Confidential Transfers Return to Solana Mainnet After Year-Long Security Pause

Solana SOL$71.33-1.1%Confidential Transfers, the Token-2022 extension that allows token balances and transfer amounts to be hidden on Solana's public ledger, is live on mainnet again. Ilan Gitter, the Solana Foundation's lead developer for payments and commerce, announced the restoration on June 17, 2026 at 21:10 UTC. The post drew immediate amplification from Jacob Creech, the Foundation's developer relations lead, and Vibhu, its head of marketing, a sign the team treated it as a meaningful infrastructure milestone rather than a routine maintenance update.

The feature had been offline for just over a year.

How Token-2022 Confidential Transfers Hide Balances with Zero-Knowledge Proofs

Confidential Transfers is part of Solana's Token-2022 program, a superset of the original SPL token standard that bundles optional capabilities (called Token Extensions) into individual token mints. The confidential transfer extension uses ElGamal encryption, a form of asymmetric cryptography, to encode account balances and transaction amounts as ciphertexts. Zero-knowledge proofs allow the Solana runtime to verify that a transfer is valid (the sender has enough funds, the amounts balance) without revealing the actual numbers to anyone observing the chain.

Stablecoins, tokenized securities, and other regulated assets can move on a public blockchain while keeping financial details visible only to counterparties who hold the decryption key. Auditability is preserved by design: regulators can be granted decryption access. The opacity is what compliance-minded institutions need when handling client funds or proprietary positions on-chain.

The ZK ElGamal Fiat-Shamir Bug That Forced the June 2025 Shutdown

In June 2025, researchers identified a cryptographic vulnerability in the ZK ElGamal proof system that underpins the extension. The flaw involved the Fiat-Shamir transformation, a standard technique for converting interactive proofs into non-interactive ones. An attacker who understood the bug could exploit it to forge proofs, accepting transfers that should have been rejected or concealing manipulated balances.

The Solana Foundation and the Anza team moved quickly. Confidential Transfers was disabled on mainnet while a fix was designed and independently verified.

Code4rena Audit, Agave v2.1.21 Patch, and the Thirteen-Month Road Back

The remediation process ran through two parallel tracks. A Code4rena competitive audit, with a prize pool of $203,500, ran from August through September 2025. Competitive audits of this format incentivize independent researchers worldwide to find every remaining edge case; the pool size signaled how seriously the Foundation weighted thorough review.

The corresponding code fix shipped in Agave version 2.1.21 in March 2026. Agave is the validator client maintained by Anza, which handles the bulk of Solana's consensus-layer traffic. Once the patched client had propagated sufficiently across the validator set, the Foundation opened the feature gate (the on-chain flag that enables or disables Token-2022 extensions at the network level), restoring Confidential Transfers to mainnet on June 17.

The nearly thirteen months between disable and re-enable reflects the deliberate pace the ecosystem chose: audit first, ship second.

Institutional DeFi and Regulated Asset Issuers Are the Primary Beneficiaries

The most direct beneficiaries are builders working on institutional and regulated use cases across three areas: stablecoin issuance, asset tokenization, and on-chain settlement.

Agora Finance AUSD$1.01+0.4%Agora, the stablecoin issuer behind AUSDAUSD, had previously used Confidential Transfers before the disable; its restoration reopens that path for stablecoin issuers serving corporate treasury or payments markets that need to move funds without broadcasting every counterparty relationship to competitors scanning the chain.

Asset managers tokenizing funds, securities, or real-world assets face a related constraint. Compliance teams are comfortable with auditability (regulators can be granted decryption access), but not with public exposure of positions and flows. Confidential Transfers makes that distinction structurally enforceable at the token level rather than relying on off-chain agreements.

Regulated broker-dealers and custodians exploring on-chain settlement gain the same protection. Transfers between institutional counterparties often involve amounts that, if visible, would move markets or reveal strategy.

Privacy Momentum Across Solana: Arcium, Zama, and Token-2022

The re-enablement lands at a moment when Solana's privacy infrastructure is expanding on multiple fronts.

ArciumArcium, which is building encrypted computing layers on Solana using multi-party computation, has been developing what it calls confidential markets: venues where orderbook data and positions remain encrypted until settlement. Arcium's pitch, articulated at Accelerate 2025, is that privacy is not an edge case for blockchain but a requirement for institutional-scale adoption.

Zama Protocol has separately been working on confidential versions of stablecoins including USDCUSDC using fully homomorphic encryption. Meteora, the liquidity protocol, held a privacy-focused event on June 18 (the day after the Confidential Transfers announcement), a sign of coordinated attention on the theme across the ecosystem.

Token-2022 itself continues to accumulate extensions beyond confidential transfers: transfer hooks, interest-bearing tokens, metadata pointers, and more. Confidential Transfers is the highest-complexity piece of that stack, and its restoration signals that the foundational security work needed to support serious institutional deployments is now in place.

For developers who shelved privacy-preserving projects after June 2025, the feature gate is open.