From surveillance DEXs to privacy theater - how Penumbra returns to cryptocurrency’s original vision through architectural elegance rather than compromise

The grand compromise we all accepted

There’s a peculiar thing that happens when you explain cryptocurrency to someone new. You start with the grand vision—digital cash, peer-to-peer, no intermediaries—and then immediately begin walking it back. “Well, actually, everyone can see all your transactions on Ethereum. Bitcoin addresses are pseudonymous, not anonymous. Your exchange knows everything. The DEX logs your trades on-chain forever.”

We’ve become so accustomed to this betrayal of the original vision that we don’t even notice the absurdity anymore. Satoshi’s whitepaper promised “electronic cash.” Cash doesn’t leave a permanent record of every coffee you bought, every political donation you made, every embarrassing purchase at 3am. Cash doesn’t let your ex-spouse’s lawyer subpoena your entire financial history. Cash doesn’t create a graph of all your social connections based on who you transact with.

But somewhere between that whitepaper and today’s reality, we collectively agreed that transparency was an acceptable compromise for decentralization. We told ourselves that pseudonymity was enough—as if using a different string of characters somehow protects you when every transaction is permanently etched into a public ledger. We built elaborate theater around privacy—fresh addresses, mixing services, bridge gymnastics—while the fundamental architecture remained a surveillance apparatus that would make any three-letter agency weep with joy.

The cope has been spectacular. “It’s transparent, but pseudonymous!” we say, ignoring that chain analysis companies are literally publicly traded on their ability to deanonymize addresses. “You can use a mixer!” we suggest, forgetting that Tornado Cash developers are in prison. “Just use a new address for each transaction!” we advise, as if graph analysis doesn’t trivially cluster addresses by transaction patterns, timing, amounts, and gas price preferences.

The compromise went deeper than just accepting transparency. We normalized it. Made it a feature. “Transparent blockchains enable accountability!” became the rallying cry, as if the problem with the existing financial system was that we couldn’t see enough of each other’s transactions. As if what dissidents in authoritarian regimes really needed was a permanent, public record of all their financial activities.

Talking about the authoritarian regimes, the European Union is moving to ban privacy-preserving cryptocurrencies by 2027. They’re not even being subtle about it anymore. The regulatory framework explicitly targets “crypto-assets that use anonymity-enhancing features.” By 2027, if you’re an EU citizen, using actual cryptocurrency (the private kind) could make you a criminal.

Penumbra was built by Tor developers and cryptographers who never forgot why we needed this technology in the first place. They didn’t compromise in privacy because they understood the stakes.

The taxation trap

Every transparent blockchain has become a tax surveillance network. The moment you stake, you’ve created a permanent audit trail. Chain analysis companies sell “staking income reports” directly to tax agencies. Your yields are timestamped, your wallet is tracked, your basis is calculated. You’re either fully compliant or you’re a criminal—there’s no middle ground.

We built these systems as alternatives to nation-state suppression, then made them more transparent than traditional banking. Your bank doesn’t publish your savings account interest to a public ledger. But your staking rewards? Those are forever etched on-chain, waiting for the inevitable knock on your door.

These “rewards” are a lie anyway—just your share of currency debasement paid back to you as income. The protocol bleeds value through inflation, then creates taxable events when you get some back. High APYs aren’t yields, they’re attack vectors. The bigger the rewards, the easier to regulate as securities. The more income distributed, the stronger the case for KYC.

The compliance ratchet only tightens. Polkadot is already discussing KYC for validators to avoid paying nominators. Think about that—identity verification just to participate in consensus. Today it’s “optional” KYC for validators. Tomorrow it’s mandatory. Next year it’s delegators too. The slippery slope isn’t a fallacy when you can watch it happening in real-time. I do not want to hear another word about protocols being permissionless.

Penumbra’s design recognizes this reality. Even better would have been their original vision—staking only prevents dilution. Non-stakers watch their balances degrade. No rewards, no income, no attack surface at all. Yet taxation to prevent taxation was seen too radical approach to land in the final protocol.

The current implementation approximates this. Delegation tokens (delUM) appreciate against the base token (UM) through an epoch-varying exchange rate—no observable balance increases, no timestamped reward events. When you delegate 100 UM and get 95 delUM, then later exchange those 95 delUM for 105 UM, there’s no on-chain “income event” to report. You’re not earning rewards; you’re just not being diluted.

The blockchain only sees aggregate delegation changes per epoch. Individual positions remain shielded. No income means no taxable events. No yields means no securities law. No payments means no KYC requirements. This isn’t tax evasion—it’s removing the entire attack surface that makes tax surveillance possible.

The architecture that actually scales

Most “scalable” blockchain today scales by making every node process every transaction. Even with parallel execution, every validator must know everyone’s complete state (with rare exceptions like Polkadot’s parachains). It’s like requiring every bank teller to memorize every account balance in the world. We call this “scaling” because we’ve gotten good at brute-forcing the computation, not because we’ve actually solved the problem.

Penumbra flips this completely. Instead of spending a decade talking about how the actor model is the endgame(hello Parity), it actually ships it. The blockchain doesn’t know your state—as it shouldn’t—only you do. The chain merely stores encrypted metadata and commitments that only you can decrypt. Each user maintains their own state locally, like having your own private database that only you can read.

The correctness of your local state is proven through zero-knowledge proofs small enough to generate on any device—even in a browser. The RPC node you communicate with? It doesn’t know the content of your transactions either. It can’t. The cryptography prevents it.

This is what an actual light client looks like: you maintain your own state, generate your own proofs, and only need to trust your own device. No broadcasting transactions to the entire network. No leaking your IP address to every peer. No trusting that bootnodes won’t log your queries. You get to choose RPC provider you trust to share your IP address with. Just you, your encrypted state, and mathematical proofs that everything is correct.

While other chains debate actor models and state sharding and cross-shard communication, Penumbra recognized the fundamental truth: the best shared state is no shared state. Make every user their own sovereign actor, and the coordination problems disappear. This isn’t just a privacy feature; it’s a scaling breakthrough. When the chain doesn’t need to track everyone’s balances, execution becomes parallel. Validators don’t need to maintain massive state databases. The global state size that actually matters—nullifiers and commitments—grows linearly, not with the complexity of everyone’s holdings. That said penumbra was built on highly scalable jellyfish merkletree with plenty of new innovation included like making it asynchronous and Tiered Commitment Tree. It’s quite safe to say that the rest of industry is going to be playing catch up for years to come in terms of technological scalability.

Generating zero-knowledge proofs for your transactions requires real computational work on the client side. This isn’t a bug; it’s emergent genius. That proof generation—taking maybe a few seconds on your device—functions as natural proof-of-work spam prevention. Want to spam the network? Sure, but you’ll need to generate valid proofs for every transaction, burning your own CPU cycles. It’s Hashcash reborn, except instead of pointless SHA256 grinding, the work produces privacy-preserving proofs that actually do something useful. Solana’s MEV-hunting transactions spammers would go out of business in no time.

No gas fees calibrated by committee. No priority queues where rich users skip ahead. Just the elegant physics of computation as a rate limiter. Though Penumbra does implement sophisticated multidimensional gas pricing—tracking block space, compact block space, verification, and execution separately—with fees payable in multiple tokens including ATOM, OSMO, USDC, and TIA.

The DEX that doesn’t watch you trade

Decentralized exchanges were supposed to eliminate trusted intermediaries. Instead, they became perfect surveillance machines. Every trade, every position, every failed transaction—immortalized on-chain with your address attached. MEV bots front-run you not because they’re psychic, but because you announce your intentions to the entire world before trading.

Markets are games of information asymmetry. On centralized exchanges, the house sees your stop losses, your limit orders, your liquidation points. They see order flow before it hits the book. FTX only collapsed because they got high on their own supply—trading customer funds instead of just trading against customers. But DEXs? We “solved” this by making everyone’s information public. We didn’t eliminate information asymmetry—we democratized it for MEV bots.

Penumbra’s ZSwap takes the radical position that maybe, just maybe, your trading activity is nobody else’s business. Instead of transparent individual trades, all swaps in each block execute as a single batch. You burn your input assets (publicly) and later claim your outputs (privately) at the clearing price. The chain knows the aggregate flow—“500,000 UM was swapped for tokens X, Y, Z this block”—but not that you specifically traded 50 UM for token X.

It’s like everyone throwing their trade orders into a black box, shaking it up, and pulling out their results. The market still functions, price discovery still happens, but without the individual attribution that makes modern DEXs a privacy nightmare. You can explore the live DEX activity at dex.penumbra.zone.

The first secret ballot onchain

Here’s something that should have been obvious from day one: if voting is public, it’s not really voting—it’s theater. Every other blockchain proudly displays how each address voted on each proposal, creating perfect conditions for bribery, coercion, and social pressure. “Transparency in governance,” they call it, missing the entire point of why real-world democracies evolved secret ballots over centuries of struggle. You might be aligned with power today, but the world changes and that permanent record might turn against you tomorrow.

Penumbra implements what no other chain has managed: actual secret ballot governance. Validators vote publicly—as they should, they’re elected representatives whose positions need to be accountable to their delegators. But delegators vote privately. The system reveals only the aggregate voting power used, not who voted or how they voted.

The irony is perfect. When MEPs voted on whether Ursula von der Leyen should become Commission President, they used a secret ballot. The EU Parliament understands that public voting creates pressure, retaliation, and horse-trading. They know that true democratic choice requires privacy. Yet this same EU is criminalizing privacy-preserving cryptocurrencies by 2027.

Think about that. The European Parliament requires secret ballots to protect MEPs from political pressure when voting on their leadership, but demands total transparency from citizens making financial transactions. They get privacy for their power struggles; you get surveillance for buying coffee. Secret ballots for me, but not for thee.

Meanwhile, Penumbra implements the exact split that makes sense: validators vote publicly (like representatives in Congress whose votes are recorded), while delegators vote privately (like citizens in a voting booth). You can vote against your validator’s position without fear of retribution. You can support controversial proposals without social consequences. You can’t be bribed to vote a certain way because you can’t prove how you voted. You can’t be coerced because there’s no way to verify compliance.

The technical implementation is elegant: Delegators prove they owned delegation tokens before the proposal started (preventing double-voting) while keeping their actual vote encrypted. Only the final tallies are decrypted. It’s not privacy theater—it’s actual plutocratic democracy, the kind proof-of-stake inherently creates. Yes, it’s weighted by wealth like all PoS systems, but at least it’s plutocracy with a secret ballot. That’s still better than plutocracy where the rich can verify how you voted and punish dissent.

We figured out centuries ago that even imperfect democracy needs secret ballots to function. Then we built blockchains and immediately threw that lesson in the trash, creating permanent records of every vote that would make the stasi jealous. Penumbra is the first to ship what should have been obvious: privacy isn’t democracy’s enemy. It’s the thing that makes democracy possible in the first place.

The economics of actually caring about users

The tokenomics tell an interesting story. With 100.3M total supply and essentially zero inflation (targeting approximately 2% annually), this isn’t another “number go up through dilution” scheme. The genesis distribution was remarkably decentralized: 16% airdrop, 25% Community Pool, 20% to the Institute for Applied Numogrammatics (supporting ecosystem development), with the rest split between contributors (12.5%), investors (17.2% with 2-3 year lockups), and the founding entities—Radiant Commons (4.5%) and Penumbra Labs (3.65%).

Notice that last number. The original developer holds less than 4% of tokens. There was no pre-mine, no insider allocation. Even the genesis validator set wasn’t pre-selected—it was chosen through community sentiment during the airdrop claims process. Every locked token has its Full Viewing Key published, making all activity transparent without compromising privacy for regular users.

But here’s where it gets interesting. Those 70.2K burned UM you can track at tokenomics.penumbra.zone? They don’t come from regular transaction fees. They come from something far more elegant: the protocol automatically capturing arbitrage profits that would normally go to MEV bots.

When trades execute in batches, price discrepancies between trading pairs create arbitrage opportunities. But instead of leaving these profits for sandwich bots to extract (as happens on every transparent DEX), Penumbra’s protocol captures this value automatically during batch execution. The arbitrage profits become protocol fees, which are then burned, removing supply permanently.

Think about what this means: the very mechanism that makes other DEXs predatory—MEV extraction—becomes a deflationary force that benefits all UM holders equally. The protocol doesn’t just prevent front-running; it takes what would be extracted value and redistributes it to everyone through supply reduction. No insider games, no complex fee structures, no MEV auctions where validators and bots split your losses—just the protocol automatically doing what’s best for users.

The uncomfortable truths

Let’s be honest about the challenges:

• Onramp problem: Getting UM requires navigating CEX → OSMO → Osmosis → Penumbra. The people who most need financial privacy are effectively locked out.

• Validator concentration: 4 validators hold over 34% delegation stake, mostly in the United States. Thanks to client-side ZK, privacy is maintained regardless, but network liveness could be compromised. All validators know how painful it might be to get the network running post upgrades.

• USDC risk: Noble could be forced to freeze assets bridged to Penumbra. The “North Korea” excuse has been deployed before.

• Price reality: Token performance has been disappointing, especially after the founder stepped back due to burnout from building under Operation Chokepoint 2.0.

• Hyperdeflation paradox: Only 0.3M new UM in year one, 70K burned. When the Liquidity Tournament ends, why would anyone LP an appreciating asset? We’ve seen this movie—liquidity evaporates, trading becomes impossible with higher levels of volatility.

But the protocol itself doesn’t care. It’s decentralized, running autonomously, processing private transactions and batch swaps regardless of token price or founder presence.

The surveillance convergence nobody wants to discuss

Transparent blockchains aren’t just surveillance-friendly—they’re perfect training data for surveillance AI. Every transaction, every DeFi position, every governance vote—immutable, indexed, ready for machine learning. Chainalysis, Elliptic, TRM Labs are selling AI tools to governments and banks. The IRS uses them for tax enforcement. The DOJ for ransomware tracing. Every transparent transaction you’ve ever made feeds models that get smarter daily.

That DeFi yield farming from 2021? Could be retroactively flagged as structuring. Those NFTs? Money laundering. The permanent record means any future regime can criminalize the past with AI doing the detective work. Meanwhile, we’re celebrating “OFAC-compliant MEV relays” as features—the same ecosystem that promised trustless systems now brags about filtering transactions based on government blacklists.

Penumbra breaks this completely. When transactions are shielded by default, there’s nothing to analyze. You can’t train models on data that doesn’t exist. You can’t retroactively criminalize what you can’t see. You can’t enforce selective censorship when you don’t know who’s transacting.

Remember Gavin Wood’s decade-old “allegality” talk? In retrospect naive techno-optimism about how blockchain systems would exist outside legal frameworks, how real-world law would have to bend to the reality of unstoppable code? Well, the law didn’t bend—it brought a sledgehammer. Turns out “code is law” only works until actual law shows up with handcuffs and asset freezes.

And now look where we are: “OFAC-compliant MEV relays” are being marketed as a feature. Read that again. The same ecosystem that promised to eliminate trusted intermediaries is now bragging about compliance with U.S. sanctions as a selling point. Institutional stakers are choosing relays based on how well they exclude transactions from the wrong addresses. We didn’t just compromise on privacy—we built the compliance directly into the consensus layer.

This is what capitulation looks like: when “censorship resistance” becomes a liability to be mitigated rather than a principle to defend. When validators proudly filter transactions based on government blacklists. When the infrastructure of “decentralized finance” bends over backwards to ensure it’s just as exclusionary as the traditional system it claimed to replace, only less efficient.

We should know by now that you can’t have allegality without proper privacy. Wood’s vision failed because transparent blockchains handed authorities a gift: perfect, immutable records of every transaction, forever. The permanent record isn’t a bug; it’s becoming the feature that governments love most. OFAC compliance isn’t the end—it’s just the beginning of how these systems will be captured.

Penumbra breaks this cycle completely. When transactions are shielded by default, when even the blockchain itself doesn’t know your balance, there’s nothing for surveillance AI to analyze. You can’t train a model on data that doesn’t exist. You can’t retroactively criminalize what you can’t see. You can’t discriminate based on patterns you can’t detect. And you can’t enforce selective censorship when you don’t know who’s transacting.

Why this matters now

We’ve spent over a decade building financial infrastructure that would horrify the cypherpunks who started this movement. We normalized surveillance, accepted front-running as inevitable, and created systems where privacy is an afterthought bolted on through increasingly complex workarounds.

The irony is crushing. We keep trying to solve scaling by adding complexity—more shards, more layers, more parallel execution—when the answer has been staring at us: don’t store everyone’s data. Let users maintain their own state and prove its validity. It’s not just more private; it’s architecturally superior.

Penumbra asks the obvious question: what if we just didn’t compromise? What if privacy wasn’t overhead but the mechanism that enables scaling? What if the computational cost of privacy wasn’t a bug but the feature that prevents spam? What if governance actually protected voters like democracies learned centuries ago?

Yes, it has problems—brutal onramps, validator concentration, disappointing price. But it’s also the only project actually building cryptocurrency as originally envisioned. In a world where the EU is literally scheduling the death of financial privacy for 2027, where every other chain is racing to add more surveillance features, Penumbra stands alone.

In a world where the EU is literally scheduling the death of financial privacy for 2027, where every other chain is racing to add more transparency features, more analytics, more integration with traditional surveillance infrastructure, Penumbra stands alone in building what we originally set out to create.

The question isn’t whether Penumbra is perfect. It’s whether we’re going to let the last real attempt at building true cryptocurrency die because the onramps are hard and the price is down. By 2027, we might not get another chance. Right now, the protocol is live, the community is building, and the original vision—private, permissionless, free—is still alive.

The clock is ticking. The choice is ours.

Disclosure: I’m supposed to tell you if I’m biased, but claiming to hold privacy tokens that will be illegal in Europe by 2027 would be rather stupid, wouldn’t it? So let’s leave it at that dystopian paradox.

edit: blood on the streets. penumbra labs shut down operations just a day after i wrote this. but here’s what everyone’s missing: this is the actual test. not whether a protocol works when its creators are around, but whether it survives when they’re not.

the infrastructure is still there. validators are still producing blocks. the protocol is still executing trades, still maintaining privacy, still running governance. network nodes like penumbra.rotko.net are providing access. the code is open source. the community owns the treasury.

the positive news: sell pressure just evaporated. yes, penumbra labs was remarkably efficient—lean team, focused development. but even efficient organizations need to pay salaries, and in crypto that means selling tokens. that constant structural pressure? gone over the coming months.

labs technical lead erwanor (announced to stay as individual contributor) just implemented pruning that drops validator storage requirements to around 10gb. think about what that means. you can run a validator on a $10/month vps now. the barrier to entry for securing the network just collapsed. with total capital of $15 you can start securing penumbra today—$10 for the server, $5 for 200 UM at current all-time lows of $0.015. that’s tenfold cheaper than what lead investors paid back in 2021 for the uncertainty and promise that such a protocol would come to exist.

this is what actual decentralization looks like—messy, uncertain, but alive. bitcoin’s creator disappeared and it thrived. that wasn’t a bug; it was the feature that proved it was real. penumbra faces the same test now.

in the coming months, we’ll see a shift. those who understood it as a company’s product will leave. those who understood it as a protocol they need will stay and build. the weak hands will fold to those who recognize what’s actually at stake here: the last serious attempt at building cryptocurrency as it was meant to be.

as long as there are cypherpunks willing to run nodes, the protocol doesn’t care about org charts or corporate structures. it keeps producing blocks. it keeps protecting privacy. it keeps running. that’s the point. that’s what we’re fighting for. and that fight isn’t over—it’s just beginning.

unfortunately no existing alternative comes even close in terms of properties and features, so the best option is to keep pushing the protocol and maintenance work forward. just as generations of cypherpunks before us did—as volunteer work, because the mission actually matters.

Comments