Privacy-Enabled Crypto Applications Are Coming for Enterprise, but Not Overnight

Corporate-friendly blockchain efforts face several hurdles, including scale, compute capacity and the management of data privacy.

AccessTimeIconSep 21, 2022 at 6:34 p.m. UTC
Updated May 11, 2023 at 3:37 p.m. UTC
AccessTimeIconSep 21, 2022 at 6:34 p.m. UTCUpdated May 11, 2023 at 3:37 p.m. UTCLayer 2
AccessTimeIconSep 21, 2022 at 6:34 p.m. UTCUpdated May 11, 2023 at 3:37 p.m. UTCLayer 2

My single biggest strategic goal is to build out and industrialize secure, private business applications that run on public blockchains, and the team at EY has been making steady progress for the last five years.

Our zero-knowledge proof Nightfall technology is coming on-stream and the first applications that enable it are not far behind.

Despite this enormous progress, it’s important to temper expectations because enterprise systems behave very differently from consumer products. Buyers operate with different reasoning and have different metrics and standards for success. There are five challenges I see in the industrializing and scaling process ahead.

Paul Brody is EY's global blockchain leader and a CoinDesk columnist.

The most important one is simply that enterprise sales and adoption cycles are relatively slow. No, your corporate client isn’t going to click OK, give you access to their address book and let you DM all their suppliers!

Enterprise software cycles often take about six months for the selling, another two to three months for initial implementation and often another 12-18 months to scale the rollout. It’s not uncommon for major enterprise implementations to take up to two years from start to finish.

It takes a bit longer to go through the product engineering process as well. One of the biggest challenges I foresee is the fine-grained management of data privacy as companies start to bring their business ecosystems onto Ethereum. If you’re moving a supply chain, who gets to see what? Should the manufacturer be allowed to see details on every supplier back in the chain routinely, or only in an emergency?

Sometimes suppliers have their own proprietary relationships with suppliers that they don’t want to disclose. The more complicated the rules that buyers and suppliers want to impose, the tougher it will be to design information infrastructure to handle these complexities.

We anticipate a blend of on-chain and off-chain, mutable and immutable data going into this process. Designing the details, prototyping, testing and then scaling these solutions will take time.

Another critical hurdle we face is that on-chain privacy systems are not yet complete. Nightfall gives us the ability to move fungible and non-fungible tokens (NFT) around under privacy.

The engineering roadmap for Nightfall alone is substantial. We have already developed tools for verifying identities and tracking stolen NFTs (and insuring, canceling and replacing them, all under privacy), but they are yet to be fully implemented in the production version.

Nightfall just covers moving tokens. It unlocks several business cases like inventory management but it doesn’t support complex business logic. For that, new tools are under development that will allow us to compile standard solidity contracts into zero knowledge circuits.

Once we can build complex business logic like volume discounts and rebates, we can start to implement typical enterprise business agreements in procurement, for example. Then it will be possible to not only capture the movement of assets but also the smart contracts that govern ordering and payment as well.

Even once it is possible to handle both logic and transfers under privacy, constraints will remain. The biggest one we foresee is that privacy systems “leak” data. Transferring assets into and out of a privacy layer, for example, leaves a trail.

Do this enough times or in the absence of other parties doing similar transactions and it starts to become possible to make educated guesses about who is doing what on-chain.

Finally, there is the matter of scale and compute capacity. Some of our largest enterprise clients are contemplating supply chain networks that will generate around two million transactions a day. At a transaction cost of 1 cent, that adds up to $20,000 per day in gas fees, which is about $7 million a year. This is not sustainable with all of the other expenses enterprises face. Given the volumes involved for larger enterprises, transaction costs must come down another order of magnitude at least.

For prices far below 1 cent per transaction, this implies a technical solution that looks like a layer 3 network handling most of the supply chain transfers. Keep in mind that as you bring on a whole network or industry, the total transaction volumes might be as much as 100 million a day.

As whole industries embrace blockchains for supply chain operations, the volumes and scaling will start looking like consumer payments volumes on credit card networks. In other words, very big.

Solvable problems

Every single one of these problems is solvable – and there are already solutions on paper or in test for each one. Of course, they will not all work on the first try and some of them will prove to be impractical. I believe all these issues will be solved over the next two to three years.

As we get more direct experience and comfort operating with privacy-based solutions, the pace at which solutions are developed will start to accelerate.

As with all big industry transformations, there is a kind of relativity theory of time involved. For those who are not following the space, they will be stunned by how quickly solutions mature and emerge. For those of us knee-deep in the design work, it will feel like several lifetimes.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Paul Brody

Paul Brody is Global Blockchain Leader for EY (Ernst & Young). Under his leadership, EY is established a global presence in the blockchain space with a particular focus on public blockchains, assurance, and business application development in the Ethereum ecosystem.