Early Access

Close

Get exclusive early access to Rialo and stay updated on our latest developments.

Your spot on the waitlist is confirmed. We'll keep you posted with next steps and early access updates soon.
Oops! Something went wrong while submitting the form.

Rialo Provides Privacy to Blockchain

Published on
December 18, 2025

Rialo Provides Privacy to Blockchain and Unites Web3 with Web2

Authored by: Jan Camenisch

Adding privacy to decentralized systems allows Web3 to break out of its niche and find adoption beyond DeFi and memecoin casinos. Privacy is the key to enable the secure integration of Web3 with existing Web2 services and can lead us towards a future where IT masters cybersecurity.

Digital Privacy is Paramount

Today's information systems collect, process, and analyze enormous amounts of personal information. Virtually every transaction creates a data trail that, when not properly protected, can be severely abused. The sharp increase in cyber breaches demonstrates that current systems are failing to provide sufficient security. In 2025, the total cost of cyber breaches is projected to cross $10 trillion USD, yet global spending on cybersecurity will be just over $200 billion. The financial damage from cybercrime has grown far quicker than the investment in defense, and the use of AI in cyberattacks will only accelerate this disparity.

Is All Hope Lost?

The underlying reason for this dire situation is that modern IT infrastructure evolved from systems that were not originally designed with security as a core requirement. Today, computer systems are heavily interconnected, and security fixes have created a complex and costly patchwork that has become nearly impossible to manage and keep current. One could argue that the cybersecurity arms race has been lost. On the bright side, the Bitcoin network has clearly demonstrated that it is possible to build a perfectly secure system that hosts billions of dollars of value by taking a very different approach: building on a distributed cryptographic protocol that operates securely over the insecure public internet.

Modern Blockchain Networks: Progress and Limitations

Over the past decade, blockchain networks have made impressive advances on the Bitcoin model in terms of latency, computational power, and cost, and they have successfully demonstrated resilience against cyberattacks and downtime. However, beyond Decentralized Finance (DeFi), these networks have achieved limited widespread adoption. This is primarily because they operate as closed systems that cannot readily interact with the wider internet, remain complex for general users, and, critically, offer no inherent data privacy since all transactions are public. In fact, this inability to process data privately is the core technical hurdle preventing these networks from integrating with the rest of the internet (which typically requires authentication via secret API keys) and linking with standard user authentication

PETs powering Private Decentralized Computation

Privacy Enhancing Technologies (PETs), including Secure Multi-Party Computation (MPC), Fully Homomorphic Encryption (FHE), and Trusted Execution Environments (TEEs), are available to fill the privacy gap. All these methods allow for confidential data computation. While each technology has limitations, their combination is key to achieving privacy for blockchain networks. The general idea is to encrypt data under the network's public key, submit it, and enable confidential and verifiable computation on that data. We briefly discuss how these three technologies are applied and outline their respective limitations.


When employing multi-party computation (MPC) for a private on-chain computation, one would encrypt and secret-share the inputs for each of the network’s nodes. The computation is represented as a circuit and nodes would then jointly evaluate it gate by gate by running a protocol among themselves using their secret shares. After each step, the nodes each hold a secret sharing of output of the respective gate. Once the last gate is evaluated, the nodes collectively have a secret-sharing of the results. They could use that sharing as the next computation or publish them so that anyone can reconstruct the result (if the result is meant for a specific party, then the circuit can be modified so that the result is an encryption of the actual result under that party’s public key). This approach works well only if the circuit is small and shallow (has low depth), otherwise it takes too many rounds of communication. We notice that for some specific computations, such as key generation or threshold signatures, there are tailored MPC protocols that are very efficient, with some requiring as little as one round of interaction, making them an important ingredient of any secure distributed system.

Fully homomorphic encryption (FHE) is a special kind of encryption scheme that allows one to combine two ciphertexts in such that the resulting ciphertext is encryption of either the AND or the OR operation applied to the messages contained in the original ciphertexts. FHE is considered the holy grail of cryptography because given ciphertexts of the inputs, the circuit can be computed by anyone–no protocol needs to be run for that! More precisely, any one can compute an encryption of the computation’s result. To employ FHE for privacy on-chain computation, the nodes first generate a private-public key pair where the private key is secret shared between them. Then, one can provide them with encryptions of the inputs, they locally compute the circuit, and finally run a MPC for decryption to obtain the result in the clear or keep the ciphertext as input for further computations. There is a technicality we have brushed under the carpet: for all known FHE schemes, the ciphertexts "wear off" slightly with each gate of the circuit, meaning the nodes still need to run an MPC protocol to refresh the ciphertext. Unfortunately, this also means that FHE is not yet suited for generic private computation, but we might see that changed in a few years.

Trusted Execution Environments (TEEs) are shielded computing environments enabled by secure hardware and can be seen as a non-cryptographic approach to private computation. Of course, they still need cryptography otherwise, just not for computation. To receive the inputs, a TEE can generate its own public encryption key under which data to be encrypted, securely transferred to the TEE, and then confidential computation to be performed entirely within that isolated environment. To guarantee integrity, the TEE can attest to, i.e., cryptographically sign, the result of the computation and the specific program it executed to this end, thereby making the operation verifiable. Thus, a TEE essentially achieves the same as an FHE scheme without requiring any protocol other than that one needs several nodes to run TEEs and agree on the results to achieve fault tolerance.

There are other PETs that have found widespread adoption in Web3, most prominently zero-knowledge proofs and in the context we are considering here zkVMs come to mind. However, contrary to what ‘zero-knowledge’ might indicate, they are typically applied to prove succinctly that computation is correct and not to hide the computation itself and indeed zkVMs are not a solution to the problem we are considering here.  

Integrating Privacy with Blockchain


As we have seen, any of the three privacy technologies discussed can serve as the private computation core (let's call such a core Rialo Extended Execution (REX),  that brings privacy to the blockchain. Let's zoom out to see how this would work. Imagine a number of nodes that can together provide a REX. First, the nodes and the resources they provide need to be managed. Second, the different programs that are to be executed need to be verified and certified to perform a specified task. Third, the encrypted input data needs to be cryptographically routed to a computation core and the respective program loaded. Here, it is crucial that the orchestration layer ensures encrypted data is only ever used in computations originally approved by the data owner and remains protected throughout the entire process. To achieve this non-negotiable security requirement, the layer employs clever cryptography, key management, and robust re-encryption schemes. Fourth, and finally, the orchestration needs to ensure the correctness and availability of the results (e.g., by verifying attestation when an REX based on is used), then route them to their destination or store them for further computation.

The Rialo Network

At Rialo, we embrace, pioneer, and extend this approach. We have solved the cryptographic challenges of the orchestration layer and are building a privacy-preserving blockchain network. As previously argued, privacy is a key requirement for securely bridging Web3 and Web2. For instance, the Rialo network is able to obtain encrypted API keys and use them inside a REX to establish authenticated connections to Web2 services without the keys ever becoming compromised. There are, of course, other hurdles that must be overcome to truly unify Web3 and Web2, broaden on-chain use cases, and achieve adoption outside of the current Web3 sphere. These challenges include end-user usability and the ease of evolution and adaptability of decentralized protocols. At Rialo, we are actively tackling all of them. Stay tuned for updates!