Privacy trends for 2026

A look ahead at markets, privacy, and what comes next

Jan 11, 2026

IN THIS EDITION

Our take on trends and applications that will define the industry’s next cycle, from DeFi to prediction markets
Decentralized encryption, secrets-as-a-service, and more ideas for what’s next in privacy

INVESTOR OBSERVATIONS

3 trends that could shape crypto investments in 2026

a16z crypto general partner Arianna Simpson shares her views on where the industry could be headed next year…

1: More new investments, and some old business models

AI continued booming over 2025, with crypto investments coming back later in the year. I’m excited to see that trend continue into 2026. Stablecoins were the undisputed belle of the ball, so lots of deal activity focused on crypto meets fintech. Notably, this included a shift back toward more traditional business models: Rather than monetize via token network models, most stablecoin businesses are monetizing via a take rate on volume.

2: A few standout sectors for new investments: prediction markets, DeFi, and stablecoins

The first sector on the rise is applications and businesses built around prediction markets. As these platforms continue to gain momentum, ancillary businesses are being built on top, and I believe they’ll have incredible growth potential.

Additionally — with the potential for some kind of market structure legislation to be passed in 2026 — we should see continued growth of DeFi applications here in the U.S., along with increased interest from TradFi in those markets. We saw a similar trend with the explosion of stablecoin businesses following the passage of the GENIUS Act.

Another category is agentic, stablecoin-driven payments. The internet was not designed to cater to agents; if anything, it was designed to do the opposite: to guard against automated activity. But as agents become first-class economic actors transacting on behalf of users, parts of the web will need to be redesigned to support them. In the new agentic paradigm, stablecoins are poised to emerge as the native payment method.

3: The IPO window for crypto companies

After the first quarter of 2025, we saw new levels of interest in crypto from financial institutions, which led to a significant uptick in metrics for businesses who sell to them: custody providers, stablecoin infrastructure companies, institutional trading platforms, and so on. Many of those companies got close to the scale they likely would need to have a comfortable IPO this year, and would be well positioned to take the leap in 2026.

WHAT’S NEXT

Privacy trends for 2026

Privacy is a prerequisite for moving the world’s finance onchain, and it is poised to become the biggest moat in crypto. So here are a few ideas from our team (plus a few guest contributors) for what’s ahead in onchain privacy.

The question for messaging apps this year isn’t just how to be quantum-resistant, but how to be decentralized

As the world prepares for quantum computing, many messaging apps built on encryption (Apple, Signal, WhatsApp) have led the way, all doing great work. The problem is that every major messenger relies on our trusting a private server run by a single organization. Those servers are an easy target for governments to shut down, backdoor, or coerce into giving up private data.

What good is quantum encryption if a country can shut down one’s servers; if a company has a key to the private server; or even if a company has a private server?

Private servers require “trust me” — but having no private server means “you don’t have to trust me.” Communication doesn’t need a single company in the middle. Messaging needs open protocols where we don’t have to trust anyone.

The way we get there is by decentralizing the network: No private servers. No single app. All open source code. Best-in-class encryption — including against quantum threats. With an open network there is no single person, company, non-profit, or country that can take away our ability to communicate. Even if a country or company does shut down an app, 500 new versions will pop up the next day. Shut down a node and there is an economic incentive (thanks to blockchains and more) for a new one to take its place immediately.

When people own their messages like they own their money — with a key — everything changes. Apps may come and go, but people will always keep control of their messages and identity; the end users can now own their messages, even if not the app.

This is greater than quantum resistance and encryption; it’s ownership and decentralization. Without both, all we’re doing is building unbreakable encryption that can still be switched off. – Shane Mac, cofounder and CEO, XMTP Labs

We’ll have ‘secrets-as-a-service’ to make privacy core infrastructure

Behind every model, agent, and automation lies a simple dependency: data. But most data pipelines today — what’s fed into or out of the model — are opaque, mutable, and unauditable.

That’s fine for some consumer applications, but many industries and users (like finance and healthcare) require companies to keep sensitive data private. It’s also a massive blocker for the institutions looking to tokenize real-world assets right now. So how do we preserve privacy while enabling innovation that is safe, compliant, autonomous, and globally interoperable?

There are many approaches, but I’ll focus on data access controls: Who controls sensitive data? How does it move? And who (or what) can access it? Without data access controls, anyone who wants to keep data confidential currently has to use a centralized service or build a custom setup — which is not only time-consuming and expensive, but blocks traditional finance institutions and others from fully unlocking the features and benefits of onchain data management. And as agentic systems begin browsing, transacting, and making decisions autonomously, both users and institutions across industries need cryptographic guarantees as opposed to “best-effort trust.”

That’s why I believe we need secrets-as-a-service: New technologies that can provide programmable, native data access rules; client-side encryption; and decentralized key management enforcing who can decrypt what, under which conditions, and for how long… all enforced onchain.

Combined with verifiable data systems, secrets could then become part of the internet’s fundamental public infrastructure — rather than an application-level patch, where privacy is bolted on after the fact — making privacy core infrastructure.
– Adeniyi Abiodun, chief product officer and cofounder, Mysten Labs

We’ll go from ‘code is law’ to ‘spec is law’ in security testing

DeFi hacks last year hit battle-tested protocols that had strong teams, diligent audits, and years in production. So these incidents underscore an uncomfortable reality: Today’s standard security practice is still largely heuristic and case-by-case.

To mature this year, DeFi security needs to move from bug patterns to design-level properties — and from “best-effort” to “principled” approaches:

On the static/pre-deployment side (testing, audits, formal verification), this means systematically proving global invariants rather than verifying hand‑picked local ones. AI-assisted proof tools now being built by several teams can help write specs, propose invariants, and offload much of the manual proof-engineering that used to make this prohibitively expensive.
On the dynamic/post-deployment side (runtime monitoring, runtime enforcement, etc.), those invariants can turn into live guardrails: a last line of defense. These guardrails would be encoded directly as runtime assertions that every transaction must satisfy.

So now, instead of assuming every bug was caught, we’d enforce key safety properties in the code itself, automatically reverting any transactions that would violate them.

This is not just theory. In practice, almost every exploit to date would have tripped one of these checks during execution, potentially halting the hack. So the once-popular idea of “code is law” evolves into “spec is law”: Even a novel attack must satisfy the same safety properties that keep the system intact, so the only attacks left are tiny or extremely hard to execute. – Daejun Park, a16z crypto engineering team

For more on what we’re excited about for 2026, read this post.

COMPANY BUILDING

Ignore the competition

One of the most destructive mental traps founders can fall into is focusing too much on the competition. Bryan Pellegrino, cofounder and CEO of LayerZero, talks about how to avoid it.

Bryan joins host Robert Hackett for the latest in a special series with crypto founders. They cover why crypto went multichain; how it’s now competing with legacy financial systems; and lessons from Bryan’s time as a professional poker player.

Highlights

0:00 – Introduction

0:47 – The need for interoperability

1:04 – How crypto went multichain

2:51 – The institutional adoption of crypto

6:56 – Focus and conviction

13:19 – The nature of competition

14:43 – Elon Musk’s game-changing advice

18:48 – The importance of self-disruption

20:08 – Lightning round

22:56 – Challenges in scaling a company

26:46 – Book recommendations and productivity hacks

28:19 – Core principles and company culture

— a16z crypto editorial team

You’re receiving this newsletter because you signed up for it on our websites, at an event, or elsewhere (you can opt out anytime using the ‘unsubscribe’ link below). This newsletter is provided for informational purposes only, and should NOT be relied upon as legal, business, investment, or tax advice. This newsletter may link to other websites or other information obtained from third-party sources — a16z has not independently verified nor makes any representations about the current or enduring accuracy of such information. Furthermore, the content is not directed at nor intended for use by any investors or prospective investors in any a16z funds. Please see a16z.com/disclosures for additional important details, including link to list of investments.

Discussion about this post

Ready for more?