Transparent, Shielded, and Selective Addresses on Horizen
A user sends a ZEN transaction from a regular transparent address. They believe that the transaction data, as it travels across the Horizen network, is private. It's not. The recipient address, amount being sent, and sender's remaining balance can all be viewed by anyone on the blockchain.
Many users asking "what is zen crypto" are aware of this, which is why they question ZEN's privacy pedigree. But relatively few people understand how to properly activate the privacy features offered through the horizen wallet network. With the protocol upgrade to Horizen 2.0 on Base and the launch of the Confidential Compute Environment, the steps to transacting privately have changed.
This guide explains the suite of wallet level privacy features that obscure transaction details, shows how to properly configure them, and highlights where users most commonly go wrong, inadvertently revealing the data they intend to hide.
Configuring Privacy on the Application Layer
Horizen has supported transparent (T-addresses) and shielded (Z-addresses) transactions since launch. T-addresses function just like regular bitcoin addresses. Transactions, balances, and counterparty information are visible on the public blockchain ledger. Z-addresses, thanks to zk-SNARKs (zero-knowledge proofs), encrypt that data so that no one else can see it except the sender and recipient. Most wallets default to transparent addresses.
Privacy works slightly differently today than it did pre-July 2025 migration of ZEN to an ERC-20 token on Base. Horizen's Base migration deprecated shielded pools on mainchain, and privacy functionality has been moved to the application layer using Horizen 2.0's L3 appchain. Horizen has also developed a Confidential Compute Environment (HCCE) that uses trusted execution environments to confidentially process data via smart contracts. This tool also includes compliance-ready audit trails.
Privacy doesn't work like an on/off switch like it did in the past. Privacy today is configurable, and it's important to be aware of which layer you're interacting on.
Selective Disclosure as a Middle Ground
Another category of address is selective disclosure. As the name implies, selective disclosure is the middle ground between transparent and shielded addresses. It allows a person to verify select information about a transaction, for example that it occurred, that it was larger or smaller than a certain amount, or that it was sent from a verified wallet, without seeing the entire transaction.
Selective disclosure is how Horizen strives to be a "compliant privacy" protocol rather than being completely opaque like Monero and other privacy coins.
Say a user simply wants to look up the current zen price or convert ZEN to USD on an exchange. The type of address they use determines what information the exchange can see and report. Which type of address should be default? That depends. Transparent addresses are great for exchanging funds on an exchange you've already provided KYC data to. Shielded addresses are great for peer-to-peer transactions where you don't want the amount and counterparty information to be public. Selective disclosure is perfect for institutional or business transactions where you need to partially verify transactions.
What Changed After the Base Migration
Horizen's old Sphere desktop wallet was native shielded-ready on legacy mainchain. That won't be the case anymore. ZEN now functions as an ERC-20 on Base. Privacy applications within Horizen 2.0 grant users access to privacy functionality instead of shielded pools natively built into the mainchain.
The new privacy setup requires three explicit steps.
Step One, Claim Your Migrated ZEN
Legacy token holders will need to claim their ERC-20 ZEN migrated onto Base through Horizen's special portal. Claiming is required. Should your tokens remain on mainchain, they will be unable to be used with privacy applications in Horizen 2.0.
Step Two, Install a Base-Compatible Wallet
Because ZEN is listed on decentralized exchanges such as Aerodrome and Uniswap on Base, your wallet only needs to be ERC-20 compatible if all you plan on doing is trading and sending ZEN back and forth. MetaMask, Coinbase Wallet, or Den will work for basic trade needs. Multisig users should choose Den.
Step Three, Use Privacy Apps
All private smart contract interaction will be routed through the HCCE using TEEs. ZENDEX, Horizen's privacy-first DEX, and Tachyon, a confidential cross-chain payment channel, are the entry points for shielded activity.
One important misconception to clear up. Having a horizen wallet connected to Base does not make your activity private. Privacy is applied on the application layer, not already applied to the network by default. Users will have to take action to route their transactions through Horizen's HCCE-enabled apps. Swapping ZEN for another ERC-20 token on Uniswap while on Base will be completely transparent. Swap the same tokens on ZENDEX and your transaction will be routed through the confidential compute layer. The UI may be similar. The privacy aspects are night and day.
Memo Encryption and Private Metadata
Memo fields can function as optional notes. Legacy Horizen mainchain shielded transactions included encrypted memo fields up to 512 bytes. Encrypted with the recipient's viewing key, only the recipient could decrypt the memo. It's more than a messaging platform. Encrypted memos allow users to pass payment references, invoice numbers, or compliance documentation along with a transaction.
Say a company wants to pay a contractor using ZEN. The business could attach an encrypted memo containing a purchase order number. The amount, sender, recipient, and memo would all be private on a shielded transaction. However, the memo itself is an auditable piece of data that only the sender and recipient can view.
Memos utilized on Horizen 2.0 work slightly different. The HCCE allows smart contracts to accept private inputs, meaning not only free-form text can be attached to a transaction within a privacy-enabled app, but structured metadata as well. Hubz VCE, one of the first applications to run on the Horizen network, leverages this technology for verifiable credential exchange. This allows private data from a user to pass along with an on-chain transaction without actually being stored on-chain.
Because these encrypted memos and private pieces of metadata aren't stored on the public blockchain, users will have to download or save a copy to their local machine before leaving the application. This isn't a bug. There just isn't a "find my old memo on the chain" function. Users trip up on this every day.
If you've been keeping up with zen news, you've likely read about the compliance tools available for the Horizen protocol. Memo encryption and private metadata are real world selective disclosure at the transaction layer.
Four Wallet Mistakes That Undo Privacy Entirely
The most common mistake isn't technical. It's behavioral.
Mistake One, Address Type Confusion
Sending to a transparent address from a shielded beta app or Base wallet, or sending from either of those sending methods to a transparent address hosted on Base, means the receiving party of that transaction is able to see that transaction on chain. Privacy isn't homogenous. If Bob sends to Alice and Bob's systems are optimized for privacy, but Alice is receiving to a transparent address, then Alice's transaction is completely public.
Mistake Two, Address Reuse
Even if Alice was running a privacy-enabled wallet to receive funds from Bob, simply because she's reusing an address to receive funds, tools that analyze the blockchain can begin to link those transactions together. Always use a new address for each transaction received.
Mistake Three, Fee Linkage
The transaction fee paid to include transactions on Base is denominated in ETH. If a user were to take ETH from an exchange that required KYC to fund their Base wallet, then begin interacting with a beta application, that ETH funding transaction can now be used to link the exchange's identity to that privacy wallet. The easiest solution here is just to fund your horizen wallet from your horizen wallet. Don't fund Base directly with ETH from an exchange.
Mistake Four, Public Labels
Wallet software will almost always let you "label" transactions or addresses locally on your device. These labels aren't encrypted automatically by most wallets. If your phone is compromised, these labels can now act as a direct mapper between real identities and crypto addresses. This risk grows with the value of your holdings. Horizen price is $6.11, but as it mirrors the volatility of privacy coins in general, users sending larger amounts have more at risk by misconfiguring their privacy.
Desktop vs Mobile, What ZEN Holders Actually Lose
While desktop wallets offer the widest variety of features when it comes to privacy on Horizen, it is not required to use one. Using a desktop browser that has MetaMask or Coinbase Wallet installed will allow you to connect to HCCE-compatible decentralized applications and function as expected. Den, Horizen's multisig wallet partner since December 2025 on mainnet, is entirely browser-based. Desktop also allows users to run local key material, should they desire it, and makes it easier to export encrypted transaction histories.
If you're an institutional user, or a holder whose Horizen position size warrants trading larger amounts, you may have a slight bias for desktop. Tradeoffs exist for mobile wallets. The Coinbase Wallet mobile application can interact with dApps on Base and manage ERC-20 tokens representing Horizen on other networks. Access to beta apps is predicated on whether those dApps have a mobile-responsive interface.
At launch, ZENDEX and Tachyon are desktop-first web applications. ZEN holders can use Coinbase Wallet for mobile to hold ZEN on Base, send to and from Base, but must switch back to a desktop browser to access the confidential compute layer to send private transactions in most cases. The availability of mobile dApps will continue to grow as new applications are released via the Horizen developer grant program. That program funds up to fifty builders across private DeFi, zkML, gaming, and governance.
The Trust Tradeoff
This creates another security vector. Mobile operating systems restrict application access to filesystems far more aggressively than desktop operating systems. That can theoretically segregate key material away from other applications' reach. Desktop puts more trust into browser extensions. Neither is inherently more secure. It's a question of whether you trust the privacy features available to you (desktop) or trust the inability for other applications to access your key material (mobile).
Privacy Is a Configuration, Not a Default
Return to the original user. The one who sent ZEN from a transparent address to themselves believing it would be a private transaction. They didn't run into a bug or receive poor instructions from the UI. They had a configuration issue.
Each actionable privacy tool in the Horizen wallet suite takes an explicit action on behalf of the user. Whether that's selecting the proper application layer to send and receive funds through, routing transactions through HCCE native tools, preventing address reuse, or managing the metadata created by transaction fees.
The tools are built. With Horizen token sitting 96% lower than its 2021 all-time high and the ZEN price chart eerily mimicking the rest of the sector's volatility, the holders who continue to transact on the network will likely be doing so because of Horizen's privacy stack.
And as custodians of their own key material, those users will need to remember that privacy on Horizen 2.0 isn't default. It's a configuration.
