No matches
We couldn't find any matches for "".
Double check your spelling or try a different search term.
Still can't find what you're looking for? Check out our featured articles.
Featured Articles
Privacy trends for 2026
Performing under pressure: Lessons from elite athletes
This entire week, we’re running our observations on what’s ahead this year… stay tuned here, and be sure to also subscribe to our weekly newsletter for more trend updates, industry reports, builder guides, news analysis, and other resources.
1. Privacy will be the most important moat in crypto this year
Privacy is the one feature that’s critical for the world’s finance to move onchain. It’s also the one feature that almost every blockchain that exists today lacks. For most chains, privacy has been little more than an afterthought. But now, privacy by itself is sufficiently compelling to differentiate a chain from all the rest.
Privacy also does something more important: It creates chain lock-in; a privacy network effect, if you will. Especially in a world where competing on performance is no longer enough.
Thanks to bridging protocols, it’s trivial to move from one chain to another as long as everything is public. But, as soon as you make things private, that is no longer true: Bridging tokens is easy, bridging secrets is hard. There is always a risk when moving in or out of a private zone that people who are watching the chain, mempool, or network traffic could figure out who you are. Crossing the boundary between a private chain and a public one — or even between two private chains — leaks all kinds of metadata like transaction timing and size correlations that makes it easier to track someone.
Compared to the many undifferentiated new chains where fees will likely be driven down to zero by competition (blockspace has become fundamentally the same everywhere), blockchains with privacy can have much stronger network effects. The reality is that if a “general purpose” chain doesn’t already have a thriving ecosystem, a killer application, or an unfair distribution advantage, then there’s very little reason for anyone to use it or build on top of it — let alone be loyal to it.
When users are on public blockchains, it’s easy for them to transact with users on other chains — it doesn’t matter which chain they join. When users are on private blockchains, on the other hand, the chain they choose matters much more because, once they join one, they’re less likely to move and risk being exposed. This creates a winner-take-most dynamic. And because privacy is essential for most real-world use cases, a handful of privacy chains could own most of crypto.
~Ali Yahya, a16z crypto general partner
2. The question for messaging apps this year isn’t just how to be quantum-resistant, but how to be decentralized
As the world prepares for quantum computing, many messaging apps built on encryption (Apple, Signal, WhatsApp) have led the way, all doing great work. The problem is that every major messenger relies on our trusting a private server run by a single organization. Those servers are an easy target for governments to shut down, backdoor, or coerce into giving up private data.
What good is quantum encryption if a country can shut down one’s servers; if a company has a key to the private server; or even if a company has a private server?
Private servers require “trust me” — but having no private server means “you don’t have to trust me.” Communication doesn’t need a single company in the middle. Messaging needs open protocols where we don’t have to trust anyone.
The way we get there is by decentralizing the network: No private servers. No single app. All open source code. Best-in-class encryption — including against quantum threats. With an open network there is no single person, company, non-profit, or country that can take away our ability to communicate. Even if a country or company does shut down an app, 500 new versions will pop up the next day. Shut down a node and there is an economic incentive (thanks to blockchains and more) for a new one to take its place immediately.
When people own their messages like they own their money — with a key — everything changes. Apps may come and go, but people will always keep control of their messages and identity; the end users can now own their messages, even if not the app.
This is greater than quantum resistance and encryption; it’s ownership and decentralization. Without both, all we’re doing is building unbreakable encryption that can still be switched off.
~Shane Mac, co-founder and CEO, XMTP Labs
3. We’ll have ‘secrets-as-a-service’ to make privacy core infrastructure
Behind every model, agent, and automation lies a simple dependency: data. But most data pipelines today — what’s fed into or out of the model — are opaque, mutable, and unauditable.
That’s fine for some consumer applications, but many industries and users (like finance and healthcare) require companies to keep sensitive data private. It’s also a massive blocker for the institutions looking to tokenize real world assets right now.
So how do we preserve privacy while enabling innovation that is safe, compliant, autonomous, and globally interoperable?
There are many approaches, but I’ll focus on data access controls: Who controls sensitive data? How does it move? And who (or what) can access it?Without data access controls, anyone who wants to keep data confidential currently has to use a centralized service or build a custom setup — which is not only time-consuming and expensive, but blocks traditional finance institutions and others from fully unlocking the features and benefits of onchain data management. And as agentic systems begin browsing, transacting, and making decisions autonomously, both users and institutions across industries need cryptographic guarantees as opposed to “best-effort trust”.
That’s why I believe we need secrets-as-a-service: New technologies that can provide programmable, native data access rules; client-side encryption; and decentralized key management enforcing who can decrypt what, under which conditions, and for how long… all enforced onchain.
Combined with verifiable data systems, secrets could then become part of the internet’s fundamental public infrastructure — rather than an application-level patch, where privacy is bolted on after the fact — making privacy core infrastructure.
~Adeniyi Abiodun, chief product officer and co-founder, Mysten Labs
4. We’ll go from ‘code is law’ to ‘spec is law’ in security testing
DeFi hacks last year hit battle-tested protocols that had strong teams, diligent audits, and years in production. So these incidents underscore an uncomfortable reality: Today’s standard security practice is still largely heuristic and case-by-case.
To mature this year, DeFi security needs to move from bug patterns to design-level properties — and from “best-effort” to “principled” approaches:
- On the static/ pre-deployment side (testing, audits, formal verification), this means systematically proving global invariants rather than verifying hand‑picked local ones. AI-assisted proof tools now being built by several teams can help write specs, propose invariants, and offload much of the manual proof-engineering that used to make this prohibitively expensive.
- On the dynamic/ post-deployment side (runtime monitoring, runtime enforcement, etc.), those invariants can turn into live guardrails: a last line of defense. These guardrails would be encoded directly as runtime assertions that every transaction must satisfy.
So now, instead of assuming every bug was caught, we’d enforce key safety properties in the code itself, automatically reverting any transactions that would violate them.
This is not just theory. In practice, almost every exploit to date would have tripped one of these checks during execution, potentially halting the hack. So the once-popular idea of “code is law” evolves into “spec is law”: Even a novel attack must satisfy the same safety properties that keep the system intact, so the only attacks left are tiny or extremely hard to execute.
~Daejun Park, a16z crypto engineering team
***
The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the current or enduring accuracy of the information or its appropriateness for a given situation. In addition, this content may include third-party advertisements; a16z has not reviewed such advertisements and does not endorse any advertising content contained therein.
The views expressed here are those of the individual AH Capital Management, L.L.C. (“a16z”) personnel quoted and are not the views of a16z or its affiliates. Certain information contained in here has been obtained from third-party sources, including from portfolio companies of funds managed by a16z. While taken from sources believed to be reliable, a16z has not independently verified such information and makes no representations about the current or enduring accuracy of the information or its appropriateness for a given situation. In addition, this content may include third-party advertisements; a16z has not reviewed such advertisements and does not endorse any advertising content contained therein.
You should consult your own advisers as to those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Furthermore, this content is not directed at nor intended for use by any investors or prospective investors, and may not under any circumstances be relied upon when making a decision to invest in any fund managed by a16z. (An offering to invest in an a16z fund will be made only by the private placement memorandum, subscription agreement, and other relevant documentation of any such fund and should be read in their entirety.) Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by a16z, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Andreessen Horowitz (excluding investments for which the issuer has not provided permission for a16z to disclose publicly as well as unannounced investments in publicly traded digital assets) is available at https://a16z.com/investment-list/.
The content speaks only as of the date indicated. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in these materials are subject to change without notice and may differ or be contrary to opinions expressed by others. Please see https://a16z.com/disclosures/ for additional important information.