Early Access

Close

Get exclusive early access to Rialo and stay updated on our latest developments.

Your spot on the waitlist is confirmed. We'll keep you posted with next steps and early access updates soon.
Oops! Something went wrong while submitting the form.

A Standard for Onchain Privacy Specification

Published on
December 18, 2025

Authored by: Jan Camenisch

Trust in a blockchain network is anchored in its verifiability and transparency; on-chain program execution can be validated by downloading the state and blocks (containing program inputs) and re-executing the programs locally. However, full transparency limits applicability. The industry is realizing that to broaden the range of applications, transparency and verification are insufficient—privacy must also be provided.

"Privacy" is a broad term. It can refer to private token transactions—where sender, recipient, and amount are hidden, yet the integrity of the total supply is verifiable. It can also mean complete anonymity, where no information about inputs, outputs, or computation is leaked beyond the fact that the transaction occurred. Privacy exists on a spectrum and must be defined for each application based on specific requirements, including regulatory compliance. Consequently, applications must be carefully engineered to achieve the desired privacy level across all layers: the communication layer (input/output transmission), the execution layer (business logic computation), and the application logic (data access control).

We focus exclusively on the latter, describing the Rialo privacy specification framework. This framework enables business logic implementation with customizable privacy, spanning the full range from total transparency to complete anonymity.

An application’s business logic typically comprises a set of modules and a workflow that orchestrates information flow. Upon receiving inputs, each module performs a task and generates outputs. For simplicity, we assume modules are stateless; inputs and outputs contain the state when necessary. Correctness is verified by ensuring the workflow was followed and each module was executed accurately.

The desired privacy level is achieved by specifying:

  1. Whether inputs, outputs, and state are public or private.
  2. Whether a module's code is public or private.
  3. Whether execution of a module is public or private.

On a high level, the privacy specification includes the modules, the workflow, and this designation of public versus private. When module code is private, verifiability can be maintained through third-party certification: trusted parties attest that the code performs only the intended computation without revealing the source code itself. Ideally, the system should support the submission, retrieval, and verification of such attestations.

Building an execution and orchestration environment that enforces a privacy specification is non-trivial. It requires advanced cryptographic algorithms and privacy-enhancing technologies (PETs) to protect data and computation, ensuring no information is leaked even under adversarial interference, such as workflow tampering or cross-application data feeding attacks. Rialo delivers such an execution and orchestration environment and thereby making available the resilience and verifiability to applications beyond web3.