Privacy Goes Legit: StarkWare and Sui Roll Out "Hide the Amount, Show the Auditor" Mode 🕵️

StarkWare and Sui introduced new privacy tools this week that let users conceal on-chain transaction data while keeping audit and disclosure pathways available to authorized parties.

StarkWare said Tuesday it launched STRK20, a privacy framework for ERC-20 tokens on Starknet that shields balances and transaction data and provides mechanisms for disclosure under specified conditions. Eli Ben-Sasson, co-founder and CEO of StarkWare, told Cointelegraph that "compliance-ready" does not mean STRK20 itself determines legal compliance or guarantees regulatory approval, and described the system as a risk-based model in which privacy is conditional rather than absolute, with screening applied at entry into the shielded pool and viewing-key-based disclosure available under lawful request.

Separately, Sui opened a public beta for confidential transfers, a feature that hides transaction amounts while allowing authorized parties to access information when required for auditing or compliance purposes.

The two launches mark a continued shift in crypto privacy away from full anonymity toward institutional-friendly designs that embed auditability directly into the protocol. The broader compliance push follows moves by other privacy-focused projects, including Zama, which said on June 2 that it would accelerate its compliance roadmap after a court-ordered freeze of about $12.5 million in USDC held in its confidential USDC wrapper; the freeze was later lifted following resolution of the underlying legal request, after which the project highlighted its disclosure mechanisms and approach to regulatory coordination for encrypted transactions.

The announcements also coincide with renewed scrutiny of Zcash, which disclosed a bug that raised concerns that counterfeit tokens could have been created undetected; Zcash developers said the vulnerability was addressed through an emergency network upgrade completed in early June, with no confirmed evidence of exploitation, though the shielded-pool design complicates efforts to fully reconstruct transaction history after such disclosures.