How Starknet is reimagining privacy with STRK20
It is clear that the lack of privacy is one of the major barriers to adoption for crypto, and Starknet has now come out with a solution in its new privacy token standard, STRK20.
Even Satoshi Nakamoto said in 2010 that Bitcoin should implement privacy, and the reason for that is obvious, as privacy is a human right and, especially in financial markets, it is what protects you from people taking advantage of the information you provide.
In crypto right now, a lot of that information is just out there in the open, which is actively hurting adoption from institutions that don’t want to leak information, and the lack of privacy also makes it harder to use crypto for daily activities like payroll or paying your bills, as nobody wants that information to be public.
Overall, it is clear that the lack of privacy is one of the major barriers to adoption for crypto, and Starknet has now come out with a solution in its new privacy token standard, STRK20.
Executive Summary
The problem
Public blockchains have virtually no privacy, as every action can be observed onchain. Balances, trades, and strategies are visible by default, and for participants whose capital would move markets, that is not a minor inconvenience but makes participation impossible.
Because of this lack of privacy, institutions and enterprises cannot move funds or rebalance at scale without others getting a whiff of their actions. Traders and market makers also expose their strategy with every transaction, which can result in problems like MEV or losing their informational edge.
Nation-states and central banks also currently cannot accumulate reserve assets when every purchase is visible on blockchain explorers.
These three target audiences represent some of the largest pools of capital that have yet to move onchain, and the lack of privacy is one of the main reasons why they have not yet made the move.
While there has been work done to have privacy in crypto, none of the current solutions fills the gap. Systems that offer full privacy do so by isolating execution inside closed environments, which breaks composability and cuts users off from existing DeFi liquidity entirely.
Systems that preserve access to public markets achieve only partial privacy, leaving execution visible and activity traceable at the moments when confidentiality matters most. No solution has successfully offered both at once.
The solution
Starknet is uniquely positioned to solve this. Built from the ground up around cryptographic proofs, it is one of the only networks where privacy can be introduced as a native property of the architecture rather than an addition that works against it. That foundation is what makes STRK20 possible.
What Starknet has introduced is a privacy token standard called STRK20 that separates private ownership from public execution. Users hold assets privately inside a shared pool while still interacting with the same public protocols and liquidity they use today.
The major unlock that no other privacy solution has been able to offer before is that users can execute swaps and interact with DeFi protocols directly from within that private pool in a single transaction, without ever exposing their identity or creating a visible link between their activity.
STRK20 also builds compliance directly into the system through layered auditability, giving users, custodians, and regulators selective visibility when required.
How can it be adopted
STRK20 is built to integrate into existing infrastructure rather than replace it. As a token standard on Starknet, any wallet, custodian, or protocol that supports the network can offer their users access to private transfers, swaps, and DeFi interactions without rebuilding their systems or changing their existing workflows. The barrier to adoption is low by design.
The addressable market spans four major distribution paths: institutional traders and market makers operating at scale on public chains, custodians who serve as the primary gateway for institutional capital, enterprise treasuries and DAOs managing large onchain holdings, and the hundreds of millions of users already accessing crypto through major wallet providers.
For any of these players, STRK20 is straightforward to integrate and immediately unlocks private participation in DeFi.
The Problem with Privacy in Crypto
Public blockchains have solved an important coordination problem over the years; they showed that open, shared and verifiable markets could exist without a central intermediary and that there is an alternative to traditional finance that can be both decentralised and permissionless.
That design choice helped crypto bootstrap adoption by giving users clear advantages while building trust through transparency. Users could inspect transactions onchain, verify activity, and observe market structure in real time, which was not possible before.
In the early days of DeFi, this transparency was a key feature. It reduced the need to trust unknown counterparties and made it easy for users to understand what was happening onchain.
However, as more capital moves onchain, the same transparency that built early trust is starting to limit adoption.
With greater adoption, transparency introduces a new set of challenges. On public blockchains, balances, transfers, trading patterns, and wallet behaviour are visible by default. While this level of openness is valuable for verifying protocols, it creates issues when it comes to personal and sensitive financial activity, where privacy is important.
This has become one of the biggest challenges for adoption among institutions and nation-states. A16zcrypto, a leading crypto venture fund with $7.6 billion in assets under management, highlighted this in its 2026 privacy trends report.
In the trends report, it is mentioned that privacy is a critical requirement for global finance to move onchain. Despite many privacy solutions introduced over the years, the lack of privacy continues to affect users and slow broader adoption.
How the lack of privacy affects different users
We have identified three key groups that need privacy to adopt crypto, which would result in the largest unlock of adoption.
1. Enterprises and treasuries
For decentralised autonomous organisations (DAOs) and companies that have their full treasury, or a part of their treasury, in crypto, the lack of privacy makes normal financial operations visible to the entire market. Enterprises and DAOs cannot move funds at scale, rebalance, or hedge without signalling the moves they make to other market participants. This can expose strategic decisions, internal capital allocation, and even aspects of business relationships or deal terms.
2.Traders and market participants
For traders, funds, and market makers, the lack of privacy exposes their trading strategies during execution. Each time trading positions are rotated, liquidity is moved, or positions are adjusted, their trades become visible before they are complete, especially in a scenario where an asset is, for example, accumulated over a longer period of time. This allows others to front-run, copy, or trade against those moves, leading to worse execution, higher costs, and exposure to MEV.
3. Sovereigns and central banks
For nation-states and central banks, the lack of privacy makes it difficult to accumulate or manage reserve assets like BTC without everyone knowing. As BTC is increasingly considered a serious contender for reserve holdings, one of the main challenges is that accumulation reveals the size, timing, and direction of purchases to the entire market in real time. This stands in contrast to traditional systems, where assets like gold can be accumulated gradually or underreported without signalling what they are doing to the entire market.
The two dominant privacy paths still fall short
The idea that crypto needs privacy is not new. It was already being discussed in Bitcoin’s earliest years. In an August 2010 forum discussion, users raised the possibility of using zero-knowledge proofs to hide balances and transaction details, and Satoshi responded that, if such a solution could be found, it could enable “a much better, easier, more convenient implementation of Bitcoin.
Since then, as the technology has improved, two main approaches to privacy have emerged.
The first is the fully private environment, where execution and state are hidden inside a dedicated privacy system. The second is the partial privacy add-on, where only specific parts of a transaction, such as balances, senders, or transfers, are hidden while the broader market structure remains public.
Both approaches address real limitations of transparent blockchains. But both also introduce tradeoffs that prevent them from fully solving the problem of private participation in open markets.
1. Full privacy environments
The first approach can be thought of as a private sandbox. Users operate inside a fully private environment where transactions, balances, and activity are hidden from the outside world. This provides strong confidentiality, but it also means that everything inside that sandbox is cut off from the rest of crypto.
Public DeFi systems rely on shared, visible state to function. AMMs need to see liquidity, lending protocols need to verify collateral, and settlement layers need to track state changes. When that information is hidden inside a private sandbox, external protocols cannot interact with it. As a result, liquidity cannot flow in and out freely. Instead, it becomes trapped inside the system, forcing developers to rebuild trading, lending, and other core infrastructure from scratch within that environment. This slows adoption, fragments liquidity, and makes it difficult for these systems to reach meaningful scale.
An example of a system like this is Aztec, which functions as a separate private zone connected to Ethereum. Transaction data is processed locally on a user's device, generating a cryptographic proof that does not expose the transaction details publicly. That proof then settles back to Ethereum through Aztec's network.
The flaw is that privacy only holds within Aztec itself. The moment a user moves assets in or out, that bridge activity becomes visible on Ethereum’s public ledger, revealing wallet behaviour, timing, and amounts. A system that requires crossing a visible boundary to connect with the rest of DeFi cannot offer meaningful privacy to users who need to interact with that broader ecosystem.
2. Partial privacy add-ons
The second approach makes the opposite tradeoff. Instead of creating a fully private environment, it adds privacy to specific parts of activity while still living on public blockchains. In simple terms, it is less like a private sandbox and more like a privacy application sitting on top of a public system.
It can do its own job very well, for example, hiding balances, transfers, or wallet-level identity, while still letting users access existing chains, apps, and liquidity.
This is attractive because users do not have to leave the broader ecosystem. They can keep using public blockchains and public DeFi while gaining privacy around certain actions. A simple example is a user making a private transfer between two wallets. In that case, the sender, receiver, or amount may be hidden from public view.
But if that same user then takes the funds and starts swapping, rebalancing, or moving across different protocols, the surrounding transaction flow is still happening in a public market. At that point, the visible order and timing of those actions can start to reveal behaviour, even if the original transfer was private.
A good example of this approach to privacy is RAILGUN, a privacy system built on top of existing EVM chains.
Users can shield tokens into a private balance, hiding the sender, recipient, token, and amount. The flaw appears when users interact with DeFi. Trades still execute through public protocols with public liquidity, so the activity itself remains visible. When a transaction is large enough to stand out, it can be tracked, which is precisely when privacy matters most.
Starknet as the Foundation for Privacy
Looking at the current privacy designs, we come to a stark conclusion: fully private environments break composability by isolating everything, while privacy layers on public chains still expose activity because execution happens in the open.
What is needed is an architecture where markets stay public and composable while ownership and intent remain private.
Starknet is one of the only environments where this is actually possible, not as a workaround but as a native property of how the network functions. Understanding why comes down to three things: its unified proving stack, its approach to storage mappings, and its scalability.
Unified proving stack
Most blockchains verify transactions by making all data visible. When that data is hidden, the system needs an alternative mechanism to prove that nothing bad happened, and that mechanism must be introduced from scratch
On Starknet, it does not. The network was built from the ground up around cryptographic proofs to verify execution correctness. Privacy is therefore additive to an architecture that already runs on proving. It does not require a separate layer or a fundamental redesign. That is a meaningful advantage over every chain where privacy has to fight against the base architecture rather than extend it.
Public markets, private ownership
Every Starknet contract stores its data as a simple lookup table. Each piece of information, such as a token balance, the value of an LP position, or a position size, is assigned a storage address and stored as a value at that address.
Anyone can acces the information directly and at any time. A lending protocol checking a DEX's price is just reading a value from a known storage address. A yield aggregator reading both is doing the same thing twice. Every protocol can see every other protocol's state, and the entire system is built on that shared visibility.
That openness also goes deeper than simple readability. Starknet's global state is cryptographically committed to and verified against Ethereum on every block, meaning every value in every storage slot is not just readable but provably correct. The integrity of the data is guaranteed by mathematics, not by trusting any single operator.
The mechanism behind this is straightforward. Each key, whether a wallet address, a number, or any other identifier, gets run through a hash function that deterministically assigns it a unique storage address. That address holds the corresponding value. The result is a fully open, fully verifiable map of every piece of state in every contract on the network.
This is also exactly where the privacy problem sits. It is not a flaw in Starknet's design. The transparent storage model is what makes trustless composability possible in the first place. The problem is that the same slots that let protocols read pool prices also expose wallet balances, position sizes, and trading patterns to anyone who looks.
Scalable privacy economics
Privacy systems are inherently more computationally expensive than transparent ones. Private transfers, shielded balances, and anonymous DeFi interactions all require additional proof generation, verification, and state management, and a chain that cannot sustain high throughput at low cost will confine privacy to niche use cases.
Starknet is the first architecture that can support private participation in public markets without fragmenting liquidity, and its performance is what makes that viable at scale rather than in theory. This is because Starknet's base performance creates the conditions for this to change, with transactions confirming in under two seconds and network fees averaging $0.002 per transaction.
Through a series of network upgrades in 2025, the network pushed transaction latency from two seconds down to 500 milliseconds, reduced average gas fees to below $0.001, and expanded TPS capacity from 500 to over 1,000, with a roadmap targeting 10,000 TPS.
On throughput, Starknet has recorded peaks of 2,630 user operations per second and sustained 273 over an entire day, putting it in the same conversation as Web2 payment rails like Stripe or Nasdaq.
Overall, this level of scalability makes it well suited for privacy use cases where both high TPS and low fees are necessary.
The STRK20 Standard for Private Assets and Swaps
Most privacy solutions force a trade-off. You either get confidentiality inside isolated systems, or you keep access to public liquidity but expose your activity. STRK20 is designed to remove that trade-off by introducing privacy directly into how assets are held and used, without creating a separate execution environment.
Starknet has spent years building the infrastructure needed to support this, particularly around proof systems and execution architecture. That foundation makes it one of the few ecosystems where privacy can be added without fragmenting liquidity or changing how markets function today.
STRK20 separates private ownership from public market execution. Instead of holding tokens in a publicly visible balance, users hold encrypted notes inside a shared privacy pool. These notes represent ownership and value, but remain unreadable onchain.
To prevent double-spending, the system uses nullifiers. When a note is spent, a nullifier is generated and recorded onchain. It acts like a one-time receipt, proving that the note has been used without revealing which note it was, who spent it, or how much was transferred. Once a nullifier appears, that note is permanently retired.
This model enables private transfers within the pool. Users can send assets without revealing the sender, the recipient, or the amount. At the same time, deposits into the pool and withdrawals back to public tokens remain visible. This creates a clear boundary. Activity inside the pool is private, while interactions with the broader network remain easy to explore.
The most important use case for this is trading. In most privacy systems, users can hold assets privately, but they lose that privacy when they try to trade. Typically, they must move funds out of the system that provides privacy, execute a public swap, and then move the funds back in. Each of these steps exposes their activity and allows others to take advantage of this information.
STRK20 avoids this problem. Users can execute swaps directly from the privacy pool using existing AMMs on Starknet. The transaction is handled in a single step rather than multiple visible steps via the multi-call function. This eliminates the window in which trading behaviour would normally be exposed and also prevents the possibility of MEV.
It is important to be precise about what this protects and what it does not. Swap amounts and token types remain visible because they affect the state of public liquidity pools. An observer can still determine what was traded and in what size. What remains protected is the identity of the trader and the linkage between transactions.
This applies beyond swaps to other DeFi use cases as well. Users can interact with lending protocols, execute multi-step portfolio operations, and manage treasury positions directly from within the privacy pool. The underlying protocols remain publicly verifiable and continue to function normally. The only thing removed is attribution.
Compliance and Regulatory Compatibility
Institutions avoid DeFi not only because of privacy concerns but also because most privacy solutions create a compliance problem. They hide transaction data entirely, which conflicts with the audit trails, reporting obligations, and legal requirements institutions are bound by.
STRK20 is built with this in mind. Privacy does not mean unauditable. Users retain access to their own transaction history, wallet providers and custodians maintain visibility into user activity for monitoring and reporting, and a designated oversight entity can access transaction data under legitimate conditions such as regulatory requests or investigations.
Privacy and compliance are layered into the same system rather than treated as opposites, which you can clearly see in the way Starknet has built layered auditability into STRK20.
Layered Auditability | Description |
End-user auditability | Users can access their own private transaction history for transparency, record-keeping, and personal audit purposes. |
Wallet and custodian auditability | Wallet operators and custodians have protocol-enforced access to their users’ private activity. This enables transaction monitoring, reporting, fraud investigations, customer support, and tax or audit workflows without making the data publicly visible. |
Independent oversight access | A designated independent oversight entity has conditional decryption capability when there is a legitimate compliance need. This role is typically fulfilled by a reputable blockchain analytics provider experienced in regulatory and law enforcement processes. |
Disclosure is mandatory | The existence, role, and access conditions of the oversight entity are explicitly disclosed in user agreements and privacy policies. |
When you look at the design of STRK20 as a whole and take compliance into account, you understand the entire user flow.
It starts with the user’s initial transaction, continues through the Privacy Pool providing encrypted assets, and ends with the compliance layer, which provides the guarantees institutions need to use it. By combining these three aspects, you can see the complete STRK20 flow as shown in the picture below.
Comparing privacy architectures: STRK20 Vs Competitors
We compare different solutions with six criteria: trustlessness, compliance, shared liquidity, anonymous swaps, composable DeFi, and multi-asset support.
Together, these dimensions capture the core trade-off with the current privacy solutions: the ability to preserve confidentiality without facing many tradeoffs. As shown in the comparison table, most solutions do not hit all of the six criteria.
Starting with Aztec, it scores highly on privacy through private client-side execution proven onchain, but that same design limits shared liquidity and composability, since privacy is contained within its own environment rather than extending to existing DeFi.
Zama supports confidential smart contracts and assets on existing public blockchains, with composability across confidential and non-confidential contracts. That makes it strong on multi-asset support and composability. But its privacy model is still application-level, so compliance and anonymous swaps depend on how a given app is built rather than emerging automatically from a unified market design.
Solana’s Confidential Transfers, on the other hand, hide amounts in transfers but not in swaps, so privacy does not extend to DeFi activity. It partially satisfies user needs but falls short of what DeFi adoption actually requires.
Sui has strong privacy building blocks through Seal and Nautilus, covering encryption and verifiable off-chain compute, but these are infrastructure primitives rather than a functioning private DeFi market with anonymous swaps and shared liquidity.
Lastly, Canton Network is strongest on compliance, with selective visibility, configurable privacy controls, and encrypted sub-transaction views built into its design. But it is oriented toward regulated financial networks rather than open DeFi, so anonymous swaps and shared liquidity are weak by design rather than by omission.
Overall, Starknet with STRK20 is the only solution that scores well across all criteria and truly takes into account everything needed for a privacy solution that can achieve mass adoption while remaining compliant and ready for institutional use.
Adoption and Strategic Implications
The adoption of STRK20 is most likely to succeed by having the right distribution channels and integrations. While the underlying cryptographic and architectural components are already viable. Historically, privacy solutions have failed when they require liquidity to migrate to a new blockchain, bespoke wallets to be built to support the protocol, or behavioural changes by users.
STRK20’s design, including native compatibility with ERC-20s, a shared privacy pool, and integration with existing account structures, directly addresses these pain points, making it easier to be adopted and integrated by different target audiences, including Institutional traders and market makers, Custodians and institutional infrastructure providers Enterprise and treasury users and Advanced DeFi users.
Institutional traders and market makers
Institutional trading activity represents the most immediate and economically compelling opportunity for STRK20 adoption. On public blockchains, institutional traders and market makers expose each transaction and position size in real time, eroding their edge and creating measurable costs through MEV and adverse selection. As a result, a share of the larger trading volume lives outside of DeFi today and is instead executed through OTC desks and centralised exchanges.
STRK20 introduces these capabilities to onchain markets, enabling institutions and professional traders to interact with DeFi without exposing identity or transaction linkage, which can support institutional traders and market makers in interacting with DeFi in a way that they are comfortable with on Starknet, as well as through integrations with DEX aggregators or lending protocols.
The addressable market for this segment is defined by trading volume rather than user count. DEX volume alone accounts for approximately $188.3B in 30-day volume, with peaks reaching $567B in October 2025. In lending represents a complementary use case, with TVL of approximately $49.4B. In current market conditions, borrowing and lending activity exposes institutional positions and strategy to other participants, reinforcing the demand for confidentiality in these workflows.
Early adoption by market makers is important because it enables liquidity and volume on Starknet, and at the same time allows these entities to maintain their informational edge when interacting with DeFi.
Custodians and institutional infrastructure providers
Custodians serve as the primary distribution layer for institutional capital and therefore represent the best opportunity to support privacy at scale with STRK20. Institutions rarely interact with DeFi protocols directly. They rely on custodians for transaction initiation, policy enforcement, and compliance, meaning a single custodian integration gives STRK20 access to the entire book of clients behind it.
When a custodian adds support for Starknet, every institution they serve gains the ability to transact privately without changing how they operate.
STRK20's compatibility with existing multisig and hardware wallet infrastructure means custodians can integrate privacy without rebuilding their systems, abstracting it into a product layer that their clients consume without friction.
So instead of onboarding institutions independently, the biggest opportunity for Starknet is to work with custodians like Coinbase Custody, which reports $300B in assets under custody and $236B in quarterly institutional trading volume. Anchorage Digital also serves large institutional clients across custody, staking, and settlement infrastructure, with over $50B in assets under custody, and has recently announced custody support for Starknet.
Getting one or more of these custodians to actively support STRK20 would not just add users at the margin. It would bring the trading volume, capital flows, and institutional activity of their entire client networks onto Starknet, making custody the single highest-leverage bet for driving meaningful adoption of private DeFi at scale.
Enterprise and treasury users
Enterprise and treasury users. Public blockchains expose when treasuries move funds, as well as payroll activities, since many DAOs, for example, use crypto to pay their employees.
STRK20 provides a solution for enterprises and DAOs using crypto by enabling private transfers and balance management, while preserving compliance through selective disclosure.
Currently, according to DefiLlama, DAO treasuries hold approximately $8.22 billion, presenting a significant opportunity for larger DAOs to integrate STRK20 into their treasury management workflow, with the top 10 already representing $5.97 billion in treasury value, presenting a huge opportunity for Starknet.
At the same time, the top 100 Bitcoin treasury companies have reached total holdings of $80.66 billion, creating another opportunity for STRK20 adoption in treasury management workflows through qualified custodians.
Advanced DeFi users
According to The Limits of DeFi for Financial Inclusion (OECD), total DeFi transaction volume ranges from $40–60 billion per month in bull markets to $10–20 billion per month in bear markets. Many of these users are affected by MEV and related issues, particularly market makers, whose trades are publicly visible and whose wallets can be tracked by copy traders.
STRK20 provides a solution to many of the problems DeFi users face while allowing them to interact with familiar DeFi protocols on Starknet.
It also unlocks more advanced use cases, such as private lending, as well as the use of multicall functionality, which allows multiple interactions to occur within a single transaction and reduces exposure to MEV.
Crypto Wallets
Crypto wallets are the most direct path to consumer-scale adoption. Despite crypto's reputation for being widely distributed, most assets flow through a small number of dominant wallet providers that serve as the primary interface for hundreds of millions of users. Binance leads with 150 million users, Coinbase has reached 98 million, Trust Wallet serves 60 million active users, and MetaMask remains the dominant DeFi interface with 30 million monthly active users. Hardware wallets add another 10 million users across Ledger and Trezor.
Most of these wallets have already integrated swap functionality directly into their products. MetaMask's swap function alone has processed nearly $40 billion in volume.
None of them offer privacy. For STRK20, that is the opportunity. Integrating into any of these wallets as a supported token standard on Starknet would immediately surface private swaps and transfers to a user base that already exists and is already transacting, without requiring any change in behaviour.
Conclusion
Privacy has always been one of the clearest limits on how far crypto can go. Open blockchains made it possible to build transparent, verifiable markets, but transparency alone cannot support every kind of participant.
That is why STRK20 stands out. It pushes toward a model where users can keep confidentiality while still accessing shared liquidity and existing DeFi infrastructure. That combination has been largely missing across crypto. Either privacy came with isolation, or market access came with exposure.
STRK20 moves in a different direction. It opens the door to onchain markets where privacy and composability can exist together, which is much closer to what large-scale adoption actually requires.
If Starknet can solve distribution, STRK20 could see meaningful adoption quickly. The need already exists across institutions, enterprises, DAOs, and even nation-states; what matters now is reaching them through the right integrations, especially custodians, wallets, and core DeFi infrastructure.
If that happens, STRK20 has a real chance to become the standard that brings private participation into public, composable markets at scale.