The Privacy Gap: Stablecoins, Payments, and the Missing Infrastructure Layer

tl;dr

• The stablecoin payment market is $390B annually, not $33T – McKinsey/Artemis found that ~1% of raw on-chain volume represents real-world payments. B2B payments ($226B, 58% of that total) grew 733% YoY and are the segment where privacy matters most. The distinction between raw volume and actual payments is the most important analytical correction in the space.
• Privacy solves one of seven enterprise adoption barriers definitively – the competitive intelligence exposure problem is real (blockchain analytics firms trace across 25+ chains with one-click tracing), but the other six barriers (accounting treatment, counterparty risk, Travel Rule, KYC, custody, ERP integration) require entirely separate infrastructure. Calling privacy “the primary blocker” is a framing choice sourced primarily from companies selling privacy solutions.
• No regulator anywhere has endorsed ZKP-based compliance, and they may never. The entire thesis that privacy infrastructure enables institutional adoption depends on regulators accepting zero-knowledge proofs as satisfying BSA, Travel Rule, and AML obligations. This has never been formally tested, endorsed, or even informally blessed. If FinCEN’s forthcoming GENIUS Act rulemaking requires plaintext transaction data, the thesis collapses in the US.
• The Railgun paradox is the hardest question the thesis must answer. Railgun is live today on existing EVM chains, has $4.5B in cumulative volume, $108M TVL, and Vitalik’s personal endorsement. If privacy is the primary blocker to enterprise adoption, why hasn’t enterprise adoption happened through Railgun? The answer reveals the limits of the privacy-as-infrastructure argument.
• The realistic addressable market for on-chain private stablecoin payments is $20-40B, not $390B. Not all payments need privacy, and of those that do, the majority can be served by off-chain transfers through custodial intermediaries (Coinbase-to-Coinbase, Circle Mint, Stripe/Bridge internal routing) that provide 100% privacy and 100% compliance without a single zero-knowledge proof. On-chain privacy protocols are competing for the cross-custodial residual – real, but an order of magnitude smaller than the headline figure.
• The regulatory risk is asymmetric and underweighted. A single high-profile illicit finance event on a privacy protocol could collapse the “privacy enables compliance” narrative overnight. The upside is gradual adoption measured in years; the downside is sudden prohibition measured in news cycles. Stablecoins already represent 84% of illicit crypto transaction volume.

Table of Contents

1. The State of Stablecoins
2. The Privacy Gap
3. The Technology Landscape
4. The Railgun Paradox
5. Regulatory Reality
6. The Enterprise Adoption Question
7. Market Opportunity – Honestly Sized
8. Strategic Questions for the Industry
9. What Would Need to Be True
10. Data Sources and Methodology

1. The State of Stablecoins

The stablecoin market in March 2026 is no longer an experiment. It is infrastructure.

The total market cap reached approximately $316B (per DefiLlama), up from $205B at the start of 2025 – a 54%+ annual growth rate. USDT holds roughly 60% market share (~$185B). USDC holds approximately 23% (~$72B per DefiLlama). The long tail is fragmenting: Tether launched USAT for US compliance, Circle IPO’d (priced at $6.9B, now trading at approximately $23B market cap after peaking near $56B in June 2025), and at least ten banks have issued or are developing stablecoins. The Qivalis consortium alone involves nine European banks from eight countries.

But the headline number that matters for this report is not the market cap. It is the transaction volume – and the gap between what is reported and what is real.

Raw on-chain stablecoin volume in 2025 was approximately $33 trillion. This number is real, verifiable, and almost entirely misleading. It includes trading, arbitrage, smart contract interactions, DeFi loops, bot activity, and liquidity cycling. McKinsey and Artemis found that approximately 1% of this raw volume – roughly $390 billion – represents actual real-world payments. This is the number that matters for anyone analyzing stablecoins as payment infrastructure rather than trading instruments.

Even the corrected $390B figure doubled from approximately $195B in 2024. Within that, the composition tells the story:

B2B is the breakout vertical. The 733% year-over-year growth from a still-modest base signals that businesses – primarily crypto-native ones, but increasingly traditional enterprises in Asia-Pacific corridors – are settling invoices, rebalancing treasury, and making cross-border payments in stablecoins. Asia-Pacific accounts for roughly $245B (60%) of stablecoin payment volume.

The infrastructure M&A confirms this is not speculative. Stripe acquired Bridge for $1.1B (closed February 2025). Mastercard agreed to acquire BVNK for up to $1.8B ($1.5B base plus $300M in earnouts; pending regulatory approval as of March 2026). These are not crypto companies buying crypto companies. These are the largest payment networks in the world acquiring stablecoin settlement rails. The strategic signal is unambiguous.

On the asset management side, BlackRock’s BUIDL fund reached approximately $18B in total fund AUM by February 2026, though only approximately $2.9B of that exists as tokenized on-chain shares (per rwa.xyz). Total tokenized US Treasuries on-chain reached approximately $8.7-9.2B. US Treasury Secretary Bessent has projected $3T in stablecoin supply by 2030. Whether that figure materializes, the directional bet from the largest institutional players is clear.

The state of stablecoins in 2026 is this: the money is real, the growth is real, the institutional interest is real. The question this report addresses is whether the infrastructure is ready – and specifically, whether the privacy gap that exists between what enterprises need and what public blockchains provide is a solvable problem or a structural limitation.

2. The Privacy Gap

The Core Observation

This is the part of the thesis that is correct, and it deserves to be stated plainly: transparent blockchains are fundamentally incompatible with institutional financial privacy expectations.

Every stablecoin transaction on a public blockchain is permanently visible to anyone. Blockchain analytics firms – Chainalysis, TRM Labs, Elliptic – can trace across 25+ chains with one-click tracing capabilities. AI-accelerated de-anonymization has destroyed practical pseudonymity. By 2025, wallet addresses are routinely linked to identities through clustering algorithms, behavioral analysis, and cross-chain correlation.

This is not a theoretical risk. Consider:

• In late 2025, leaked documents revealed cryptocurrency addresses belonging to the Central Bank of Iran, exposing what Chainalysis described as “a network of coordinated central bank laundering unprecedented in its organization and scale.” If a state actor with significant resources cannot maintain operational privacy on transparent chains, a Fortune 500 treasury team has no chance.
• Vitalik Buterin himself has used Railgun multiple times for donations – a public demonstration that even the most prominent figures in the ecosystem need transaction privacy.
• The Ethereum Foundation staked 50,000 RAIL tokens. The EF’s March 2026 CROPS Mandate (Censorship Resistance, Open-source, Privacy, Security) explicitly prioritizes privacy as a foundational property.

No CFO will accept a treasury system where competitors can see balances, vendor relationships, payment timing, and contract terms in real time. This is not philosophical opposition. It is basic commercial hygiene.

The 7 CFO/Treasurer Objections

The enterprise adoption barriers are specific and documented:

Here is where intellectual honesty requires a concession that most privacy protocol marketing decks omit: privacy definitively solves one of eight barriers. It partially addresses two more. It does nothing for the remaining five – including the insurance coverage barrier that may be the hardest gatekeeper of all.

The argument that privacy is nonetheless “the primary blocker” rests on a specific logical claim: even if you solve barriers #2-7, enterprises will not use transparent chains because of #1. Therefore, privacy is the hard prerequisite that gates everything else. This is plausible, but it is an assertion, not an empirical finding. It is equally plausible that enterprises would use transparent chains with pseudonymous addresses and operational security – as many crypto-native companies already do – if the other six barriers were removed.

The uncomfortable truth is that the “privacy as primary blocker” framing comes primarily from companies selling privacy solutions: Aleo/Toku press releases, Protocol Labs (Payy investor), Aztec marketing materials, and Payy itself. Independent enterprise surveys ranking stablecoin adoption barriers with privacy in the top two do not appear in the research literature. This does not mean the claim is wrong. It means the evidentiary basis is weaker than the confidence with which it is asserted.

The Legal Dimension

There is a legal argument for privacy that is stronger than the commercial one, though equally untested in enforcement:

• GLBA/Reg P requires financial institutions to safeguard customer financial data. A public blockchain that exposes customer transaction data to anyone who reads the chain arguably violates the Safeguards Rule.
• GDPR (EDPB Guidelines 02/2025, adopted for public consultation April 2025) confirms blockchain receives no exemption from data minimization, storage limitation, and right-to-erasure requirements.
• The Fifth Circuit’s Tornado Cash ruling (November 2024) implicitly recognized that privacy in financial transactions has legal protection.

The irony is genuine: transparent blockchains may violate existing privacy law, while privacy-preserving systems may be more compliant, not less. But “may be” is doing a lot of work in that sentence. No regulator has brought an enforcement action against a transparent blockchain for violating GLBA or GDPR. The argument is legally plausible and empirically untested.

3. The Technology Landscape

The Four Approaches

The privacy technology stack for stablecoin payments has converged around four fundamental approaches, each with distinct trust models, performance characteristics, and maturity levels.

Zero-Knowledge Proofs (ZK) are the dominant approach. The prover generates a cryptographic proof that a transaction is valid – correct balances, authorized sender, sanctions compliance – without revealing the transaction details. The verifier checks the proof without learning the underlying data. ZK is used by Payy, Aztec, Railgun, Aleo, Namada, and Penumbra.

All ZK-based privacy systems follow the same fundamental flow: a proof is generated off-chain, submitted to an on-chain verifier contract, and the verifier either accepts the state transition or rejects it. The meaningful architectural distinctions are about where the proof is generated and what chain the verifier lives on:

• Client-side proving on a privacy L2 (Payy, Aztec): The user’s device generates the ZK proof and submits it to a dedicated privacy-focused L2. The sequencer never sees plaintext transaction data. The tradeoff is computational cost on the client device, which is why mobile proving speed matters for UX. The L2’s verifier contract on Ethereum confirms validity.
• Client-side proving on existing EVM chains (Railgun): The user’s device generates the proof and submits it directly to a smart contract on Ethereum (or Arbitrum, Polygon, BNB). No separate chain required. Users build shielded balances within the Railgun contract and can interact with any EVM DeFi protocol while maintaining privacy. The tradeoff is L1 gas costs for on-chain proof verification.
• Proving service / aggregator models: A third-party service generates proofs on behalf of users, reducing client-side compute requirements but introducing a trust assumption on the proving service. Some architectures combine client-side proving with an aggregator that batches proofs for cheaper on-chain verification.

Fully Homomorphic Encryption (FHE) enables computation on encrypted data without decrypting it. Zama ($150M+ raised, $1B valuation) and Fhenix ($22M raised) are the leaders. Zama’s January 2026 sealed-bid Dutch auction demonstrated the capability: 11,103 bidders, $118.5M committed, all bid amounts encrypted on-chain. No bot sniping, gas wars, or copy trading possible. FHE is theoretically more powerful than ZK (arbitrary computation on encrypted state) but significantly more expensive computationally. It is not suitable for real-time payment settlement today.

Trusted Execution Environments (TEEs) – hardware-based privacy (Intel SGX, ARM TrustZone). This is the basis of Zaki Manian’s “Tier 1” institutional privacy framework: Tempo, Circle Arc, RCM on Solana. TEEs offer invisible, fast privacy with backdoors and hardware trust assumptions. Not self-sovereign, but palatable to compliance teams. This may be where most institutional adoption lands initially.

Multi-Party Computation (MPC) distributes computation across multiple parties. Practical for key management and threshold signatures, generally too slow for high-throughput payment settlement.

Who Is Building What

All funding figures are from verified sources. Payy’s traction metrics (100K users, $130M annualized, 120 countries) are company-reported and cannot be independently verified. Payy’s sub-0.5s mobile proving claim comes from an Aztec marketing blog post; no independent benchmark exists. Railgun’s $4.5B cumulative volume comes from community analytics and is inherently difficult to verify for a privacy protocol.

The Anonymity Set Problem

This is the structural gap that no project has adequately addressed, and it matters more than most technical discussions acknowledge.

Privacy is only as strong as the crowd you hide in. If a privacy protocol has 100,000 users, the anonymity set is at most 100,000 addresses. For a sophisticated adversary – a state-level actor, a well-resourced blockchain analytics firm – de-anonymizing transactions in a pool of that size is achievable through:

• Timing analysis: correlating when transactions enter and exit the shielded pool
• Amount correlation: matching deposit and withdrawal amounts
• Behavioral patterns: regular payment schedules, typical transaction sizes
• Cross-chain correlation: linking shielded and unshielded identities via bridging patterns

Railgun’s $108M TVL and 326 daily shields suggest an anonymity set that may be insufficient against sophisticated statistical de-anonymization. Namada’s Multi-Asset Shielded Pool is architecturally superior for privacy (all assets share one anonymity set), but adoption metrics are unclear and it is not EVM-native.

The honest conclusion: for privacy protocols to provide meaningful privacy at institutional scale, they likely need millions of active users in the shielded pool. None of the projects discussed are remotely close to this. The privacy guarantees they offer today may be performative rather than substantive against well-resourced adversaries.

The MEV and Sequencer Problem

The synthesis research did not adequately address MEV implications, and this is a significant gap.

If transactions are private at the settlement layer but ordering is determined by a public or semi-public sequencer, the sequencer itself becomes a privacy threat. For a centralized sequencer (which most L2s launch with), one entity has complete transaction visibility. For Payy’s validium rollup architecture, the question is direct: does the sequencer see plaintext transaction data before settlement? If yes, the privacy guarantee has a significant carve-out that institutional users need to understand. If no, the mechanism by which the sequencer orders transactions without seeing them needs to be specified and audited.

4. The Railgun Paradox

This is the hardest question the privacy thesis must answer, and the one most commonly avoided.

If privacy is the primary blocker to enterprise stablecoin adoption, and Railgun exists today – live, growing, on existing EVM chains, with no bridge risk, $108M TVL, $4.5B cumulative volume, “Private Proofs of Innocence” for compliance, and Vitalik Buterin’s personal endorsement – why hasn’t enterprise adoption happened through Railgun?

The absence of enterprise adoption via Railgun is not a minor footnote. It is evidence. And it points toward one of several conclusions, each of which weakens some version of the thesis:

Explanation 1: Enterprise adoption requires more than privacy. Solving barrier #1 (competitive intelligence exposure) is necessary but not sufficient. Enterprises need all seven barriers addressed simultaneously – privacy plus accounting treatment plus custody plus ERP integration plus compliance infrastructure. This is probably the most accurate explanation, but it directly undermines the “privacy is the primary blocker” framing. If privacy alone is insufficient, then privacy is a co-equal barrier alongside six others, not the gating prerequisite.

Explanation 2: Railgun’s gas costs make it unsuitable for enterprise payment volumes. On-chain proof verification on Ethereum L1 is expensive. Institutional settlement that involves hundreds or thousands of transactions per day cannot absorb L1 gas costs at scale. This is plausible and it explains why an L2 approach (Payy, Aztec) might succeed where Railgun cannot. But if the bottleneck is economics rather than privacy, the thesis should be reframed: the missing infrastructure is not privacy per se, but affordable privacy at settlement-layer throughput.

Explanation 3: Enterprises are not yet evaluating privacy solutions because they are still evaluating whether stablecoins are viable at all. They are at the “should we use stablecoins?” stage, not the “which privacy solution?” stage. This implies organizational inertia and the mundane barriers (#2, #6, #7) are the real primary blockers.

Explanation 4: Railgun’s DeFi association and the lingering Tornado Cash stigma make compliance teams uncomfortable. Even with Proofs of Innocence, the phrase “privacy protocol” triggers institutional risk aversion that no technical feature can overcome. This implies the primary blocker is regulatory comfort – not the absence of privacy technology, but the absence of regulatory permission to use it.

This report’s position: the answer is primarily a combination of Explanations 1 and 3, with Explanation 4 as a contributing factor. Enterprises are not privacy-shopping because they are not yet stablecoin-shopping at institutional scale. The seven-barrier framework is more accurate than the single-barrier framework. Privacy is a hard requirement for institutional on-chain finance, but it is one necessary condition among several, not the sufficient condition.

What this means for the market: privacy infrastructure needs to be built. But the companies building it should not expect that shipping a privacy solution triggers a wave of enterprise adoption. The adoption depends on the other six barriers being solved in parallel, and most of that work is being done by different companies (accounting firms, custody providers, ERP integrators, compliance platforms) with no coordination mechanism.

5. Regulatory Reality

What Is Settled

The GENIUS Act, signed July 18, 2025, is the first US federal stablecoin framework. It requires 1:1 reserve backing, subjects issuers to the Bank Secrecy Act, and prohibits issuers from paying yield on stablecoins. The OCC proposed implementing regulations on February 25, 2026, with final rules due by July 2026 and an effective date no later than January 2027.

The Tornado Cash legal timeline, often misreported, has two distinct events:

• November 26, 2024: The Fifth Circuit ruled in Van Loon v. Dep’t of the Treasury that immutable smart contracts cannot be sanctioned as “property” under IEEPA.
• March 21, 2025: OFAC officially delisted Tornado Cash from the SDN list.
• May 2024: Alexey Pertsev was convicted in the Netherlands for money laundering (64-month sentence) – an international dimension that is often omitted.
• August 6, 2025: Roman Storm received a mixed verdict: guilty on unlicensed money transmitting conspiracy, deadlocked on money laundering and sanctions conspiracy.

The net precedent: building privacy technology is not sanctionable. Operating a financial service without registration is prosecutable – even if you claim no operational control. The “tool vs. service” distinction is the critical legal frontier.

FATF Travel Rule adoption is at 52% (85 of 163 jurisdictions surveyed), not the 73% figure commonly cited. The 85 jurisdictions number is correct; the denominator was wrong. The MiCA Transfer of Funds Regulation, effective December 30, 2024, requires full originator and beneficiary identification for all crypto transfers with no minimum threshold – effectively prohibiting privacy-preserving transfers in the EU.

What Is Uncertain and Consequential

Whether ZKP-based compliance satisfies BSA requirements: This is the single most consequential unresolved question for the entire privacy thesis. The GENIUS Act requires BSA compliance. BSA compliance requires customer identification (CIP), suspicious activity reporting (SARs), currency transaction reports (CTRs) for transactions above $10,000, and record-keeping. On a privacy chain where underlying data is encrypted, how does the stablecoin issuer – the regulated entity – file a SAR?

A SAR requires names, addresses, account numbers, transaction amounts, and narrative descriptions of suspicious activity. If the privacy infrastructure prevents the issuer from seeing this data, the issuer cannot comply.

The response from privacy protocol teams is typically: “the issuer has a compliance key” or “the ZKP system includes regulatory access.” But this means the privacy is not end-to-end. There is a backdoor for the issuer and regulators. This is functionally the TEE/Tier 1 model (Tempo, Circle Arc) with cryptographic extra steps. If the privacy system must include a compliance backdoor to satisfy BSA, the “self-sovereign privacy” value proposition is significantly weakened. It becomes “privacy from the public and competitors, but not from the issuer or the government” – which may be exactly what institutions want, but should be described honestly.

FinCEN’s forthcoming BSA/AML rulemaking for GENIUS Act implementation: This rulemaking has not been issued. It will define the specific requirements that privacy systems must meet. If FinCEN requires plaintext originator/beneficiary data for all stablecoin transfers (as the EU’s TFR does), ZKP-based compliance is dead by definition. The ZKP proves facts about data without revealing the data. If the regulation requires revealing the data, ZKPs are irrelevant.

No regulator anywhere in the world has formally endorsed ZKP-based compliance for any financial regulation. Not “they have not rejected it.” Not “the IMF published a paper about it.” No formal acceptance. The IMF has published on it. Academic papers describe the architecture. Companies are building it. But regulatory acceptance remains theoretical.

The Prohibition Tail Risk

The regulatory risk profile is asymmetric in a way the thesis does not adequately weight.

The upside scenario is gradual: regulators accept ZKP compliance, institutions adopt privacy infrastructure, the market grows over years. The downside scenario is sudden: a high-profile illicit finance event involving a privacy protocol triggers emergency regulatory action. Stablecoins already represent 84% of illicit crypto transaction volume and 95% of inflows to sanctioned entities. The A7A5 ruble stablecoin processed over $93B in sanctions evasion in under a year. A similar event involving a privacy protocol – even one designed for compliance – would be devastating to the “privacy enables compliance” narrative.

The EU has already effectively prohibited privacy-preserving crypto transfers via MiCA’s TFR. The US could do the same. This is not hypothetical scaremongering; it is the revealed preference of the world’s second-largest economy.

The Jurisdictional Race

The regulatory landscape is uneven, and the unevenness creates both risk and opportunity:

The dominant gap across all frameworks: none explicitly address transaction-level privacy or provide a framework for privacy-preserving compliance. The window exists precisely because regulators have not yet decided. That window closes when they do.

6. The Enterprise Adoption Question

What Enterprises Actually Need

The gap between what privacy companies say enterprises need and what enterprises actually need is worth examining directly.

Privacy companies say: “Enterprises need privacy to move on-chain. We provide privacy. Therefore, enterprises will use us.”

What enterprises actually ask: “Does SAP support this? Can our treasury management system reconcile it? Will our auditors sign off? Is there FDIC-equivalent insurance on the stablecoin? Who do we call at 2 AM when a $50M settlement fails? Does our board’s D&O insurance cover this?”

The seven-barrier framework maps these concerns:

Barriers privacy solves:

• #1: Competitive intelligence exposure – definitively addressed by ZK-based confidential settlement

Barriers privacy partially addresses:

• #4: Travel Rule compliance – ZKP compliance could work, but no regulator has endorsed it
• #5: KYC on counterparty wallets – zkKYC exists in theory, not at production scale

Barriers privacy does not address at all:

• #2: Accounting treatment – FASB ASU 2023-08 helped, but cash-equivalent classification questions remain
• #3: Counterparty risk – the March 2023 USDC depeg to ~$0.87 during SVB’s collapse is institutional memory
• #6: Custody and key management – enterprise signing authority, key compromise recovery, insurance
• #7: ERP/TMS integration – SAP, Oracle, Kyriba are not designed for blockchain settlement
• #8: Insurance coverage – the silent gatekeeper discussed below

The Insurance Barrier

This may be the most underappreciated gatekeeper in the entire enterprise adoption discussion, and it is almost entirely absent from privacy protocol marketing materials.

No insurance firm in 2026 is underwriting a treasury that moves $500M through a shielded pool where the anonymity set is 326 daily shields. That is not a “pool.” It is a bathtub. Cyber/crime insurance underwriters assess risk based on their ability to trace, audit, and recover funds in the event of fraud, theft, or operational failure. A privacy-preserving settlement layer – by design – limits precisely the visibility that underwriters need to price risk.

D&O insurance is a concern, but cyber and crime insurance is the actual gatekeeper. A CFO who cannot obtain adequate cyber/crime coverage for on-chain treasury operations will not authorize those operations, regardless of how elegant the privacy architecture is. And the coverage question is not theoretical: insurers are actively tightening crypto-related underwriting following the 2024-2025 wave of bridge exploits and smart contract failures.

The privacy thesis creates a genuine paradox for insurance: the same properties that make transactions private from competitors also make them opaque to insurers. The compliance backdoor model (selective disclosure to authorized parties) could theoretically extend to insurance auditors, but no privacy protocol has demonstrated this integration, and no insurer has agreed to underwrite a privacy-preserving treasury based on ZK attestations rather than transaction-level audit access.

Until the insurance industry develops underwriting models for privacy-preserving on-chain settlement, enterprise adoption at scale has a hard ceiling that no amount of cryptographic innovation can lift. This is barrier #8, and it may be more binding than barriers #2-7 combined for large enterprises.

The Integration Reality

Barrier #7 may be the most underappreciated. Large enterprises do not adopt payment infrastructure through a CEO’s enthusiasm or a CTO’s architectural preference. They adopt it through procurement processes that require integration with existing systems. If the stablecoin payment cannot flow through the same SAP approval workflow, generate the same journal entries, and produce the same audit trail as a wire transfer, the adoption conversation ends before privacy is even discussed.

This is unglamorous infrastructure work. It is not the kind of thing that attracts venture capital or generates conference talks. But it may be the actual gating constraint.

Who Are the Actual First Customers?

Not “enterprises” in the abstract. The realistic adoption sequence:

Already happening (2024-2026):

• Crypto-native companies settling with each other (exchanges, DeFi protocols, mining operations)
• Cross-border invoice settlement in emerging markets with limited banking access
• Treasury rebalancing between entities in different jurisdictions

Near-term plausible (2026-2028):

• Mid-market companies in high-cost remittance corridors (US-Mexico, US-Philippines)
• Digital-native businesses with technical teams that can handle the integration work
• Companies specifically operating in the Aleo/Toku private payroll pipeline

Not yet plausible (2028+, if ever):

• Fortune 500 companies settling material treasury operations on-chain
• Traditional enterprises using privacy L2s for routine B2B settlement
• Card networks settling in stablecoins on privacy-preserving rails

The timeline from “crypto-native early adopters” to “traditional enterprise mainstream” is measured in years, not quarters. And it depends on all seven barriers being solved, not just one.

7. Market Opportunity – Honestly Sized

Why $390B Is Not the Addressable Market

The total stablecoin payment market is $390B. The addressable market for private stablecoin payments is some unknown fraction of that. The synthesis research never estimates this fraction, and most privacy protocol pitch decks quietly elide the distinction. This section attempts to fill that gap.

B2B payments ($226B): The synthesis claims privacy is “must-have for large enterprises.” But most B2B stablecoin payments today are between crypto-native companies that are comfortable with on-chain transparency. The portion involving traditional enterprises – where competitive intelligence exposure is a genuine concern – is unknown but likely a small fraction. If 20% of B2B stablecoin payments involve parties with a demonstrated willingness to pay for privacy, that is approximately $45B.

Cross-border remittances: The primary driver for stablecoin remittances is cost (up to 80% savings over traditional rails, against the World Bank average of 6.62%). Privacy is safety-critical in specific jurisdictions – Nigeria, Argentina, Turkey – where visible balances create physical risk. But in the major stablecoin corridors (US-Mexico, US-Philippines, US-India), senders care about speed and cost. Privacy is secondary. If 5-10% of cross-border stablecoin volume has genuine privacy requirements, that is perhaps $10-15B.

Payroll: Less than 1% of businesses use crypto for payroll. The Aleo/Toku/Paxos private stablecoin payroll solution launched in January 2026. The addressable market today is de minimis – probably under $1B.

Card settlement: Current crypto cards settle entirely in fiat through traditional Visa/Mastercard rails. The “crypto” part is the funding source only. Privacy matters only if settlement itself moves on-chain, which requires card networks to accept stablecoin settlement at scale. Visa’s USDC pilot exists but is limited in scope. The current addressable market for private card settlement is approximately zero.

RWA settlement: BUIDL’s $2.9B in tokenized on-chain shares (within an $18B total fund) is significant, and institutional RWA investors demonstrably need position privacy. But the intersection of “tokenized RWA holders” and “holders who would pay for on-chain privacy” is a subset of a subset. Perhaps $5-10B in near-term addressable value.

The Honest Estimate

The realistic addressable market for private stablecoin payments – before accounting for off-chain substitution – is in the range of $50-70B. However, the “good enough” gap discussed in Section 8 (Question #8) further compresses this: off-chain privacy through custodial intermediaries will capture the majority of the easy privacy demand, leaving on-chain privacy protocols competing for cross-custodial residual of perhaps $20-40B. The fee that private settlement can command is likely thin – basis points, not percentage points – because the alternative for most use cases is simply not transacting on-chain or routing through shared custodians. At 10-50 basis points on $30B, the fee revenue opportunity is $30-150M annually. This supports a meaningful business but not the $390B TAM narrative.

Where Privacy Is Must-Have vs. Nice-to-Have

Must-have (without privacy, the transaction simply will not move on-chain):

• Enterprise treasury management (balance visibility to competitors is a dealbreaker)
• B2B settlement above $100K between parties with competitive relationships
• Payroll (compensation confidentiality is a legal and commercial requirement)
• Institutional RWA trading (position and strategy exposure)
• Cross-border payments from/to capital-control jurisdictions (personal safety)

Nice-to-have (adoption can happen without privacy, improves with it):

• Retail consumer payments (most consumers do not understand on-chain transparency)
• Small-ticket remittances under $1,000
• DeFi interactions (power users already use Railgun)
• Card settlement (not yet on-chain)

8. Strategic Questions for the Industry

The adversarial review process surfaced ten questions that any credible analysis must answer. This section addresses each directly. Where the evidence is insufficient for a clear answer, the report says so.

1. What is the actual addressable market for private stablecoin payments?

Addressed in Section 7. The estimate is $50-70B, not $390B. The reasoning: most stablecoin payments today are between crypto-native parties comfortable with transparency. The privacy premium applies to the subset involving traditional enterprises, safety-critical corridors, and institutional asset management. The fee revenue opportunity at this volume is $60-300M annually depending on basis point capture.

2. Has any regulator anywhere formally accepted ZKP-based compliance?

No. Not for BSA. Not for Travel Rule. Not for AML. Not in any jurisdiction. The IMF has published on the concept. Academic papers describe the architecture. Companies are building implementations. Regulatory sandboxes have been proposed. But no formal acceptance exists.

The realistic pathway: a regulatory sandbox in Singapore, UAE, or Hong Kong accepts a ZKP compliance demonstration. This creates a proof point. FinCEN’s GENIUS Act rulemaking does not explicitly prohibit ZKP compliance, leaving room for interpretation. A major institution (JPMorgan, Citi) tests the framework. This sequence takes 18-36 months minimum. It is not guaranteed to happen at all.

3. Why has Railgun not triggered enterprise adoption?

Addressed in Section 4. The primary explanation is that privacy alone is insufficient – enterprises need all seven barriers solved simultaneously, and Railgun only addresses barrier #1. Secondary factors include gas economics (L1 proving costs are too high for settlement-volume throughput), organizational inertia (enterprises are evaluating stablecoins generally, not privacy solutions specifically), and Tornado Cash stigma (compliance teams associate “privacy protocol” with regulatory risk regardless of technical distinctions).

4. What happens if FinCEN requires plaintext transaction data?

If FinCEN’s GENIUS Act BSA/AML rulemaking requires plaintext originator/beneficiary data for all stablecoin transfers – as the EU’s Transfer of Funds Regulation does – the ZKP-based compliance thesis is dead in the United States. Full stop.

The question becomes: does the thesis survive in non-US markets? Potentially. Singapore, UAE, and Hong Kong have not mandated plaintext requirements. Stablecoin payment corridors through these jurisdictions (Asia-Pacific accounts for 60% of payment volume) could still benefit from privacy infrastructure. But the US market – the largest source of institutional capital and regulatory legitimacy – would be foreclosed.

This report assigns a moderate probability (25-40%) to this outcome. FinCEN has historically preferred direct data access over mathematical attestation. The BSA was designed for plaintext reporting. But the current administration is nominally pro-crypto, and the privacy advocacy community has grown more sophisticated. The outcome is genuinely uncertain, and anyone building in this space should have a non-US contingency plan.

5. What are the anonymity set sizes, and at what size does privacy become meaningful?

No project provides anonymity set analysis. This is a major structural gap across the entire space.

Rough estimates based on available metrics:

• Railgun: ~326 daily shields, $108M TVL. The active anonymity set is likely in the low thousands.
• Payy: 100K card users (self-reported), but the L2 does not exist yet. The future anonymity set depends entirely on migration rates.
• Aleo: Mainnet live, but user metrics are unclear.
• Namada: MASP design is architecturally superior, but adoption is unclear.

Against a state-level adversary with access to timing analysis, amount correlation, and cross-chain data, a meaningful anonymity set likely requires hundreds of thousands to millions of active users. Against a commercial competitor using off-the-shelf blockchain analytics, tens of thousands may suffice. No project in this space is close to the state-adversary threshold. Some may approach the commercial-adversary threshold.

6. How does compliant privacy actually work at the BSA level?

The honest answer is: it has not been demonstrated in production.

The architectural pattern described by Payy, Midnight, and Taurus involves selective disclosure: users prove regulatory attributes (not sanctioned, KYC-verified, eligible jurisdiction) via ZKP without revealing identity. Regulators can obtain targeted disclosure via judicial process. The issuer has a compliance key or attestation mechanism.

But this means the privacy guarantee includes a compliance backdoor. The issuer – Circle, Tether, or whoever issues the stablecoin – retains the ability to see or reconstruct transaction data. This is privacy from the public and competitors, not privacy from the issuer or the government. This may be exactly what institutions want. But it should be described as what it is: confidentiality with authorized access, not self-sovereign privacy.

7. What is the probability of a major illicit finance event, and what happens if it occurs?

High enough to warrant explicit planning. Stablecoins represent 84% of illicit crypto transaction volume. Illicit addresses received $154B in 2025 (162% increase from 2024). The A7A5 ruble stablecoin processed $93B in sanctions evasion. Privacy protocols are obvious targets for sophisticated illicit actors specifically because they offer confidentiality.

If a privacy protocol is used for a high-profile sanctions evasion, terrorist financing, or state-level money laundering event, the regulatory response would likely be swift and potentially indiscriminate. The “privacy enables compliance” narrative would collapse regardless of its technical merits. The comparison to Tornado Cash is instructive: OFAC sanctioned the entire protocol based on the actions of a minority of users, and it took years of litigation to reverse the sanctions.

Any project building privacy infrastructure should have an incident response plan, proactive law enforcement relationships, and a technical mechanism for demonstrating that their system’s compliance properties are genuine, not performative.

8. The “Good Enough” Gap: Off-Chain Privacy as the Silent Killer

This may be the most lethal competitive threat to on-chain privacy protocols, and it requires zero new technology.

If Coinbase and Circle simply offer “Internal Transfers” that never hit the public ledger, they provide 100% privacy and 100% compliance for their users without a single zero-knowledge proof. Coinbase already does this: a Coinbase-to-Coinbase USDC transfer is an internal database operation. It is instant, free, completely private from on-chain observers, and fully compliant because Coinbase controls the KYC, AML, and reporting on both ends. PayPal does the same for PYUSD transfers between PayPal accounts. Stripe, through Bridge, could offer the same for its merchant network.

This is the “good enough” gap that historically sinks infrastructure plays. The pattern is well-established in technology: the technically inferior but easier-to-adopt solution beats the technically superior but harder-to-adopt one. VHS beat Betamax. MP3 beat FLAC. And “off-chain privacy through centralized intermediaries” may beat “on-chain privacy through zero-knowledge proofs” – not because it is better, but because it is already deployed, already compliant, already insured, and requires no behavioral change from users.

The implications for the privacy thesis are severe:

For B2B settlement: If two enterprises both use Circle Mint or Coinbase Prime, they can settle in USDC with complete privacy from on-chain observers through internal transfers. No ZK proofs needed. No anonymity set required. No regulatory uncertainty about whether the privacy mechanism is compliant. The settlement is simply a database entry at the custodian.

For card programs: Visa’s USDC settlement pilot routes through Circle. If settlement remains within Circle’s infrastructure, it never needs to be on-chain at all. The privacy is provided by the fact that the transaction is off-chain.

For cross-border payments: Stripe/Bridge can route stablecoin transfers through internal ledgers across jurisdictions, exposing them to the blockchain only at entry/exit points. The internal routing is inherently private.

The on-chain privacy counterargument has three components, each with different strength:

1. Counterparty diversity (strong): Off-chain privacy only works when both parties use the same intermediary. Coinbase-to-Coinbase is private. Coinbase-to-Kraken is not. As the stablecoin ecosystem fragments, the probability that both parties share an intermediary decreases. On-chain privacy works regardless of counterparty.

2. Self-custody (moderate): Off-chain privacy requires trusting the intermediary with custody. Enterprises that want self-custody cannot use internal transfers. But most enterprises are comfortable with institutional custody – they already trust banks.

3. Censorship resistance (weak for enterprises): On-chain privacy preserves the ability to transact without intermediary permission. This matters philosophically and in adversarial jurisdictions, but Fortune 500 CFOs are not optimizing for censorship resistance.

The honest assessment: off-chain privacy through custodial intermediaries will capture the majority of the “easy” privacy demand. On-chain privacy protocols are competing for the residual – transactions that cross custodial boundaries, require self-custody, or operate in jurisdictions where intermediary trust is low. This residual is real but significantly smaller than the total addressable market analysis in Section 7 suggests. The $50-70B estimate should be further discounted to perhaps $20-40B to account for the off-chain privacy alternative.

9. What if Circle or Tether build native privacy?

This is an existential threat to standalone privacy infrastructure, though less immediate than the “good enough” gap above.

Circle launched confidential USDC on Aleo in December 2025. This is directional. If Circle builds privacy features into USDC itself – through ERC-7984 confidential tokens, Aleo integration, or a proprietary confidential transfer mode – the value proposition of a separate privacy layer diminishes dramatically. Circle has the issuance relationship, regulatory standing (OCC conditional charter), enterprise distribution (CCTP, Coinbase, banking integrations), and the capital.

Similarly, if Ethereum’s own privacy roadmap delivers “good enough” base-layer privacy through account abstraction with stealth addresses, ERC-7984, or privacy-preserving mempool designs, the case for a separate privacy L2 weakens. The history of Ethereum development is one of absorbing successful L2 innovations into the base layer. Privacy could follow.

The counterargument: issuers adding privacy features to existing stablecoins does not solve the full stack. A confidential USDC transfer still needs a privacy-preserving execution environment, compliance infrastructure, and integration middleware. The issuer provides the asset; the infrastructure provides the context. Both are necessary.

Whether this counterargument holds depends on how much of the stack issuers choose to build internally versus outsource. If Circle ships a complete confidential payments product (not just a token standard), standalone privacy infrastructure becomes niche.

10. What is the realistic enterprise adoption timeline?

Quarters, not narrative:

The honest timeline for meaningful enterprise adoption of privacy-preserving stablecoin infrastructure is 2-4 years, not 2-4 quarters. The critical dependency is regulatory: until at least one jurisdiction formally accepts ZKP compliance, enterprise adoption at scale cannot begin.

11. Is privacy infrastructure or feature?

This is the right question, and it has massive implications for market sizing and competitive dynamics.

The infrastructure argument (Payy, Aztec model): Privacy requires a fundamentally different execution environment – different state models, different proving systems, different data availability assumptions. You cannot bolt meaningful privacy onto a transparent chain without changing the architecture. Therefore, privacy is a platform, and the market is a platform opportunity.

The feature argument (Railgun model): Privacy can be delivered as a smart contract layer on existing chains. Users opt in to privacy when they need it, opt out when they don’t. No migration required. Therefore, privacy is a feature, and the market is a middleware opportunity.

The product argument (Aleo/Toku model): Privacy is a vertical product for specific use cases – payroll, institutional settlement, confidential stablecoins. It does not need to be a general-purpose platform. Therefore, privacy is a product, and the market is a collection of vertical SaaS opportunities.

This report’s position: privacy is currently a feature that aspires to be infrastructure. Railgun’s existence and traction demonstrate that meaningful privacy can be delivered without a new chain. But Railgun’s throughput and cost constraints demonstrate that the feature model has scaling limits. The market will likely stratify: feature-level privacy (Railgun, issuer-native confidentiality) for most use cases, infrastructure-level privacy (Payy, Aztec, Aleo) for the highest-value institutional use cases. The infrastructure play is higher stakes and higher risk. The feature play is more defensible but smaller.

9. What Would Need to Be True

The Bull Case

For private stablecoin infrastructure to become a multi-billion dollar market within 5 years, the following conditions would all need to hold:

1. At least one major jurisdiction formally accepts ZKP-based compliance as satisfying Travel Rule, BSA, or equivalent obligations (by end of 2027)
2. FinCEN does not mandate plaintext data in its GENIUS Act BSA/AML rulemaking
3. At least one privacy L2 reaches mainnet with institutional-grade security audits and meaningful throughput (by mid-2027)
4. Anonymity sets reach hundreds of thousands of active users in at least one protocol
5. ERP/TMS integration middleware exists that connects privacy-preserving settlement to SAP, Oracle, and Kyriba workflows
6. No major illicit finance event is primarily attributed to a privacy protocol in the next 24 months
7. Traditional enterprises begin settling material B2B volumes on-chain (not just crypto-native companies)
8. Cross-custodial demand materializes – enterprises need to settle with counterparties outside their custodian’s network at sufficient volume that off-chain internal transfers are not a viable substitute
9. The insurance industry develops underwriting models for privacy-preserving on-chain settlement, enabling cyber/crime coverage for institutional treasury operations through shielded pools

If all nine conditions hold, the addressable market expands from the $20-40B cross-custodial residual toward $60-100B as on-chain privacy proves its value beyond what off-chain alternatives offer. The timeline for this scenario is 2028-2030.

The Bear Case

The bear case does not require disaster. It only requires one or two conditions:

1. FinCEN mandates plaintext data for all stablecoin transfers (EU already did this)
2. Off-chain privacy captures the easy demand – Coinbase, Circle, and Stripe/Bridge route transfers through internal ledgers, providing 100% privacy and 100% compliance without any new technology. Enterprises settle through shared custodians and never hit the public chain. The on-chain privacy addressable market shrinks to cross-custodial residual.
3. Circle or Tether build sufficient native privacy into their stablecoins, making standalone privacy infrastructure redundant
4. TEE-based privacy (Tier 1) proves “good enough” for institutional compliance teams, who prefer trusted hardware with backdoors over trustless cryptography without them
5. The insurance industry refuses to underwrite privacy-preserving on-chain treasury operations, creating a hard ceiling on enterprise adoption that no cryptographic innovation can overcome
6. Organizational inertia wins – enterprises continue using traditional banking rails because the eight-barrier problem is too complex to solve in parallel
7. A major illicit finance event on a privacy protocol triggers broad regulatory backlash

In the bear case, privacy protocols remain niche DeFi tools serving crypto-native users. The addressable market stays below $10B. The winner in privacy is not a standalone protocol but an off-chain transfer within existing custodial infrastructure – the “good enough” solution that required zero new technology.

What We Are Watching

The evidence that would confirm or falsify the thesis will emerge from specific, observable events:

Confirming signals:

• A regulatory sandbox (Singapore, UAE, Hong Kong) accepts a ZKP compliance demonstration
• FinCEN’s rulemaking explicitly accommodates privacy-preserving compliance architectures
• A Fortune 500 company announces a stablecoin treasury or settlement pilot on privacy infrastructure
• Railgun or Payy anonymity sets exceed 100,000 active monthly users
• An ERP vendor (SAP, Oracle) announces stablecoin settlement integration

Falsifying signals:

• FinCEN mandates plaintext data for all stablecoin transfers
• Circle launches a comprehensive confidential USDC product that obviates standalone privacy layers
• A major privacy protocol is used in a high-profile sanctions evasion or terrorist financing event
• After 24 months, no jurisdiction has formally accepted ZKP compliance
• Enterprise stablecoin adoption grows without privacy (enterprises choose pseudonymity + operational security over cryptographic privacy)

The honest assessment as of March 2026: the evidence is genuinely mixed. The privacy gap is real. The technology is approaching readiness. The market signal from institutional M&A is strong. But the regulatory pathway is unproven, the anonymity sets are too small, and the enterprise adoption barriers extend far beyond privacy alone. The thesis is not wrong. It is incomplete. Privacy is a necessary condition for institutional on-chain finance, but it is not close to being a sufficient one. And the sufficient conditions depend on work being done by many different actors with no coordination mechanism.

The companies building privacy infrastructure are making a bet that all eight barriers will be solved in parallel, that off-chain privacy through custodial intermediaries does not capture the majority of demand first, and that the insurance industry develops models for underwriting shielded settlement. That bet may pay off. But anyone evaluating this space should understand that it is a bet against both regulatory uncertainty and the “good enough” gap – and the history of technology is not kind to the technically superior solution when a simpler alternative already exists.

10. Data Sources and Methodology

Primary Data Sources

• Market data: DefiLlama, CoinMarketCap, Arkham Research, MEXC News
• Adjusted payment volume: McKinsey/Artemis ($390B adjusted figure from ~1% of raw volume)
• Transaction volume: Bloomberg ($33T raw), Yahoo Finance (72% YoY growth)
• M&A data: CNBC (Stripe/Bridge), Mastercard IR (BVNK)
• RWA data: BlockEden, Securitize (BUIDL AUM)
• Regulatory: Congress.gov (GENIUS Act text), OCC bulletins, FDIC proposals, FATF 2025 Targeted Update, ESMA (MiCA), Fifth Circuit opinion (Van Loon v. Dep’t of the Treasury)
• Privacy technology: Project documentation (Payy, Aztec, Railgun, Aleo, Zama, Namada), GitHub repositories, whitepapers
• Illicit finance: Chainalysis 2026 Crypto Crime Report, TRM Labs 2026 Crypto Crime Report
• Remittance costs: World Bank Remittance Prices Worldwide Q3 2024 (6.62% average)
• Card infrastructure: Marqeta 10-K FY2024 ($507M net revenue), Visa corporate announcements

Audit Corrections Applied

This report incorporates corrections identified through systematic audit of four underlying research briefs:

Unverifiable Claims

The following data points appear in this report with appropriate caveats because they cannot be independently verified:

• Payy’s 100K users, $130M annualized volume, 120 countries (company-reported)
• Payy’s sub-0.5s mobile proving time (source: Aztec marketing blog, commercially interested)
• Railgun’s $4.5B cumulative volume (privacy protocol limits verification by design)
• Railgun’s 326 daily shields (community analytics)

Methodology

This report synthesizes findings from four research briefs (technology, market landscape, payments infrastructure, regulatory landscape), four systematic audits of those briefs, a consolidated synthesis document, and an adversarial review written in the tradition of red-team analysis. The adversarial review raised ten structural challenges to the thesis; each is addressed directly in Sections 4 and 8. Where data conflicts between sources, the more conservative figure is used and the discrepancy is noted. Where claims cannot be independently verified, they are flagged. Where the evidence is genuinely ambiguous, the report says so rather than forcing a conclusion.

This is analytical research, not investment advice, marketing material, or an endorsement of any specific project.

Report completed March 31, 2026.