Privacy and Public Transparency: Can a DEX Provide Both?

DEX traders live in a strange world of transparency via publicly distributed ledgers and the desire for privacy to protect from exploitation


Maria Vonotna/Shutterstock modified by Blockworks


When it comes to personal cryptocurrency investments, privacy should rank pretty highly on the priority list of traders. 

That’s typically especially the case for decentralized exchange — or DEX — users who don’t want to be the victims of frontrunning or other sorts of nefarious tactics that eke out value from their order flow over time.

Setting aside the moral principles of privacy, the practical side of the equation is certainly important. 

A lack of built-in privacy mechanisms has resulted in significant losses to DEX users over recent months, especially when it comes to traders falling victim to MEV attacks.

DEX traders live in a strange world, stuck somewhere between the transparency of distributed ledgers and the desire for privacy to guard against related potential exploits. 

The founder of Penumbra Labs, Henry de Valence, spoke to Blockworks about the dichotomy between the public and private side of things on the Bell Curve podcast on Tuesday. 

Building a privacy-focused DEX in the Cosmos ecosystem, de Valence says that Penumbra “looks quite different” than other chains. 

“It has this extra dimension of which data is private and which data isn’t.”

“What does it mean to build a private DEX?” de Valence asks. “Does that mean, make literally everything private, run everything inside of Snarks, don’t disclose anything at any time to anyone? No, because it turns out, that’s not actually useful.”

The reason any blockchain is useful, he says, is because of its shared public state. For example, the reason Ethereum is so useful, he says, is because “it has this accumulated mass of users and state that can all be interacted with.”

The same privacy story as TradFi

The challenge then, de Valence says, is determining how to manage interactions between the public shared state and the private per-user state. The goal is to replicate “the same privacy story as TradFi or traditional finance, “where somebody can’t log on to my brokerage account.” 

The fact that, unlike traditional finance, it’s entirely possible in DeFi to build a dashboard that publicly discloses personal information like profit and loss performance is “insane,” de Valence says. 

One of the challenges of maintaining the benefits of DeFi, like real-time transparency of the system, is “how do you keep that for the aggregate pieces but retain privacy for each individual user’s contribution to that overall shared state?”

Penumbra’s architecture, de Valence says, has “a pretty explicit segmentation” between the public aggregate state and the private per-user state.

The DEX runs on a “frequent batch auction-style model,” de Valence explains, for interactions between the public and private state. 

“It’s a lot easier if you do that as part of a batch,” he says. “The way that you achieve privacy on a blockchain is by moving all of the execution off-chain, onto the end user device and having them submit like, ‘Here’s a proof of this new state that I’ve constructed.’”

This results in an asynchronous model, de Valence says, whereby the swap exists in a sort of frozen state, after which the chain figures out the execution price to resume the computation.

“Once you’re in that kind of async model, it’s just much easier to think about it in a batched way.” 

Future possibilities for on-chain privacy

De Valence talks about future possibilities for improving privacy with “flow encryption,” which, he says, is a way to encrypt parts of a transaction while interacting with the public state.

“Like, I want to make a trade, right? 

Flow encryption, de Valence explains, allows for “sorts of flows of value between different parts of the system.”

“Here’s value that’s flowing into a batch swap or here’s value that’s flowing into delegations to some validator or so on,” he says. “We want to be able to have the system see only the aggregate, but not be able to see any individual user’s contribution to that flow.”

A trader can prepare an encrypted contribution to a batch swap in a transaction. “Once all of those transactions get included in a block, the validators can sum up all of the encrypted contributions of everybody’s batch swaps, and then decrypt only the batch total.”

Everyone in the same batch enjoys “much stronger long-term privacy, because the only data that’s publicly revealed is the aggregate of all of our user intent.”

In this manner, de Valence says, the service provides “private coordination between all the users of the system without even them having to interact with each other.”

Privacy limitations on Ethereum

On Ethereum as opposed to Cosmos, de Valence explains, privacy mechanics described as ‘threshold encryption’ allow for a transaction’s contents and effects to be concealed up until the point where it’s included in a block. “And then at that point, you decrypt it and the whole system can see exactly what the transaction does in order to execute it.”

“And so as a user, that threshold encryption is not giving you any long-term privacy. It’s only giving you privacy up until the point that your transaction is included in a block.”

On Penumbra, de Valence points out that the amount any malicious actor can learn by illicitly decrypting transactions is much less. “You don’t get to learn like, ‘Hey, here’s exactly this particular account that’s doing stuff.’ You don’t get to see any other details other than like, this is the contribution.”

De Valence says current MEV exploits, such as rearranging blocks to exploit excess information disclosure, are “just the tip of the iceberg of possible kinds of adversarial behavior that you could do on-chain.”

“If I can see your entire history of your trading strategy, I can probably get a lot of information to use against you.”

Don’t miss the next big story – join our free daily newsletter.


Upcoming Events

Hilton Metropole | 225 Edgware Rd, London

Mon - Wed, March 18 - 20, 2024

Crypto’s premier institutional conference returns to London in March 2024. The DAS: London Experience: Attend expert-led panel discussions and fireside chats Hear the latest developments regarding the crypto and digital asset regulatory environment directly from policymakers and experts.

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Research report - cover graphics (1).jpg


In this report, we dive into crypto private market data to gather insights on where the future of the industry is headed. Despite a notable downturn in private raises, capital continues to infuse promising projects that aim to transform payments, banking, consumer experiences, community, and more, with 2023 being the fourth-largest year for crypto venture capital.


BUZZ holds shares of Coinbase, Robinhood and MicroStrategy


Opinion: Even though I didn’t pay for my “Diamond Hands” burger with BTC, don’t let that fool you into thinking that crypto’s development is futile


The results mark “a major positive inflection point,” one analyst says, as the exchange carries net income momentum into a crypto rally


While the slate of 10 US spot bitcoin funds have tallied $4.6 billion of net inflows thus far, half of the field is lagging the leaders


Trading volumes totalled $154 billion in Q4, including $125 billion in institutional volume


DeFi on Bitcoin is all the rage right now and Stacks is positioned to benefit