Crypto's Privacy Problem: Why you don't have privacy & how Zama solves this

On this episode of The Ledger Podcast,  host Kyle O’Brien sits down with Rand Hindi, and Charles Guillemet to dive deep into privacy, fully homomorphic encryption (FHE), hardware security, and why institutional adoption is making onchain confidentiality a must-have, not a nice-to-have. 

It features a deep look at the roots of crypto’s privacy crisis—why so much of your digital life is exposed by default, and how pioneers like Zama and Ledger are working to rebuild privacy from the ground up.

“Privacy is part of freedom and if you don’t have privacy you don’t really have freedom” – Charles Guillemet

Watch the full episode below:

Key Highlights:

Cipher Punk lineage

The founders of cryptographic security often began thinking about privacy early in their careers, sometimes even as teenagers, realizing the vulnerabilities inherent in digital services. Rand Hindi, CEO of Zama, first considered privacy when building an early social network in the 90s, recognizing, “I shouldn’t be able to see this just because I’m providing a service“. 

Charles Guillemet, CTO of Ledger, was driven by the understanding that “if it’s free it’s because you are the product” when observing the data collection practices of services like Google in the late 90s and early 2000s.

For security experts, privacy is fundamentally linked to individual liberty. This ethos drives the “Cipher Punk” philosophy discussed on the podcast.

Publicly Verifiable, Not Public

The tension between transparency and privacy in the crypto space is often misunderstood. Blockchains were never designed to be public; they were designed to be publicly verifiable, which is a fundamental distinction. 

The fact that data on a public blockchain is exposed is merely an artifact and a consequence of wanting consensus in a decentralized publicly verifiable protocol. The goal of verifiability is to ensure the integrity of the consensus, not to make users’ financial states universally transparent.

Today’s pseudonymous addresses are easily deanonymized by tools like Arkham, which is insufficient for real-world adoption. Solutions for this conflict involve advanced cryptography, such as Zero-Knowledge Proofs (ZK) and Fully Homomorphic Encryption (FHE).

Security Through Simplicity: Hardware and Trust

While cryptography is math-secured, flaws in implementation are critical. A tiny error, like a TRNG reducing entropy from 256 to 32 bits, can have “dramatic consequences,” potentially allowing attackers to generate “every single seed” for user funds.

Ledger’s robust hardware security uses smart card technology to protect secrets even with physical access. This relies on minimizing the attack surface by keeping the system extremely simple and limiting its functions to the bare minimum.

In contrast, Trusted Execution Environments (TEEs) like Intel’s SGX and TDX fail because they try to achieve high security and high performance simultaneously. TEEs have proven vulnerable to low-cost attacks, making them unsuitable for securing the billions of dollars in public blockchains.

The Power of Fully Homomorphic Encryption (FHE)

Fully Homomorphic Encryption (FHE) is crucial for enabling a private layer on public blockchains because it allows computation on encrypted state while still enabling public verification of the results.

FHE has become viable due to scientific and hardware advances. The key scientific breakthrough was ‘programmable bootstrapping,’ which utilizes mathematical lookup tables (based on the Morgos Marino theorem) to allow FHE to compute complex smart contracts, moving far beyond simple additions and multiplications. 

Crucially, hardware acceleration (moving from CPU to GPU, FPGA, and ASICs) has made FHE significantly faster, turning the challenge into a “money problem” rather than a scientific one.

Institutional Demand and Programmable Privacy

“Would you show me your bank account if I didn’t know you?… why do people think it’s okay to do that on blockchain”

While consumers generally express philosophical support for privacy, they often don’t really want to bear the cost of it. However, institutional adoption is anticipated to drive confidential blockchain technology because privacy is a necessity for traditional finance.

Financial institutions are increasingly using blockchain rails because they are more efficient (faster, cheaper, 24/7), but they cannot risk making all their accounts public. It is normal for a bank to see an account for regulatory purposes, but not for the public to see it. 

The solution is programmable privacy, which allows institutions and developers to build compliance models, replicating the traditional finance model where the bank sees the account, but the competitor or neighbor does not.

The Future is Encrypted

“95% of blockchain transactions will be encrypted with Zama and FHE in the future the same way 95% of web traffic is encrypted with SSL TLS HTTPS right now”

The current excitement around privacy marks a fundamental shift in the ecosystem, potentially defining the next era of development. The integration of privacy into blockchains is compared to the adoption of HTTPS on the internet, which rapidly encrypted web traffic. When this happens, privacy will be guaranteed by default at the protocol level, and users will no longer have to worry that it is an issue.

Reading List

Learn more about these topics mentioned in the discussion, or explore our library of articles on Crypto, Security, and Privacy on Ledger Academy

• Fully Homomorphic Encryption (FHE)
• Zero-Knowledge Proofs (ZK)
• ZAMA X LEDGER