Zac Williamson, CEO of AZTEC Labs, explains why bringing privacy to Ethereum is more than a technical upgrade, but is necessary.
Zac Williamson is Aztec Labs co-founder and CEO, a Layer-2 network focused on bringing privacy to Ethereum (ETH). Before Crypto, he received his PhD in Particle Physics from Oxford and worked for CERN. In the world of blockchain, he is best known as the co-inventor of Plonk, one of the most widely used zero-k knowledge proof systems today.
In a recent conversation with crypto.news, Zack explains why privacy isn’t just respected, but why Ethereum is the core part of what it needs to grow. He talks about what the legitimate privacy of blockchain actually means, how privacy pools provide both privacy and compliance, and why Private Layer 2 can make real-world assets easier with chains.
CN: How do you define privacy in the context of a blockchain? Is it about anonymity, selective disclosure, or something completely about something else?
When I talk about blockchain privacy, I divide it into three core pillars.
First, there is user privacy. This means hiding the identity of both the sender and receiver. Next is data privacy. This is about keeping the transaction value secret. And finally, there is Code Privacy. Even logic running on-chain is hidden here.
For me, achieving all three is the holy grail of blockchain privacy. That’s the level we should aim for when we are serious about working seriously on building a true private system.
And, more generally, I think privacy in the context of blockchain is the ability to take advantage of information asymmetry on-chain. Similarly, I can run transactions that you know that you don’t know. And this is fundamentally important for many basic types of interactions in our daily lives.
For example, if you vote in an election, it is information asymmetric. I know how I voted, you don’t know how I voted.
CN: What is the biggest misconception about crypto privacy?
ZW: I think the biggest misconception about privacy and cryptography is:
a) Regarding transfer of tokens and private tokens.
b) It is now considered this completely isolated sphere.
Well, both of these are wrong and so far, they are technically immature features of privacy solutions. Privacy is not another small area of cryptography. I think all cryptography will become private in the future.
If Crypto wants to get out of that bubble and interact with more than a real-world system or just a technical early adopter, or if you want to compete on a level playing field between Web2 and Tradfi, you need to provide the same kind of privacy benefits that users normally expect.
With the technology that is trying to build the ecosystem AZTEC and others, there is this configurable concept of privacy. Like Ethereum Smart Contracts, you can define rules and logic regarding the way transactions like.
You can code your own digital assets, but unlike transparent blockchains, private data is the first class primitive. You can hide who the message and recipient is. You can perform compliance checks on people who need knowledge of confidential information, and make sure that the information remains encrypted and no one sees it.
CN: Do you think there is a moral obligation to provide private options to public blockchains, especially in an authoritarian context? If so, how should the Ethereum community define “legitimate privacy”?
ZW: Well, the main thing about blockchain, one of its core values, is that they are not allowed in neutral. Anyone can trade on the blockchain and code their own digital assets. So I don’t think it’s really my place to judge what is not a moral obligation, not a blockchain.
There is space for both public and private blockchains. However, private blockchains are more valuable and convenient. But it’s important to define legitimate privacy and I think it’s actually very easy.
As a user, I should be confident that I am not enabling bad actors, and for my participation it is not making it easier for criminals and bad actors to use the network for malicious behavior.
For example, when using Tornado Cash, bad actors are supporting bad actors as they increase the size of anonymous sets where they hide. If you are using a privacy pool, that’s not the case.
CN: How does censorship resistance fit this context?
ZW: The network itself must withstand censorship. You should not be able to censor transactions at the protocol level. However, if you are programming smart contracts on that network, you need the freedom to define what constitutes a legitimate transaction within that contract.
I think privacy is a fundamental human right and people should have the ability to personally present themselves in chains. That being said, I don’t think users have the right to interact with any application, especially if their actions violate the intentions of the developers or rules encoded in smart contracts.
CN: What do you think about the privacy pool model that enjoys support from Vitalik Buterin, as a way between full anonymity and full transparency?
ZW: I think privacy pools are a good first step. It’s one of many. When it was developed, it had to work under really intense technical constraints. The idea was how to create a private transaction technology that could tackle Ethereum today. And that means that the ZK technology they use is relatively primitive and limits what you can do with it. Yes, I think that’s a good starting point, but definitely not the ultimate goal.
What I’m chasing with Aztec is a complete programmer. Here are some examples of what I mean. In an ecosystem called Zkpassport, there are companies. Essentially, modern mobile phones have an NFC scanner, while modern passports have an NFC chip that allows you to sign digital signatures.
ZKPASSPORT has built an app that allows you to tap your passport on your phone and get a ZKP that indicates you have a valid passport. Information you want to disclose – you can choose your nationality, your date of birth, your name, whatever you decide.
The technology can be used, for example, in Defi applications that are accessible only to citizens of a particular country. Instead of manually checking your passport, the proof automatically occurs with digital signatures and ZKP. It is not permitted, it is privacy pressure and guarantees strong compliance.
Honestly, it’s much more powerful in many ways than what privacy pools currently offer. And when you get full programmability in your privacy network, you can build almost infinite variety on top of it.
You might like it too: Interview with Alchemy’s Will Hennessy: Pectra’s EIP-7702, Why Beginners Should Wait, Which Blockchain Developers Should
CN: Are there any design patterns or UX breakthroughs that are thought to be key to the mainstream private transactions?
ZW: Yes, totally. Plonk is one of the design patterns that could potentially be a UX breakthrough. However, there are many breakthroughs needed to make private transactions mainstream. The complexity of private transactions is much higher than transparent transactions, as it is not just broadcasting sensitive information to the blockchain. Everything must be built personally on the client side.
And the real question is: Who pays for the complexity? At the moment, the answer for 2025 is that application developers pay, and users pay. App developers are much more difficult to create usable applications, and users will have a difficult time too. They will have to wait longer to build proofs and the apps they use run under different privacy standards, so they may struggle to integrate with the wider Web3 ecosystem.
Within the Aztec, my general operating principles are: Ok, the complexity of private transactions is much higher – who pays? And my answer is: Crypto researchers pay by creating better ZK Tech. That’s what I did in 2019 when I created my first practical universal ZK-SNARK. Since then, it has been repeated a lot. The version of Plonk I use today is about 250 times faster than the 2019 version. This allows for more performance applications.
Next, there are language designers and touring engineers. Their job is to create programming languages that can efficiently turn programs into zero knowledge proofs. This is an intuitive and simple language to write private smart contracts. That’s what we’ve done with Noir, the programming language. Building efficient private apps without the need to be a cryptographer.
Finally, protocol engineers and blockchain designers need to deal with complexity by building a chain that burns the semantics of private state from the start. That requires a huge amount of work.
Beyond that, there is a huge amount of tools needed to help developers build attractive private applications without understanding deep and sophisticated cryptography. We are about to launch a testnet, and I am sure the complexity of developing a compelling private app has reduced by orders of magnitude because of what we have built.
CN: Do you think Ethereum should ultimately be a completely private basic layer, or do you think privacy will be provided better with an app like Aztec and an edge with Layer 2?
ZW: Privacy is more complicated and I think it would be appropriate for L2 or specialist L1 to handle it. There is a trade-off. If Ethereum was private by default, it probably wasn’t running yet. Development is difficult and increases security risks.
I think L1 will incorporate more and more privacy technologies over time. To build configurable privacy, the blockchain model must be reorganized from scratch. For existing L1, I think that’s too many questions. Because it inevitably breaks compatibility in the opposite direction with the current ecosystem. Yes, at least for now, I think privacy should stay very close to the domains on which L2S and apps are built on top.
CN: Is ZKP sufficient for privacy only, or does it also require network layer protection for mixes and private members?
ZW: Yes, everything is needed. You need a good infrastructure. Private memory is required. The whole point is to have an end-to-end encrypted blockchain. If you’re doing very sensitive transactions like something important in the real world, then no one should be able to see what I’m doing except for the apps I’m interacting with.
The only entity I need to know what I’m doing is the one that my app needs to work. For example, if I’m paying a mortgage, there shouldn’t be anyone snooping it. If I’m interacting with DAO and live in a country where such work might be disapproved, I should still be able to do it safely.
I think privacy is a human right. Blockchain-level privacy isn’t the only way to truly fulfill that. Full network layer protection is also required.
CN: Is fragmentation of ZK tools (Plonk, Starks, Snarks) strength or bottleneck for ecosystem maturation?
Very strong. ZK Tech is still relatively early in the day. There is a lot of diversity in technology and proof systems. Because it is not yet clear that it will be the best long-term solution yet. Research evolves in this field every six months.
All technology solutions come with trade-offs. Some tradeoffs are suitable for certain applications, but not for others. All you need is an experiment. Multiple routes are tested, tested and diverse ideas of whether they are successful or destroyed.
A trivial example of how early standardization can kill networks: French Minitel. France basically had an internet version in the 1980s decades ago, someone else’s. This is because the French government has established a prototype information network.
People have access to train tickets, university exam results, all kinds of services and more. But they chose awful architecture. It was highly centralized. Unlike today’s internet, where anyone can build a website, using Minitel, you had to petition the government to run the app.
So they were ahead of the curve for a few years, but they were very stagnant as they standardized the wrong architecture. For now, it’s too early to standardize everything in ZK. It takes much more experimentation and research to understand what actually stands up to the test of time.
CN: Therefore, another emerging privacy technology is completely homomorphic encryption. Where is FHE now? Do you think you could soon have the first full-fledged FHE application on the market?
Zn: It’s incredibly valuable, but it takes several more years in the oven. I recommend you listen to people who are experts in FHE and don’t put up with standing to profit financially from FHE hype for a better understanding. Too early!
The amount of calculation overhead required to do things in FHE is very heavy. So yes, I think it’s suitable for production right away, but only in very limited use cases. I think the state of FHE today is very similar to that of ZK state in 2010.
read more: “One of the Key Challenges of Our Time”: Ethereum’s Buterin seeks greater crypto privacy in AI, government risks
