As financial assets migrate on-chain, the inherent transparency of blockchains collides with the confidentiality demands of regulated finance. Programmable privacy, using cryptographic tools such as zero-knowledge proofs, selective disclosure and secure computation, enables compliance, auditability and confidentiality simultaneously. However, scalable tokenised finance depends not on full transparency or secrecy, but on enforceable, rules-based disclosure that aligns market integrity with regulatory oversight. Tokenised finance, where assets, rights and contracts are represented as tokens on distributed ledgers, promises faster settlement, greater accessibility and new forms of capital formation. But it also potentially creates a hard contradiction into the open ledger model: blockchains were designed to be transparent and auditable whilst many financial transactions require confidentiality for competitive, legal or privacy reasons. “Programmable privacy” is the emerging toolkit and design philosophy that lets developers encode rules about when, how and to whom data is revealed. It aims to reconcile the twin needs of confidentiality and transparency so that tokenised finance can scale without breaking compliance, fiduciary duties or market integrity. Nethermind has issued a report on using zero proof knowledge in financial markets - click here for a copy of the report.

Source: Nethermind

Essentially, finance is driven by sensitive information such as counterparty identities, contract terms, position sizes, pricing, collateral and more. Furthermore, public exposure of such details can damage competitive positions, reveal trading strategies, violate customer privacy laws or enable financial crime. At the same time, transparency is central to trust and to regulatory supervision - auditors, anti-money-laundering (AML), staff and markets benefit from verifiable records. However, tokenisation heightens both risks and opportunities. It can create a single, machine-readable provenance trail for assets (ideal for custody and audit) but that same trail, if fully public, would expose every transaction to competitors and opportunists. Hence, programmable privacy attempts to make privacy an explicit, enforceable part of token behaviour rather than an afterthought.

Several complementary technologies have been developed to enable programmable privacy and understanding their strengths and limits is crucial, such as:

· zero-knowledge proofs (ZKPs) - ZKPs let a prover convince a verifier that a statement is true without revealing any additional information beyond the truth of that statement. In tokenised finance, ZKPs can prove solvency, compliance with position limits or the validity of a transaction without revealing underlying amounts or identities. ZKPs are powerful because they keep verification on-chain while keeping sensitive data off-chain or encrypted.

· confidential transactions and homomorphic encryption - confidential transaction techniques (e.g., hiding amounts in a transaction) and homomorphic encryption allow operations on encrypted values. Homomorphic methods let computations be undertaken on ciphertexts so the results can be validated without decryption - useful for privacy-preserving analytics or risk calculations.

· secure multiparty computation (MPC) - MPC enables multiple parties to jointly compute a function over their private inputs without revealing them. For finance, MPC can power shared risk models, distributed price discovery or joint KYC checks whilst keeping raw data private.

· trusted execution environments (TEEs) - TEEs, such as secure enclaves, run code in isolated hardware to process sensitive data securely and can host private contract logic or attest to correct computation. TEEs trade cryptographic guarantees for practical performance and ease of integration but they introduce trust in hardware and supply chains.

· selective disclosure and attribute-based credentials - these schemes let a user reveal only specific attributes (e.g. “is an accredited investor”) without disclosing identity or other personal data. Combining this with on-chain verification supports permissioned actions while minimising data leakage.

· layered architecture: on-chain commitments + off-chain data - a common pattern is to publish commitments or hashes on-chain (preserving immutability and audit trails) whilst keeping the underlying data confidential off-chain. When necessary, parties reveal pre-image data to authorised auditors which gives verifiability without continuous exposure.

The reality is that every privacy technique comes with trade-offs; ensuring auditability and regulatory access is critical in privacy-preserving tokenised finance. Privacy mechanisms should not shield illicit activity; hence systems need provable, revocable disclosure such as revealing data to regulators under court order or maintaining cryptographic audit logs. Designing these access controls (including key management, warrant validation and disclosure logging) is as much about governance as it is about technology. At the same time, performance, usability and interoperability present practical challenges. Techniques such as zero-knowledge proofs and homomorphic encryption are computationally intensive whilst secure enclaves rely on trusted hardware. Privacy primitives also add complexity to wallets, custodians and integration points whereby increasing the risk of operational errors. Finally, privacy-preserving tokens must interoperate with other systems that expect transparency, so requiring careful standardisation or bridging between different privacy frameworks.

Meanwhile, practical architectural patterns are emerging to balance confidentiality and transparency in tokenised finance. Hybrid ledgers, for example, use public blockchains for immutable settlement and dispute-resolution anchors whilst keeping sensitive transaction details on private or consortium layers. Cryptographic commitments and proofs anchored to the public chain preserve auditability and finality without exposing commercially sensitive data. Access within these systems is governed by granular disclosure controls embedded at the protocol level. Token frameworks can specify who sees what data, under which conditions and for how long, with smart contracts enforcing privacy obligations such as encrypted metadata, revocable audit permissions and automatic redaction. Intensive computations are often performed off-chain using secure multiparty computation or trusted execution environments with only proofs published on-chain to reduce costs while maintaining verifiability. In regulated settings, sandboxes and permissioned bridges allow supervised experimentation, combining private networks with controlled gateways to public chains. These patterns create a mature model of tokenised finance that preserves both market integrity and regulatory confidence.

Technology alone cannot resolve the tension between privacy and transparency in tokenised finance; governance ultimately determines how cryptographic tools are applied in practice. Decisions about who controls decryption, under what circumstances information is revealed and how disputes are handled, shape whether a system earns trust from regulators, institutions and market participants. Without robust governance, even advanced privacy technologies risk over-exposure or unchecked opacity; key custody and control are central to this governance layer. Decryption authority can reside with regulated custodians, multi-signature arrangements or threshold cryptography requiring multiple parties to approve access. Such distributed management reduces single points of failure whilst supporting secure computation and shared audit models whereby ensuring lawful and auditable access without compromising confidentiality. Standardised audit and disclosure workflows further strengthen trust, defining how access requests are validated, recorded and communicated. Embedding these processes in smart contracts creates immutable trails whilst incentive mechanisms such as reputation systems, insurance and economic penalties align participant behaviour with system integrity.

Regulators now navigate a complex landscape where privacy-preserving proofs can demonstrate compliance without revealing underlying data. Forward-looking policies should recognise cryptographic proofs as valid evidence, mandate auditable mechanisms for lawful access and support interoperable standards for selective disclosure. Collaboration between industry and regulators through sandboxes and standards bodies is essential to define acceptable levels of opacity, disclosure triggers and forensic capabilities. Programmable privacy is not a single technology but a design philosophy: make privacy explicit, verifiable and enforceable by code and governance. The right blend of cryptography, secure computation and institutional controls can reconcile the blockchain’s public auditability with finance’s need for confidentiality. Achieving that balance will be a key determinant of whether tokenised finance can scale into mainstream capital markets whilst satisfying regulators, custodians and end investors. As primitives such as ZKPs and MPC continue to mature, developers and policymakers share the responsibility to design systems that are auditable without being exposed, and private without being permissive to abuse.

This article first appeared in Digital Bytes (13th of January, 2026), a weekly newsletter by Jonny Fry of Team Blockchain.