Blockchains were built as public networks in the best tradition of open source technology. But their future is private. And that future is coming faster than most people realize.
This month, Tempo — the Stripe-backed payment blockchain that raised $500 million at a $5 billion valuation, with Visa, Mastercard, Paradigm and UBS among its backers — published a detailed architectural proposal for private enterprise stablecoin transactions. Tempo is not a junk privacy-based project. It is arguably the most institutionally recognized blockchain launch in years, built by people who deeply understand what banks, payment processors and businesses actually need. When a network with that pedigree makes privacy a launch week priority, it’s not a signal. It is a judgement.
The question of whether institutional chains will become private or not has been settled. What remains is the most difficult: What kind of privacy are we actually building?
The problem with public chains
Bitcoin solved a problem that had plagued computer scientists and bankers for decades: how to transfer value between strangers without a trusted intermediary. Ethereum took blockchains further and offered programmable value alongside value transfer – smart contracts that could encode agreements, automate settlement and eliminate entire categories of middlemen. Then came stablecoins, which married programmability with the stability of the dollar, and from there began the migration of real assets to onchain protocols.
Each wave has brought additional institutional interest, capital and ambition. And now that regulatory clarity is emerging, institutions are ready to deploy resources on the chain.
But there’s one thing holding them back—a fundamental flaw that becomes more consequential the bigger the numbers.
Everything is visible. Every wallet. Each balance. Every transaction, in real time, can be read by anyone with a browser. In the financial markets this is not a feature. It is an existential problem. Imagine if every hedge fund’s positions, every corporate treasury’s holdings, every pension fund’s rebalancing trade appeared on a public screen the moment it was executed. Sophisticated counterparts would be ahead. Competitors will map out your strategy. Criminals would identify targets. The financial system as it exists today would seize overnight.
Blockchains have asked institutions to accept exactly that. Tempo’s announcement on 16 April is the clearest possible signal that the institutions have finally said: no.
Architecture is destiny
This is where the conversation becomes more consequential – and more nuanced.
Tempo’s solution is Zones: private parallel blockchains connected to the main network. Within a zone, participants trade privately. The public only sees cryptographic evidence of validity, not underlying data. Compliance automatically checks token travel. Assets remain interoperable with Tempo Mainnet. For companies running payroll, treasury operations or settlement workflows, it’s a thoughtful and practical design.
But Tempo’s privacy model is operator-visible. The Zone Operator – a company or infrastructure provider – sees all transactions within its Zone. The public sees nothing. The operator sees everything. For many regulated institutions this is acceptable and may even be necessary. But this means that privacy is dependent on trust in an intermediary. You have moved the visibility issue; you haven’t eliminated it.
This is not a criticism of Tempo. It is a description of a real architectural choice—one with real consequences for anyone who thinks carefully about risk.
Zero-knowledge cryptography offers another path. ZK proofs allow a party to prove that a transaction is valid without revealing the underlying data. A new generation of ZK-native blockchains builds this privacy-preserving functionality into the execution layer itself. Accounts perform transactions locally, with the chain only storing a cryptographic commitment. Nothing sensitive ever touches a public ledger. Transaction history cannot be browsed. And crucially, no operator has a good view—privacy is enforced at the base layer, not delegated to an intermediary.
If Bitcoin gave us trustless transfer and Ethereum gave us programmable trust, ZK-native blockchains offer verifiable privacy: the ability to prove that everything happened correctly without revealing what actually happened.
Compliance without full transparency
The obvious objection is regulation. Privacy and compliance have long been framed as incompatible—oil and water. That framing is becoming obsolete.
Compliance with the law does not require that everyone can see your transactions. It requires that the right parties, under the right conditions, can verify that your transactions were legitimate. It’s a meaningful distinction, and it’s one that ZK encryption is uniquely positioned to enforce. Selective, programmable disclosure – revealing what regulators need to see, nothing more – is not a solution. It is a more precise implementation of what compliance actually requires.
Tempo’s model manages this at operator level. ZK-native approaches handle it at the cryptographic level. Both meet the compliance requirement. But they distribute trust very differently.
The question that matters
The financial industry knows that it must move along the chain. It now knows – Tempo’s announcement makes this undeniable – that it cannot do so on fully public infrastructure. The era of public-by-default blockchains as the accepted standard for institutional finance is coming to an end.
What comes next depends on a choice that the industry is only beginning to make clearly: privacy through trusted operators or privacy through cryptographic guarantees that require no trust at all.
Both are legitimate answers. But they are not equal. The privacy model you choose determines your risk surface, your compliance position, and your exposure to failure modes of the intermediaries you rely on. Architecture is not a technical detail to be solved later. It is the decision that determines everything else.
The issue for the industry is not about privacy. That debate is over.
The question is what kind of privacy—and who, if anyone, you’re willing to trust with the view.
