Encryption does not equal privacy. As long as data is still on the chain, no matter how much it is locked, its essence remains public, just delayed in being uncovered. Computing power and analytical tools are advancing; this will inevitably happen sooner or later.

@MidnightNetwork Midnight chooses to directly move sensitive data off the chain. Private states do not enter the consensus layer but remain on local devices or TEE. Transactions are not completed on the chain; instead, they are first calculated locally, and then a ZK-SNARK proof is generated by Kachina, with only this proof uploaded to the chain. Nodes can only verify "compliance with rules and no double spending" but cannot see the amount, identity, or counterparty.

The underlying model uses the UC security model, focusing on composability. This privacy logic will not be diluted due to composability when interacting with systems like lending, clearing, and RWA. Many past solutions encountered issues at this step.

The attack surface has also been redefined. Previously, it was enough to break one chain; now, it is necessary to target each device individually, significantly increasing costs.

However, the costs are also very real. Data not being on the chain means that issues like device loss, cross-end synchronization, and private state recovery become problems that users must handle themselves. Additionally, with the thresholds of UC proofs and the overall architecture, development and use are not easy. #night $NIGHT