What the Zama and Aztec Acquisitions Say About Onchain Privacy

Two acquisitions in eight days show privacy companies buying the layer that lets institutions in.

Within eight days in May, two of the more serious companies in onchain privacy made acquisitions that, read together, suggest something about where the field is going.

On May 20, Zama acquired TokenOps, a token-lifecycle platform that has processed more than $2 billion in distributions, to wrap fully homomorphic encryption around vesting, airdrops, and cap-table management. On May 27, Aztec Labs acquired Obsidion, the team behind ZKPassport, a zero-knowledge identity tool that proves attributes like age, nationality, and sanctions status from the cryptographic signature already embedded in a passport's NFC chip.

Two deals are not a wave, and the reflex to file this under "consolidation" should be resisted. But it's fair to say that both deals execute a move that points away from privacy as a tool of exit, and toward privacy as a tool of admission.

What each protocol bought

In each case, an infrastructure-layer protocol acquired an application-layer tool that was already proven in production and carried a useful compliance story.

ZKPassport was not a cold acquisition for Aztec. The tool had already run the nationality-and-sanctions screening for Aztec's own December 2025 token sale, and had earlier solved a Sybil problem for Aztec's testnet validator set.

The proof is generated on the device; only the requested attribute leaves it. Aztec president and co-founder Joe Andrews framed the rationale around government age-verification mandates now advancing in the UK and Australia, and around the steady drumbeat of breaches (the Identity Theft Resource Center counted 780 compromises in the first quarter of 2026 that led to nearly 140 million victim notices). The protocol and iOS app stay open-source.

Zama's purchase was similar. TokenOps had processed billions and the confidential version is already live for KAIO, the institutional real-world-asset protocol built by WebN Group and Nomura's Laser Digital, whose partners include BlackRock, Hamilton Lane, and Brevan Howard. Zama is layering FHE across the platform using the ERC-7984 confidential-token standard so that allocations, release curves, and recipient identities stay encrypted onchain yet remain auditable.

Public-by-default token operations leak strategy to traders in real time, and Zama cites research from the market maker Keyrock that 90% of token unlocks create negative price pressure. As CEO Rand Hindi put it in the acquisition announcement, in the legacy onchain world, transparency "was a bug disguised as a feature." Regulators can be granted selective access to encrypted data, in Zama's words mirroring the standards of Basel and MiFID without public exposure. TokenOps keeps operating as an independent, self-custodial brand.

Zama's FHE libraries and Aztec's Noir circuits remain open; in both deals the math was left in the commons. What each protocol paid for was a surface that helps turn a cryptographic primitive into something an institution or a regulated platform can adopt: a production track record plus a credible answer to the compliance question. Call it the admission layer.

From exit to admission

If we think back to 2021, privacy on public chains was positioned, almost universally, as a tool of exit. The dominant primitives were anonymity sets and mixers, and the vocabulary was cypherpunk. The main adversary for many was the surveilling state and the chain analyst working on its behalf. Privacy meant getting out from under observation. The political claim was that financial privacy is a right, and the engineering followed from it: maximize the anonymity set and minimize what anyone can learn.

The 2026 positioning, visible in both acquisitions, changes the adversary and the goal. The point of the technology would seem to be to let a participant who is otherwise excluded come in. Zama's confidentiality exists so that BlackRock-adjacent capital can operate on a public chain without broadcasting its book. The adversary is the front-runner and the competitor, and the regulator is explicitly invited to hold a key. ZKPassport's identity proofs allow a platform to satisfy an age or sanctions mandate without building a surveillance database. Compliance is the feature.

The cypherpunk language survives, but the revenue, the partners, and the acquisitions are institutional.

The felony orientation

The reason this reorientation deserves a curious eye is that the older settlement is being actively litigated.

Roman Storm faces a retrial that prosecutors have asked to begin in October on the deadlocked money-laundering and sanctions counts. The government's theory targets the 2021 version of onchain privacy: a non-custodial protocol that maximizes anonymity and that the developer cannot prevent bad actors from using. While that case proceeds, Zama is selling regulator-grade selective disclosure to institutional capital, and a separate Treasury rulemaking is, for the first time, mandating sanctions-compliance programs for stablecoin issuers. The same primitive of confidential value transfer on a public ledger is either a felony theory or a venture-funded compliance product depending on which orientation it is pointed in.

This is an unresolved political question. The industry has, in practice, chosen the admission orientation, because that is the orientation that can be funded, deployed, and defended in front of a regulator. The exit orientation is being settled in a courtroom on terms unfavorable to it.

Perhaps not

Perhaps privacy did not reorient at all. Perhaps the exit-oriented projects were sanctioned, prosecuted, and defunded out of existence, and the admission-oriented ones simply got the capital and the partners, so what looks like an industry changing its mind is just a selection effect changing the sample.

Is "selective disclosure for regulators" a genuinely different thing from surveillance with extra cryptographic steps? The optimistic reading is that it is the first version of financial privacy institutions can actually buy: confidentiality from competitors with a narrow, auditable, key-gated window for legitimate authority, which is more privacy than the fully transparent ledger offered anyone.

The other read is that it is the only version of privacy that will be permitted, the kind that comes with a key for someone, while the kind that comes with no key for anyone gets legislated and prosecuted into the corner Roman Storm is standing in.

For builders, every protocol that holds a primitive but not its own admission layer now faces the build-or-buy choice Aztec and Zama just made. The admission layer is what turns a clever primitive into infrastructure that institutions, regulated platforms, and cautious users are actually permitted to adopt, and this is a larger and more durable market than anonymity ever built, and plausibly the only path by which onchain privacy becomes a default. But that choice is downstream of a positioning one: which customer is the technology for?