Chainlink has introduced Confidential Compute, a new privacy layer designed to enable institutions to use public blockchains without exposing sensitive data. Launched as part of the Chainlink Runtime Environment on November 4, the service processes data off-chain and returns verified results on-chain. This aims to unlock the $3.4 trillion crypto market for Wall Street by addressing long-standing confidentiality concerns.
Institutions have hesitated to fully engage with public blockchains due to privacy risks, as banks avoid publishing risk positions and asset managers protect client portfolios. Chainlink's Confidential Compute seeks to resolve this by allowing programmable settlement and verifiable execution without revealing inputs or logic. The service operates within the Chainlink Runtime Environment (CRE), launched on November 4, with early access planned for 2026 and a broader rollout later that year.
Initial implementations use cloud-hosted trusted execution environments (TEEs), which isolate code execution for confidentiality and near-native speed. A roadmap outlines future support for zero-knowledge proofs, multi-party computation, and fully homomorphic encryption as these technologies advance. Key subsystems include a distributed key generation system for session secrets and a Vault DON for decentralized storage of confidential data long-term.
Practical applications include private real-world asset (RWA) tokens, confidential data feeds for subscribers, delivery-versus-payment (DvP) across public and permissioned chains, and KYC or eligibility checks that yield binary on-chain results with regulatory audit trails. Each workflow provides cryptographic attestation of execution without exposing underlying data or rules, enabling verification by auditors while separating data from verification layers.
This TEE-based approach competes with privacy rollups like Aztec, which use zero-knowledge proofs but face high costs and composability challenges via bridges; confidential EVM layers like Fhenix and Zama’s fhEVM employing fully homomorphic encryption, which is computationally intensive; and other TEE solutions like Oasis Sapphire, vulnerable to hardware attacks. Chainlink mitigates TEE risks through decentralized oracle network attestation and secret-sharing, positioning Confidential Compute for cross-chain and Web2 integration.
Bundled with the Automated Compliance Engine for KYC and position limits, the service emphasizes workflow integration over isolated privacy chains. While alternatives like Aztec's testnet (May) and Aleo's live apps advance cryptographic privacy, Chainlink bets on TEE performance for near-term institutional adoption, with plans to incorporate maturing technologies for broader appeal.