All articles
solanaprivacycomparisonzkmpctee

What hides what: Solana privacy solutions in one table

Confidential Transfers, Arcium, MagicBlock, Privacy Cash, and Umbra all claim 'privacy' — but each hides a different thing and trusts a different party. One comparison matrix: amounts, participants, general compute, and the trust model behind each.

Share
devrels.xyz/a/139short link

Five Solana projects will tell you they do "privacy." All five are telling the truth — about different things. One hides how much you sent but not to whom. Two hide everything but ask you to trust either a committee or a chip. Two break the sender–receiver link but can't compute on what they hide. If you pick by vibes, you'll ship the wrong one. So here's the whole landscape in one table.

Comparison matrix: Confidential Transfers hide amounts only (native protocol trust); Arcium hides amounts and participants with general compute (MPC); MagicBlock the same via TEE; Privacy Cash hides amounts and participants without compute (ZK pool); Umbra the same (MPC).

Reading the matrix

Two axes matter, and neither is "how private is it?":

  • What gets hidden. Amounts, participants, and computation are three separate problems. Hiding an amount is a cryptographic trick on one field of a transaction. Hiding participants means breaking the on-chain link between sender and receiver — a graph problem. Hiding computation means running arbitrary logic on data nobody can read — a different discipline entirely.
  • Whom you trust. "Native protocol" means only the Solana runtime and audited on-chain programs. "MPC" means an honest majority of a node committee. "TEE" means the silicon vendor and their attestation chain. "ZK pool" means math plus the size of the anonymity set you're hiding in.

Confidential Transfers — amounts only, nothing extra to trust

The Token-2022 confidential transfer extension encrypts token amounts with twisted ElGamal and proves correctness with zero-knowledge proofs — natively, in the token program. Who paid whom is fully public; how much is not. Per-mint auditor keys give built-in selective disclosure, which is why this is the compliance-friendliest row in the table. The honest caveat: the ZK proof program was famously disabled in mid-2025 after soundness bugs, and the saga is a reminder that "native" doesn't mean "finished."

Arcium — hide everything, trust the committee

Arcium (the same team as the shut-down Elusiv, rebuilt as general-purpose confidential compute) splits secrets across a network of Arx nodes via multiparty computation — no single party ever holds plaintext. That buys the greenest column in the matrix: arbitrary compute on hidden data. Private order matching, sealed-bid auctions, confidential AI inference. The trust model is honest-majority non-collusion: the system is private for as long as a quorum of operators doesn't conspire. No special hardware, but not trustless either.

MagicBlock — hide everything, trust the chip

MagicBlock gets the same three dots a different way: Private Ephemeral Rollups running inside Intel TDX enclaves. Everything that happens inside the rollup — balances, participants, logic — is invisible to the outside, and the enclave emits a signed attestation of exactly what code ran. It's the fastest and most general option (these are the same ephemeral rollups doing 10ms blocks for games), but the trust anchor is the silicon vendor. If you're not comfortable with "Intel says so," this row isn't for you — our TEE deep-dive covers the attestation chain and its failure modes.

Privacy Cash — the pure ZK pool

Privacy Cash is the classic shielded-pool design: deposit into a common pool, withdraw to a fresh address, with a ZK proof breaking the link. Amounts and participants both hidden; no general compute — it moves value privately, full stop. It's the most-used row by volume ($400M+ processed, with Jupiter-routed private swaps), and the one under the most regulatory scrutiny, because pool privacy is only as good as its anonymity set and only as legal as its compliance posture. Post-Tornado-Cash, that posture is the existential question for this whole category.

Umbra — a shielded pool with MPC underneath

Umbra looks like Privacy Cash from the user's side — shielded SOL/SPL balances, private transfers, note commitments and nullifiers — but it's built on Arcium's MPC rails, which is why its trust-model cell says MPC rather than ZK pool. The design leans hard into compliance: a viewing-key hierarchy lets an owner grant an auditor read access (but not spend access) to their notes. Private payroll with auditable books is the canonical use case.

How to choose

  • Hide a payment amount, stay native, keep auditors happy: Confidential Transfers.
  • Compute on data nobody should see (matching, auctions, AI): Arcium if you prefer cryptographic trust, MagicBlock if you want raw speed and accept hardware trust.
  • Break the sender–receiver link: a shielded pool — Privacy Cash for the biggest anonymity set today, Umbra if selective disclosure is a requirement rather than a nice-to-have.

The honest read

Every row in this table leaks something. Confidential Transfers leak the transaction graph. The pools leak deposit and withdrawal timing, and their privacy degrades when anonymity sets are thin — which, on Solana in 2026, they still are. MPC adds a collusion assumption; TEEs add a vendor. The maturation of Solana privacy isn't that someone finally hid everything — it's that the ecosystem stopped pretending one tool could, and started shipping purpose-built ones with selective disclosure as the default. Pick the row that hides your thing, and know exactly whom you're trusting when you do.

Resources

Keep reading

Get new articles in your inbox

Technical deep-dives on Solana tooling, infrastructure, and ecosystem. No noise.

What hides what: Solana privacy solutions in one table | devrels.xyz