Projects
![]()
No projects found
Investors
New
DAO Treasuries
DATs
Lend / Borrow APRs
Chains
Categories
Spaces
Privacy Pools Launch on OP Mainnet!
Recorded: Dec. 19, 2025 Duration: 0:31:21Space Recording
Short Summary
Privacy pools have officially launched on OP Mainnet, revolutionizing user privacy in blockchain transactions. This innovative project enables private withdrawals while ensuring compliance, reflecting a significant trend towards prioritizing privacy in the Ethereum ecosystem.
Full Transcription
Music Thank you. Hi everyone, everyone. Welcome. Today's conversation is about privacy, why it matters, what it
looks like in practice, and specifically, the privacy pool's deployment on OP Mainnet.
We'll start with a quick round of intros and mic checks, and we'll aim to wrap up in about
30 minutes.
Mark, do you want to get us going?
Yeah, sure. Hey, my name is Mark, and I'm a co-founder of Optimism.
I've been building an Ethereum for a long time at this point. And one thing that always stuck out to me when I first joined Ethereum from the Bitcoin space was the Ethereum communities seemed less focused on privacy.
And in Bitcoin, it always felt like people were kind of more hardcore about being cypherpunk.
But it seems like that's changing. And actually, Ethereum now today is way more cypherpunk, but it seems like that's changing. Actually, Ethereum now today is
way more cypherpunk than Bitcoin. It's actually pretty funny how the tables have turned.
So I'm really excited to see all this progress and privacy going on in the Ethereum space,
and especially privacy pools. Privacy pools are a really interesting project.
I'll hand it over to Zach to tell us more.
Yeah, hey, thank you for having me.
Yeah, my name is Zach, Zach Cole.
I work on privacy pools.
I got involved in the blockchain space in around 2013 or so
and started working on Ethereum in 2015. And I've been working full time on ETH
for almost 10 years now. So been a wild ride. My background is engineering. I was an engineer
in the Marine Corps. I was responsible for cryptographic management of assets
and for the Department of Defense.
And now I'm building stuff for all of you guys.
So, yeah, thank you for having me.
Zach, do you want to get into the launch on OP Mainnet?
Yeah, sure. So I guess backing up, describing privacy pools. So privacy pools enables private
withdrawals on public blockchains. So that'll let somebody, anyone can deposit publicly and then later withdraw to a fresh address
without creating an on-chain link
between the deposit and the withdraw.
So at a higher level,
that kind of breaks the automatic linkage
that comes from the address reuse
and public transaction graphs.
So you can move more value without publishing your entire financial
history every single time you send a transaction.
And we've just launched on OP.
So why OP? I mean, that's
kind of where privacy becomes usable instead of theoretical. Privacy
systems like ours, it's pretty ZK heavy and adds proof verification and there's extra
call data. And sometimes there's relayers and on expensive block space that kind of
pushes privacy into edge cases. But with OP OP mainnet, you know, fees are low enough that private withdrawals can kind
of feel like a normal action and not a special event.
So I think like L2 is kind of provide more practical space for us to enable privacy by
default because it's like cheaper and it's faster.
Yeah, and then there's also ecosystem reasons for deploying on OP because, you know, OP has like
real users and apps and, you know, clear path to integration. And, you know, privacy only really
matters if it shows up in wallets and payroll flows, exchanges, you know, like regular consumer apps and that kind of like L2s are like where those flows live today.
Yeah, and OP is pretty explicit about building infrastructure and not just scaling throughput.
And privacy primitives like ours, they need a stable, boring execution layer, which OP provides that surface while staying anchored to Ethereum security.
That makes a lot of sense.
There's been a lot of talk about privacy being more normal.
And I've seen threads about not doxing your net worth basically
somebody's trying to send a payment to um somebody in whatever stable coin and then
uh they get a message back or a text back saying hey what how how do you have all of this money
you know right so that makes total sense yeah so so that's a good point, right? Like public ledgers kind of put,
like they kind of create,
like public ledgers and plus like real world identity
kind of creates a surface area for coercion.
So like, you know, a real like pattern
that I've seen more than once is like someone uses,
and this is what you're referring to,
is somebody uses a single address for months, like salary, token unlock, big transfers.
And then that address gets linked to their real identity through, I don't know,
like Discord or Telegram, like social media posts or a GitHub commit.
And even worse is an ENS.
I'm zac.eth.
I'm undeniably zac.
Anybody could go there and see exactly what I have.
And then because of that, I have in the past
been targeted a lot.
I've been personally hit, I've been drained, I've been, you know, I get all these, everybody does, right? If,
if any of that stuff is linked online, you're pretty much making yourself a target. And it's not even exclusively to online. People think about hackers.
But the thing with having your net worth and all of these assets essentially dox publicly,
that allows attackers to verify your balance, your timing, your behavior on chain.
balance, your timing, like your behavior on chain. And then like pressure shows up in the real world
and, you know, the ledger actually becomes like a compliance tool for the attacker. So I think
that's like a part that people miss is like the danger is not entirely like theft by hacking. It's
like you have verifiable wealth under coercion. I mean, you essentially make yourself a target for
wrench attack.
So someone can prove that you have funds and watch you move them, and then that creates
leverage.
So privacy pools and other privacy tools in general kind of exist to help break that
verification step.
At least privacy pools does.
I know a lot of different privacy protocols allow
for illicit streams of finance.
We're kind of like focused primarily on compliance,
but anyway, the point's like you can't target
what you can't really confidently see.
So I think that kind of just plays
to what you just mentioned.
Nice, yeah, compliance is good. And it's pretty crazy
how much metadata can be leaked just from using the chain. Like for example, an attacker can look
at what time an address is usually sending transactions and is active and that could reveal what part of the world they're in and
with enough of this um just randomly kind of leaked information an attacker can find out a lot
about a person and that's not okay and it's actually holding back a lot of growth of the space
because people shouldn't be paranoid about being on chain it
should be better than the current system we can't expect people we can't sell people a worse system
and in some ways you know right now we're doing that when it comes to privacy because
when an everyday person makes a payment using something like Cash App or Venmo, it's usually private.
I know Venmo, it can be public.
And strangely enough, a lot of people don't care about that. how we have to frame privacy as a value proposition
when people are using Web2 tech and they don't care about it.
But I'm confident that we're making good progress in the problem.
And it's also the whales.
I think it's the whales that really, really care about the privacy
more so than individuals.
But I think that we need to teach everyone to care because these are rights.
These are, you know, it's like a fundamental human right, in my opinion,
to have privacy and the ability to transact.
And with technology, it's been encroaching on our right of privacy. No time in history
previously has there been so much of a surveillance state. And it's just becoming easier and easier
as technology gets better and better. And we all carry phones with us everywhere and there's got to be a million
and a half back doors and ways that we're being tracked that we don't even realize and I think
just accepting that is okay is not a great way to live like Is that really the world that we want to be in? I think that we can make a much better world than that.
Yeah, a couple of good points.
So on Monday, I was at the SEC headquarters in DC
for the crypto task force roundtable
talking about privacy compliance and all that.
And Chairman Atkins said,
the government will transform this ecosystem
into a financial panopticon.
And he didn't say that as a flex.
He said that as a warning,
that if privacy tools do not exist,
then it's pretty much a ripe surface area to create
this, like the hugest surveillance state. Like public blockchain is like a tool to create
the largest surveillance state we've ever seen, unless we build and bake in all of these privacy
primitives and make them inherent, as opposed to just a nice-to-have.
Like, you know, a system that requires everyone to publish their financial history by default
is not neutral. It's hostile to all of its users. It favors attackers and stalkers and competitors
and future regulators over, like, normal users. So privacy is not an add-on.
It shouldn't be. It's not a nice to have. It's damage control.
Totally agree there. Now, just curious, Zach, if you could tell me a little bit about,
as a user of privacy pools, can you tell me a little bit about the exact,
maybe like an everyday sort of example and how I can get privacy from it?
Yeah, yeah, for sure.
So if you deposit,
if you're paying just basic use cases
or like paying somebody at a company, if you have payroll, if you are paying your mistress,
for example. I've used that example before. People didn't seem to like that. But I mean,
essentially any peer-to-peer payment area, this is where you want to use privacy to make sure that you're not kind of like doxing and leaving like an audit trail of your activities.
So like as a normal user, the problem's kind of like, you know, starts the moment you reuse an address.
Like you get paid, you trade, you do whatever, you interact with apps.
Over time, like that address essentially turns into a public profile.
It's like a honeypot for your own personal information,
like you were saying, or your habits.
You can triangulate where somebody is located.
Anybody who links to it can see your balances,
your timing, behavior, whatever.
So with privacy pools, it's pretty simple flow.
You just deposit from your regular address.
That deposit is public.
And then whenever you want privacy, you withdraw to a fresh address. And there's like no on-chain link between the two.
So anybody watching the chain, like it could just belong to anybody. So in practice, like you could
pay someone, move funds to your new wallet or interact with an app without like dragging your entire transaction history along
with, you know, like my counterparty doesn't get my balance if I'm paying somebody out.
App doesn't get my past activity. Like observers don't really get like a clean graph to analyze.
So it's not like about hiding activity. Like the deposit happens publicly, the withdraw is like valid and verifiable.
So, but what disappears is that automatic correlation.
Privacy pool gives you like the ability to kind of like reset that context.
So each action isn't reveal everything that kind of came before it.
I mean, you can use, you know, a centralized exchange for something like that, you know,
as well. But I mean, you're still like
doxing yourself to the centralized exchange, which relies on KYC. KYC is a huge honeypot.
If you're putting any personal information anywhere within a centralized database,
even not a centralized database, if you're putting any personal information about yourself
online at all, it's going to become public.
Like there's like, that's why KYC is a huge mistake.
It's a huge honeypot.
It's just putting users at risk.
Centralized exchanges enable that.
And because we haven't come up with any better ulterior, like, like alternatives, we're kind of like stuck in this like old paradigm that's just inherently dangerous to
everybody that participates in it essentially. I see, I see. That makes a lot of sense.
So basically, if I wanted to pay you and I didn't use privacy pools, then you would see my address
and you could just look up my address on a block explorer and see every transaction
I've ever done previously.
And using privacy pools, you can break that linkage where you don't get to learn what
my address is.
You'll just receive a payment and you receive the payment and you learn nothing more, right?
Yeah, yeah, correct. So I mean, privacy pools, it's about private withdrawals, not like disappearing
money, you know, and, you know, alternative privacy tools in the past, you know, kind of
threw your assets into a huge pot with everybody else.
So if North Korea or DPRK or some sort of sanctioned actor
is also using that system,
you're essentially putting yourself at risk of being sanctioned
and co-mingling those assets with illicit actors,
with those of illicit actors.
So in addition to just privacy, it's also compliance. So really, it's just about making,
creating privacy for everybody that is not a terrorist or criminal or somebody that you
wouldn't want to associate with. And this is especially important from the perspective of like enterprise and business, you know?
And it's like making all of that easy to use and normal.
So nice.
Yeah.
I love it.
Can you tell me a little bit more about how the compliance works?
Like I know that there's these association set providers and can you tell me a
little bit about their role in the system?
Yeah, sure.
So the association set kind of defines which deposits are eligible for private withdraw.
And the ASP maintains that set and publishes routes.
And the contract only checks the route.
And the ASP never sees the deposit like to the withdrawal link.
So compliance kind of like lives at the boundary, not inside the privacy itself. The protocol
separates those two concerns on purpose. So like when funds are deposited, they're evaluated
against like whatever criteria the pool defines, which is kind of like the ASP.
And then deposits that meet those criteria
are then added to the association set,
which is maintained by the ASP.
And then the ASP itself publishes the root on-chain
for the currently approved set,
so everybody can prove that they're part of that set
without actually revealing who they are.
And that's what the smart contract enforces.
And the contract doesn't know identities or history or anything like that.
It only checks whether a withdraw proof references an allowed route.
So when I withdraw my zero-knowledge proof, it shows two things.
It shows that I own a valid deposit within that set.
And then that deposit is included in the approved association set.
And the proof doesn't reveal which deposit it is or where it came from or who I am.
So all we really want to do is make sure that you're not the Bybit hacker or whatever.
And you're not benefiting.
Regular users shouldn't be paying for convenience
for hackers and criminals
if they are then going to become liable in the future
for providing that.
And if a deposit becomes ineligible,
then the ASP updates the set,
and then that changes future private withdrawal eligibility without rewriting history or de-anonymizing anyone.
So compliance is pretty explicit. It's pretty narrow.
ASP controls the eligibility, and then the contract enforces all that on-chain.
The proof preserves privacy. No surveillance, there's no secret backdoor,
like constraints are invisible, privacy remains intact. So even if like, even if you're doing bad
stuff, we think like it's clearly obvious on Shane, we're not like you're still not,
we're not able to de-anonymize you. You still have the ability to pull out your funds.
There's no world where we have control or access
to your funds or your identity.
And that's all enforced by zero-knowledge proofs on-chain.
So it's privacy-preserving.
Nice, that's cool.
That's a foundation, yeah.
Yeah, yeah, that makes sense.
So maybe said another way,
basically any time that a user deposits,
the association set provider,
they're the compliance layer.
They basically give a thumbs up or a thumbs down
to any inbound funds.
Correct.
And if they give the thumbs up
after doing a compliance check,
then they are allowed to withdraw
to a different address.
Otherwise, they have to withdraw
to the same address that they deposited it from,
and then they don't get to use the anonymity set.
Correct. Yeah, they don't get a benefit from the privacy set, like the association set.
They can't withdraw to a new address. They can just pull their funds back out.
I think that sits in a really good trade-off space where it's able to build a permissionless protocol that anyone can use while also being compliant.
and some protocols are bigger fans of being you know extremely immutable and no governance
and this opens them up to give privacy to bad actors like North Korea curious you know what
are your thoughts on this yeah correct I mean um. I mean, we want privacy to kind of be ubiquitous,
but we don't want to allow it or provide it for criminals
and like North Koreans and sanctioned actors
that are doing crimes like hacking people
for their wallet balances or draining protocols.
Those folks should have benefit from privacy.
So we shouldn't really provide them for that privacy.
And it's also like keeping everybody else safe.
Yeah, I agree.
I don't understand why this is so controversial.
We don't want to be building tools that enable criminals that make our industry look bad.
The last decade of our industry has already been full of so many criminals.
We don't really need more of them.
Yeah, we don't want to be an industry of crime.
And then also another to expand on that, ultimately, at the end of the day, I am a U.S. citizen.
This is a U.S. company.
So we need to conform to the regulation that the governing body prescribes to our industry.
And while there isn't a lot of clear regulation that exists right now,
it's definitely much more clear than it's ever been.
But at the end of the day, we're optimizing to not go to prison.
So, I mean, there are people that have built privacy tools,
multiple parties and companies that are behind bars right now.
We don't want to be part of that group. And we also want to help in providing regulatory clarity with policymakers to make sure that they understand
that privacy is normal, and this is something everybody wants. And this is something that
enterprise requires. You know, there's Bank Secrecy Act.
There's a lot of regulation that comes with financial transactions.
Having everything just open and default, like by default and public on chain, just isn't optimal.
And this isn't really a way that we can scale our industry to real-world adoption that's going to allow for retail and consumer flows
to easily participate and enter or enter at all.
Totally.
Now, we're getting close to the end.
So I just wanted to swing back around about the deployment on OP Mainnet and just want to
make sure that everyone here knows how to use Privacy Pools. Zach, you mind just sharing the
name of the website so that people can go to deposit? Yeah, yeah. It's privacy pools.com.
privacy pools.com and what assets are supported?
So in general, we have, you know, ETH, USDC, USDT, we have like
Frax, we have like a bunch of bunch of different assets, lots of stable coins and ETH.
Nice, nice.
Yeah, I'm definitely going to go and deposit some,
but don't want to, you know, leak too much metadata about my deposit.
So I'm not going to say how much or when I'm going to do it.
Correct.
And another thing you can do if you want to be funny is go to the deposits,
see what somebody has deposited recently, and then deposit the same amount or deposit a large amount and then withdraw the same amount that somebody else has. So if you can just replicate the behavior
of other people in the system,
then that actually helps reinforce privacy
and make the anonymity set stronger.
For example, if somebody withdraws like 2.1 ETH
or something like that,
you can deposit that amount or withdraw that amount as well.
And it just kind of creates more noise
that makes it much harder to link
between those
who've deposited and withdrawn and vice versa. Amazing. Very cool. Yeah, I'm looking forward.
I feel like this is just the beginning of privacy pools. There's so many cool things that can be
built on top and improved. I hope that one day we can get to a place where users don't even have to think about going to a separate website to use a privacy pool.
And it's just kind of built more into the wallet.
And I heard there is this project called Kohaku that the Ethereum Foundation and Wonderland are working on.
And I heard that privacy pool is being integrated.
Is this true?
Yeah, correct.
Yeah, so Kohaku is like more of like an SDK type library
that allows people to build out,
you know, that allows wallets to build out.
Well, I think mainly the infrastructure
for just general wallets.
And part of that needs to be privacy.
So there's a bunch of different optionality to enforce privacy within whatever app you're building.
And you can leverage privacy pools kind of by default.
Nice. Yeah.
So if you're an app builder, check out Kohaku.
Consider building on it, contributing to it.
Hopefully the major wallets out there will add it,
and then we'll be able to integrate more privacy,
preserving technologies into our everyday workflows.
Yep.
Sweet.
Before we end, I wanted to give a quick recap
for anyone who joined late.
Basically, privacy matters
because fully public financial activity
can expose personal and business-sensitive information.
And that's no bueno.
Privacy pools' deployment on OP Mainnet is about making privacy more practical with better
costs than UX.
And the focus is privacy for legitimate users with guardrails intended to keep out illicit
funds.
We will share the right links from the Optimism account.
And thank you, Zach.
Thank you, Mark.
And thank you, everyone, for joining.
Yeah, thank you very much for having us.
And cheers and stay private and safe.
Let's go.
Bye-bye.
Insights
Project L
P
