI startup is also on the list of dapps for “quiet” voting. 

The protocol is censorship-resistant: votes are sent in encrypted form directly to the blockchain, and only the voter and the co-ordinator can decrypt them. Thanks to ZKPs anyone can verify the correctness of the final tally.

To raise Ethereum’s privacy, the PSE team sees opportunities for institutional DeFi adoption. On private computation it will focus on deploying FHE while advancing the MachinaIO and Phantom Zone projects. The former is an obfuscation method based on lattices, replacing expensive recursive encryption with lightweight matrix operations. The latter is a framework for building scalable multi-party-computation applications that uses multi-party FHE.

Private reading—the second area of interest for PSE—requires, in the team’s view, attention to RPC nodes and close study of ORAM and PIR solutions.

In the event of attacks that exploit a node’s RAM access patterns, ORAM helps preserve confidentiality and protect the user:

• each memory request is “masked”;
• real and dummy accesses are interleaved;
• an illusion of random access is created.

As a result, even an attacker who fully scans memory cannot distinguish genuine access from a decoy.

On proof privacy, PSE’s focus is chiefly on data portability, identification without revealing one’s identity and client-side proving protocols.

In particular, the “anonymous” Ethereum team voiced support for the TLSNotary protocol. It suits privacy-focused developers who need to attest to the provenance of data from secure web servers. It uses the widely deployed Transport Layer Security (TLS) protocol to prove, securely and privately, that a communication with a website took place.

Using MPC it splits session keys between two parties: the prover and the verifier. Neither the user nor the co-ordinator holds the full TLS keys—each has only a share.

This preserves security guarantees while allowing the prover to attest the communication’s authenticity to the verifier. The latter remains unaware of which web server was queried and never gains access to the unencrypted exchange.

As for client-side computation, PSE highlighted the Mopro project. The startup’s team is exploring the creation of a confidential environment using smartphones. 

Mopro leverages the growing power of mobile GPUs, enabling fast, scalable and secure proving directly in client applications. Cross-platform support lets tools run on iOS, Android, Windows and Mac.

Concerns

Strengthening privacy raises an important question: will it comply with existing regulations? Alongside promises of personal-data protection come risks, especially for smaller companies and startups.

Compliance could prove an overwhelming task. 

Problems PSE-supported projects may encounter:

• high cost of compliance. The GDPR is complex, and many startups may lack the resources required to comply;
• legal uncertainty. Different levels of enforcement across countries complicate compliance, especially for those operating internationally;
• dependence on third parties. Many SMEs collect and process data through external providers, who have their own obligations to regulators.

Despite the challenges, the EF’s move aims to preserve users’ digital rights and could even reshape existing regulatory influence.

“Ethereum is on a path to become the settlement layer for the world, but without robust privacy it risks becoming not a pillar of global freedom but the basis of a global surveillance system. A system without privacy will force institutions and users to seek alternatives, undermining the very mission for which Ethereum was created. If Ethereum does not provide privacy, it will not be able to protect the people who rely on it,” the PSE team said.