The digital economy has ushered in a new era where data is a critical production asset. Balancing data privacy, security, and value extraction—while building trust for effective data sharing—is essential to enhancing national competitiveness in this evolving landscape. The Digital Currency Research Institute of the People's Bank of China (hereafter "the Institute") has positioned blockchain technology as a key breakthrough for technological self-reliance. By advancing blockchain standardization and innovation tailored to real-world financial needs, the Institute has made significant progress in blockchain-based financial privacy protection. This work earned the 2020 Financial Technology Development Award (Second Prize), contributing meaningfully to strengthening privacy safeguards in the digital age.
Building a New Frontier for the Digital Economy
As the digital economy accelerates, demands for robust privacy protection grow stronger. Countries worldwide are enacting comprehensive data privacy regulations. In China, the Data Security Law and the Personal Information Protection Law were passed in 2021, establishing a legal foundation for data and individual privacy protection. At the same time, public awareness and concern about personal data security continue to rise.
The State Council’s 14th Five-Year Plan for Digital Economic Development, released on January 12, 2022, highlights blockchain technology as a “strategic and forward-looking field” across multiple sections, including digital industrialization, governance, and international cooperation. Blockchain is now recognized as a foundational technology for the digital economy. However, privacy and security remain persistent challenges in blockchain systems.
When data is shared directly on a public blockchain, transaction details—such as identities, amounts, and contract terms—can become visible to all participants, risking exposure of sensitive financial and personal information. Additionally, because blockchain data is distributed across nodes with varying security capabilities, compromised nodes can lead to data breaches. In practice, this creates a tension between data sharing and privacy protection.
For example:
- In everyday transactions, systems must protect user privacy while still detecting suspicious or high-value illicit activities.
- In trade finance, institutions need to verify invoices, customs data, and transaction backgrounds but face obstacles in securely sharing such information.
- In cross-border settlements, data must be encrypted yet still reportable to relevant regulators based on currency and jurisdiction.
To address these challenges, the Institute conducted extensive research and identified three core privacy requirements:
- On-chain data privacy protection
- Off-chain data privacy protection
- Access control and authorization management
Based on these needs, the Institute developed an integrated blockchain-based financial privacy protection solution—offering new tools and frameworks for secure digital financial services.
👉 Discover how secure blockchain solutions are shaping the future of finance.
Innovative Technologies for Privacy-Centric Financial Systems
Leveraging cutting-edge cryptographic and distributed computing techniques—including homomorphic encryption, zero-knowledge proofs, trusted execution environments (TEE), secure multi-party computation (SMPC), and decentralized identity—the Institute has developed a comprehensive suite of privacy-preserving solutions. These address on-chain and off-chain scenarios while ensuring fine-grained access control.
1. Verifiable Data Integrity Without Compromising Privacy
One of the most pressing issues in data collaboration is verifying authenticity without exposing raw data. To solve this, the Institute designed a secure data integration and cross-validation framework based on secure multi-party computation (SMPC).
This system functions as a secure data bus platform that allows blockchain participants to initiate and conduct verification locally—without transferring sensitive data beyond their own network. Key features include:
- Heterogeneous Data Integration: The platform supports seamless aggregation of diverse data types from multiple sources through a distributed architecture, reducing integration complexity.
- Off-Chain Verification: Validation occurs locally within each participant’s environment, minimizing exposure.
- Plug-and-Play Verification Algorithms: The system supports both basic and advanced verification logic through modular design, enabling adaptability across use cases.
This approach ensures that data remains private while still enabling trust through verifiable outcomes.
2. User-Centric Access Control via Decentralized Identity
Traditional systems often centralize control over user data, creating silos and increasing breach risks. The Institute introduced a permission-based decentralized identity model built on blockchain, shifting data authority from institutions to individuals.
Under this framework:
- Users control who accesses their data and under what conditions.
- Digital identities are based on Decentralized Identifiers (DID), ensuring uniqueness and trustworthiness.
- By integrating zero-knowledge proofs, users can prove claims (e.g., age or creditworthiness) without revealing underlying data—achieving “data usability without visibility.”
- Regulatory oversight is preserved: identity issuance requires authorization from supervisory bodies, enabling real-time monitoring of on-chain activities.
This model resolves issues of data fragmentation, redundancy, and privacy violations while maintaining compliance.
👉 Explore how next-generation identity systems empower user control over personal data.
3. Efficient and Secure Computation with Homomorphic Encryption and TEEs
Traditional encryption requires decryption before processing—exposing data at runtime. To overcome this limitation, the solution employs homomorphic encryption, allowing computations on encrypted data without decryption. This enables confidential computing where sensitive operations occur directly on ciphertext.
Additionally, Trusted Execution Environments (TEEs) are used to run privacy-preserving smart contracts. Unlike standard (plaintext) smart contracts—whose logic and state are visible to all nodes—privacy contracts execute within isolated hardware enclaves. Only authorized parties can access inputs and outputs, significantly enhancing security.
These technologies reduce the computational overhead typically associated with encryption while maintaining high levels of confidentiality.
4. Private and Tamper-Proof Messaging on Blockchain
For secure inter-institutional communication, the solution combines asymmetric encryption, blockchain, and smart contracts to enable trusted data exchange.
Key benefits:
- Immutable Records: Messages are recorded on-chain using blockchain’s chained structure, making them tamper-proof and auditable.
- One-Time Encryption Keys ("One Message, One Key"): Each message is encrypted with a unique symmetric key; that key is then encrypted using public-key cryptography before transmission. This ensures that even if one message is compromised, others remain secure.
This mechanism supports traceability—a core advantage of blockchain—while ensuring message confidentiality.
Evolving Toward a More Secure Digital Future
As global competition intensifies and emerging technologies become more deeply embedded in financial systems, threats to data security grow more sophisticated. The battle between defense and attack continues to escalate—requiring constant innovation in privacy protection.
Standing at the intersection of the "14th Five-Year Plan" and China’s broader "Science and Technology Power" strategy, the Institute is committed to advancing its privacy-preserving technologies. Future efforts will focus on:
- Expanding use cases across banking, insurance, capital markets, and cross-border finance
- Improving system efficiency and scalability
- Enhancing user experience without sacrificing security
- Maintaining equilibrium between individual privacy rights and anti-fraud/anti-money laundering (AML) enforcement
The goal is clear: to build resilient infrastructure that supports both innovation and trust in the digital economy.
👉 Learn how scalable blockchain solutions are driving secure financial transformation.
Frequently Asked Questions (FAQ)
Q: What is the main challenge of using blockchain in financial services regarding privacy?
A: While blockchain offers transparency and immutability, its default openness can expose sensitive transaction details like identities and amounts. The challenge lies in preserving privacy without sacrificing auditability or regulatory compliance.
Q: How does zero-knowledge proof enhance financial privacy?
A: Zero-knowledge proofs allow one party to prove the validity of a statement (e.g., “I have sufficient funds”) without revealing any underlying data. This enables authentication and compliance checks while keeping personal or corporate information confidential.
Q: Can encrypted data be processed without decryption?
A: Yes—through homomorphic encryption. This advanced cryptographic method allows mathematical operations on encrypted data, producing an encrypted result that, when decrypted, matches the result of operations performed on plaintext.
Q: What role do trusted execution environments (TEEs) play in this solution?
A: TEEs provide isolated hardware environments where code and data can execute securely—even on potentially compromised nodes. They protect sensitive computations in privacy-preserving smart contracts.
Q: How does decentralized identity improve user control?
A: With decentralized identity (DID), users hold their credentials digitally and choose when and with whom to share them. This eliminates reliance on centralized databases and reduces risks of mass data breaches.
Q: Is this solution applicable beyond domestic financial systems?
A: Absolutely. The architecture supports cross-border scenarios such as international trade finance and remittances, where privacy, interoperability, and regulatory reporting must coexist.
By integrating advanced cryptography, distributed systems design, and regulatory foresight, this solution sets a new benchmark for secure digital finance—paving the way for a trustworthy, inclusive, and innovative economic future.