Let me tell you why Starknet has the potential to become the ultimate privacy engine. You need those ingredients: - Fast chain - Succint verifiability - ZK friendliness - Cheap and Abundant computation - Great UX Let's check them one by one 👇

Fast chain. Of course it's important to have a fast chain for the scaling aspect (throughput) and latency. Starknet is already great on that front and will keep improving drastically. Let's say we can do already today comfortably 1k true TPS today with very decent L2 finality (even without pre confs). 10k+ TPS within 6 months and even faster finality. This property disqualifies chains that are inherently slow (even if slow for good reasons), at least on the base layer (they can scale via L2s). ZCash is working hard on this aspect right now and also for improving light clients and notes discovery with Tachyon project. Let's see how it goes, it's super interesting. I think that at the same time Starknet tech can also be a great way to scale ZCash via ZK rollups that can give both scaling and expressivity and programability to see apps on L2s that could leverage trustlessly assets from the base layer.

Succint verifiability. This one is a crucial one that people completely under estimate. By nature, a privacy blockchain has to be succintly verifiable! Privacy inherently requires to handle client side proving properly. You need to generate proofs on the mobile / device. Which means that you need to have some sort of light client that can verify the integrity of the chain succintly, fast and cheap (with low hardware requirements), without relying only on the consensus part. IMO this property disqualifies chains that are fast but inherently not verifiable succintly (like Solana). Sure you can still build some decent privacy features and do cool stuff on the app layer too, but for the end game privacy vision it's problematic.

ZK friendliness. As discussed above, you need the protocol to be ZK friendly at all levels. Everything used must be easily provable. Starknet as a huge competitive edge on that front since literally all components of it's architecture are designed and built to be ZK friendly (hash functions, VM, language, etc). You also need to be able to verify proofs at scale. Solana did a good choice IMO to make verifying some ZK proofs easier by enshrining some primitives. This is not sufficient (because of lack of succint verifiability) but this is interesting to enable some decent privacy features on the app layer. Starknet beats all EVM based ZK rollups on that front too because it's future proof design that is made to be ZK frienldy from the inception, plus total sovereignty and no dependency on the EVM roadmap (no burden to maintain any kind of compatibility).

Cheap and abundant computation. This property vastly derives from the previous point about ZK friendliness. As a result, Starknet offers massive computation at large scale. You need this abundant computation to be able to verify all the client side generated proofs efficiently and cheaply. For instance, Starknet makes it super cheap and efficient to verify a Noir proof on Starknet. And we can go even further if we decide to enshrine some primitives to make it even easier to verify various kind of proofs. Starknet can really be the most efficient place to verify all kind of ZK proofs while keeping max security level and succintness to verify integrity of computation. It's clear from the beginning that this would be the case, hence why we always thought about Starknet becoming the backbone of the integrity web, because of this property, and it happens now that this is also extremely useful from the privacy perspective.

Great UX. This is a huge challenge for privacy apps. Most of the time, the friction is so big that it completely kills their adoption. Starknet can solve this mostly for two reasons: - native account abstraction that can bring web2 like smooth UX, including for privacy features (we will communicate about how in the coming weeks) - the other properties discussed above: for instance you need fast light clients and succcint verification, plus you need ability to generate proofs fast for great UX. Because STWO is a blazingly fast prover, once it has proper ZK it can be a banger for client side proving privacy. But more importantly, notes discovery is probably the biggest challenge there, and we are cooking something on this front!

Of course, you also need other non tech factors like ethos, cypherpunk roots and ideals, ecosystem of people willing to fight for this battle. But let's focus on the tech dimension for now. IMO these types of chains are disqualified from being the best candidates: - chain go fast brrr brrr but no succint verifiability (i.e Solana) - chain slow (secured and decentralised L1s that are slow for good reasons) - chain not ZK friendly by design (makes it painful to verify efficiently proofs) - chain that compromise big amount of computation for fast TPS and using economical security instead of verifiable computation by design (all optimistic rollups for example). I believe that Starknet is very likely one of the only (if not the only one) protocols that can check all those boxes simultaneously. TL;DR: Starknet has the potential to become the ultimate privacy engine because of it's design from inception, it's scaling properties, and it's future proof nature and full sovereignty on it's roadmap.

So to summarize: - you made a valid feedback, thanks for this - it’s just that we see the privacy renaissance as a relief and good excuse for us to finally work deeper on it - I am very fan of what you guys try to achieve - more than happy to continue collaborating together on making privacy fight win