In 2009, the default state of a financial transaction changed
For most of recorded history, financial privacy sat with the individual. Cash changed hands, merchants kept their own books, and if the state wanted to see your transactions, it had to come looking with legal authority. Privacy was never absolute, but the default was yours and the burden sat with the institution.
Onchain, that flipped. The default is now total exposure and every transaction we commit is a disclosure.
The fifteen-year experiment
Bitcoin needed transparency to function. A verifiable public ledger was the engineering solution to a trust problem, and it worked. But it came with a side effect that still hasn’t been resolved.
Every wallet address, on any public ledger, became a glass box. Balances, counterparties, timing, all written to a ledger anyone can read. What started as a trust mechanism quietly became the most complete financial surveillance architecture ever deployed. Not by a government or a corporation, but by an open-source protocol built to restore self-sovereignty.
Privacy has never been about hiding everything. It’s about information reaching the right people under the right norms. Financial transactions had a clear norm for centuries: you, your counterparty, and with legal authority, a regulator. Blockchain didn’t just make transactions public. It broke that norm entirely.
We spent fifteen years treating that breach as the cost of decentralisation. It was an engineering constraint we stopped questioning.
What transparency actually costs
Every transaction you submit to a public mempool is a broadcast. You’re telling the entire network what you want to buy, how much you’ll pay, and when, including the people who will use all of that against you.
The most measurable cost is MEV. Bots see your trade before it goes through, front-run it, sandwich your swap, and you eat the difference. Billions pulled from Ethereum users since the Merge. On Solana, sandwich bots alone took somewhere between $370 million and half a billion dollars in sixteen months.
There’s a deeper structural cost to this. Every transaction is broadcast with everything on show, forever. If you know someone could be looking, you might be tempted to hold off. If you know you’re one step away from your entire strategy being spotted, the game could be over.
This is a deal breaker for enterprises and institutions. The infrastructure is clearly ready, but the exposure is unacceptable. For individuals, the stakes are different but just as real. You shouldn’t need to choose between using a public network and letting strangers audit your financial life.
The agent problem nobody is talking about
The next wave of onchain activity won’t come from people clicking buttons. It’ll come from agents doing everything on our behalf.
On a transparent chain, every action your agent takes is a signal. Swaps into a position, visible. Rebalances, visible. A competing agent or bot spots the pattern and front-runs the next move. Your strategy is automated and being broadcast.
This gets worse at scale, and in ways that don’t have a precedent. When a bot front-runs your swap today, it’s exploiting a single visible transaction. When an agent is managing a portfolio, it’s executing a sequence of moves that reveal a strategy. A competing agent doesn’t just see one trade. It sees the pattern across trades, infers the logic, and positions against the next move before it happens. That’s not sandwich extraction. That’s adversarial strategy reading, and it becomes possible the moment agents are operating at volume on transparent infrastructure.
When thousands of agents are executing simultaneously, agent-to-agent MEV becomes an entirely new extraction layer. It doesn’t exist yet, only because there aren’t enough agents onchain to make it worth building. But that will change fast. When it does, the chain handling that volume needs to have been built for it from the ground up, not retrofitted.
Delegation without privacy is open broadcasting of intent and strategy.
Our position
Plenty of teams have taken a run at privacy. The two most instructive efforts sit at opposite ends of the design space. Aztec is now live in alpha with a feature-complete privacy stack, but at one transaction per second, with compliance as something developers build on top rather than something native to the architecture. It’s a principled approach that prioritizes privacy absolutism and asks adoption to follow. Zcash pioneered shielded transactions but locked them to a single asset with no smart contract support, which means the privacy is real but the functionality ceiling is low. Other approaches, from Canton’s permissioned model to Zama’s FHE encryption, carry their own trade-offs in cost, openness, or composability.
There’s a principled case for absolute onchain privacy and we respect the teams building toward it. But when the goal is real-world integration and enterprise adoption, ideological purity isn’t a practical path. Privacy needs to coexist with compliance natively, not as something a developer has to build on top. That’s the position we’re taking at Starknet.
The end state is STARKs
Every other approach to onchain privacy we’ve seen carries a trade-off against compliance. The two sit in tension, technically and ideologically. STARKs are a proof system used by Starknet. They let you prove that a computation was done correctly without re-executing it and without revealing the inputs. When you combine that with the ability to selectively hide data, the dynamic changes. You can prove what needs proving, without showing anything else.
STRK20 is our privacy solution, it’s a ‘practical privacy’ one-click feature that can make any ERC-20 on Starknet shieldable. You turn it on, you turn it off. If a regulator has legal authority to look, viewing keys give them scoped access to see forwards or backwards for a specific user, without revealing anyone else connected. This isn’t an unsolved trust problem. The keys are scoped by design, time-bound, and user-specific, and the architecture limits what a viewing key can expose, so the question of scope creep is answered at the protocol level, not the policy level.
Think about what that actually means in practice. You can trade without getting sandwiched. Your DAO treasury isn’t a public scoreboard. Token distributions don’t get front-run before they land. You can make a donation to a political party of your choice. Your agent can execute without broadcasting its next move to every competitor on the network.
A regulator can audit your account. Your neighbour can’t
That’s how privacy has worked everywhere for generations, except for the generation of blockchain. Helen Nissenbaum calls this contextual integrity: the principle that information should flow according to the norms of the context it belongs to. STRK20 restores exactly that. The default changed in 2009. It’s about to change back.
