Privacy Pools: Towards Practical Privacy & Compliance with Smart Contracts

By Arhat | Decrypting Crypto | 7 Sep 2023

Yesterday, Ameen Soleimani shared a new privacy paper exploring the concept of Privacy Pools, a novel smart contract-based privacy-enhancing protocol.


Imagine a scenario where you prove that you've paid your taxes w/o revealing your exact income. Instead, you present a range ($130k - $150k).

Just one of the use cases of Privacy Pools.

At its core, Privacy Pools try to solve a big dilemma: How do you keep your transactions private, but still show the world you're following the rules?

The key difference is allowing users to specify a set of deposits they claim their withdrawal could be associated with.

Read the entire deep dive here:

This is how I believe privacy pools work.


zkSNARKs play a crucial role in enabling privacy pools:

In Tornado Cash, when making a withdrawal, users submit a zk-proof that shows:

  • They are spending a valid coin that exists in the system
  • The coin has not already been spent
  • This proves the withdrawal is linked to some previous deposit without revealing the specific deposit.

The core idea in Privacy Pools is to make this more selective and flexible. Instead of proving linkage to the set of all possible previous deposits:

  • Users specify a subset of deposits they want to claim the withdrawal is associated with.
  • They then prove membership in this more restrictive set, not the full set of deposits.

For example:

  • The association set could be "all deposits from users located in India"
  • Or "all deposits from trusted exchanges"
  • Or "all deposits except those flagged as risky"

What's the difference between Tornado Cash & Privacy Pools?

  • Tornado Cash uses a universal anonymity set-- all deposits and withdrawals are mixed together in one pool.
  • Privacy Pools uses a customizable anonymity set-- users can choose which deposits and withdrawals they want to mix with based on their preferences and needs.

Read the detailed deep dive on Privacy Pools here:

So, What exactly are Association Sets?

  • These are a set of deposits that a user claims their withdrawal could be associated with.
  • The user proves their withdrawal is associated with some deposit in the set without revealing which one.

There are two main strategies for constructing Associated Sets

This aspect of Privacy Pools lets users prove their membership in an associated set without revealing their specific deposit information using zk-proofs

Now, Privacy Pool protocols are very flexible and can be customized to suit a large variety of use cases by creating specific association sets, such as:

But, in practice, users will not be manually picking and choosing deposits to include in their association set.

It would be infeasible for users to examine all deposits manually and selectively pick which ones to include in their association set.

Instead, users will subscribe to ASPs that generate sets programmatically based on specific rules and criteria.

The ASP becomes an intermediary that abstracts away the set building complexity.

Read the detailed deep dive on Privacy Pools here:


So, think of Privacy Pools as the perfect blend of keeping things private while still playing by the rules on public blockchains.

(for noobs) It's like they've taken some really smart crypto tech and combined it with practical design to give users an awesome experience. You get to keep your business to yourself and still show that you're on the right side of the law.

And as more people jump on the blockchain bandwagon, Privacy Pools is set to play a big role in making sure everything's safe, private, and above board for everyone involved. Cool, right?

Share your thoughts on this below.


Thank you for reading, and follow me here and on Twitter for more regular post updates. 

You can connect with me directly on at 0xArhat.

Please join my telegram channel for frequent daily updates:

If you find my work resourceful, please consider donating to 0x1de17b6c736bcd00895655a177535c2a33c6feba (Ethereum/Optimism/Arbitrum/BSC chain).

Also, buy my keys at by searching for 0xArhat

I’d also appreciate it if you shared this with your friends, who would enjoy reading this.

You can find my other research & investment thesis here:

Thank you.

How do you rate this article?



Founder 3z3 Labs. Ordinary thinker. I write about web3 use cases, hacks and deep dives.

Decrypting Crypto
Decrypting Crypto

Here I decrypt crypto topics, trends and tech.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.