Features
ZKsync Prividium delivers private execution, enterprise-grade access control, and Ethereum-level security in a single composable stack. It is the only solution available today that combines this level of confidentiality, auditability, and interoperability, without tradeoffs.
Composable Privacy
ZKsync Prividium operates as a permissioned ZKsync Chain, where transaction inputs, calldata, and full state are stored off-chain in an operator-controlled database. Only cryptographic commitments—state roots and STARK-based proofs—are submitted to Ethereum, ensuring public verifiability without exposing private data.
Key capabilities:
- Keep all data inside your infrastructure (no transaction details on Ethereum)
- Configure contract access policies through the Prividium Admin Dashboard, defining which functions are public, private, or role-restricted
- Update access settings without redeploying contracts
- Supply Merkle proofs or DB extracts for selective disclosure (e.g., audits, investigations)
Design Summary:
- Data location: Entire state is stored off-chain in a private database
- Proofs: Each block produces a STARK proof verified on Ethereum
- External visibility: L1 observers only see state roots, metadata, and proof hashes
- Selective disclosure: Auditors can view chain segments without affecting behavior
Fine-Grained Access Control
All interactions with the chain are routed through a Proxy RPC that enforces access policies managed in the Prividium Permissioning System. Administrators configure roles, users, and permissions through the Admin Dashboard, which stores policies dynamically in the Permissions API. Features:
- Manage access using roles (e.g., Trader, Auditor, Admin) and assign them to users in the dashboard
- Restrict contract functions by role, argument match, or both
- Enforce access at the RPC layer; unauthorized calls return HTTP 403 and are logged for audit
- Apply consistent access control across user calls, dApps, explorers, and bridges
- Support for Okta and crypto-native Sign-in With Ethereum (SIWE) authentication
- Configure and update permissions without redeploying contracts or editing files
Request Path: Client → Proxy RPC (permission validation) → Permissions API (policy check) → Sequencer RPC
Compliance & Audit Support
Regulated entities require visibility, traceability, and selective access. ZKsync Prividium is designed with that in mind.
Features:
- A private block explorer shows only what each user is authorized to view (gated via Proxy)
- System logs from all core components are available for integration with enterprise logging and analytics tools
- Chain operators can export inclusion proofs or filtered ledger views on-demand
- Auditors can be granted scoped roles through the Permissioning System, enabling view-only access without exposing unrelated data.
Ethereum-Grade Finality
Every finalized Prividium batch is proven and posted to Ethereum using the ZKsync Gateway.
Finalization Flow:
- The ZKsync Prividium sequencer finalizes a batch of blocks
- The prover generates a STARK proof for the batch and posts it on ZKsync Gateway
- The relayer submits the state root and proof to Ethereum
- Once verified on-chain, the batch becomes immutable (unless Ethereum reorganizes)
This ensures that every block is cryptographically verified and finalized on Ethereum, ensuring tamper-proof integrity and eliminating settlement risk. All without revealing sensitive information
Seamless Interoperability
ZKsync enables protocol-level interoperability across private and public chains, all anchored to Ethereum. With shared settlement and ZK proofs, institutions can move assets securely and atomically between networks, all without consortium agreements, third-party bridges, or compromises to customization.
Daily operations remain private, but interoperability is opt-in and cryptographically verified.
Next Step
See Configure Prividium for detailed steps on setting up authentication, users, roles, permissions, and selective disclosure.