We have so far discussed the differences between public and private networks, where it is the network itself, and access to it, which is either public or private. We now turn our attention to the data—both transaction and contract data—inside a given network.
The Ethereum main network can be joined by anyone. Furthermore, all transaction and smart contract data is public, meaning all transactions between a to and from address can be seen by everybody using the network. There is no way to hide these transactions, or the addresses transacting, and as such, there's no way for a user on Ethereum to be truly anonymous. If a way were found to link an address with a real-world identity—either at the present time, or at a point in the future—then the identity of the transacting party would be known. This might seem obvious: on public networks, all data is public. What is less obvious is that even in a private Ethereum network, data within the network is visible to all participating nodes.

Other cryptocurrencies, such as Zcash, Monero, and Dash, provide differing degrees of anonymity, and we will briefly discuss two of the techniques for doing so in this chapter, and look at how these could be applied to Ethereum.

Monero uses a type of digital signature called a ring signature, which helps anonymize the transacting addresses as well as the amount being sent. It's possible to use a similar technique in Ethereum by using mixing services based on ring signatures, but these generally aren't accepted as being robust and scalable methods that could be used in an enterprise.

Zcash uses a different technique, leveraging Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARK) proofs. In this scheme, a user is able to prove possession of some data without needing to reveal what the data is, and without needing to interact with the user verifying the data. Some work has been done to incorporate zk-SNARKs with Ethereum, though at the time of writing this work is still experimental.

So, there is currently no reliable method to make addresses and transactions anonymous in a guaranteed way – what about the contents of those transactions?

The contents of a transaction, as well as the code and data associated with a smart contract, are publicly viewable and cannot be obscured. Though a smart contract's code is compiled to bytecode, it should not be assumed that an adversary wouldn't be able to decompile and read the code. As such, sensitive information should neither be hardcoded into a contract nor sent to it as part of a transaction.

What can be done, however, is to encrypt any sensitive data off-chain before sending it to the network. Using public-key cryptography, one method would be as follows:

1. The sensitive data is encrypted with the recipient's public key, which could have been published either on- or off-chain
2. The encrypted data is sent either to a smart contract written for the purpose of receiving it, or in the data field of a normal transaction
3. The received data is decrypted using the recipient's private key