A Hitchhiker's Guide to Privacy-Preserving Digital Payment Systems: A Survey on Anonymity, Confidentiality, and Auditability

TL;DR

This survey comprehensively reviews privacy-preserving digital payment systems, analyzing their cryptographic foundations, architectures, and evolution, while highlighting open challenges in balancing privacy and auditability.

Contribution

It provides a taxonomy of privacy goals, links high-level objectives to concrete cryptographic implementations, and traces the evolution of privacy-preserving payment systems.

Findings

Identifies three generations of privacy-preserving payment systems.

Maps privacy goals to cryptographic primitives and architectures.

Highlights open challenges in balancing privacy with auditability.

Abstract

Crypto-assets and central bank digital currencies (CBDCs) are reshaping how value is exchanged in distributed computing environments. These systems combine cryptographic primitives, protocol design, and system architectures to provide transparency and efficiency while raising critical challenges around privacy and regulatory compliance. This survey offers a comprehensive overview of privacy-preserving digital payment systems, covering both decentralized ledger systems and CBDCs. We present a taxonomy of privacy goals -- including anonymity, confidentiality, unlinkability, and auditability -- and map them to the cryptographic primitives, protocols, and system architectures that implement them. Our work adopts a design-oriented perspective, linking high-level privacy objectives to concrete implementations. We also trace the evolution of privacy-preserving digital payment systems through three generations, highlighting shifts from basic anonymity guarantees toward more nuanced privacy-accountability trade-offs. Finally, we identify open challenges, motivating further research into architectures and solutions that balance strong privacy with real-world auditability needs.