CAPE: Configurable Asset Privacy for Ethereum

Espresso Systems
3 min readMar 6, 2022


Configurable Asset Privacy for Ethereum (CAPE) is a smart contract application that enables asset creators to configure who can see what regarding the custody and transfer of the assets they create. The protocol supports both entirely new assets that are created directly on CAPE as well as pre-existing Ethereum assets.

Using CAPE, a digital asset creator like a stablecoin provider or NFT artist can define viewing policies for their assets concerning any of the following data:

  • Sender and receiver addresses
  • The amount of an asset sent, received, and held
  • The type of asset being sent, received, and held

In addition to viewing policies, asset creators can also use CAPE to define other policies around their assets. While CAPE can be used by anyone looking to issue or wrap assets, the protocol was designed with stablecoin providers specifically in mind. Stablecoin providers today generally want to maintain avenues to be able to address fraud, theft, and dispute resolution, demanding that they retain insights into the ledger of activity for their assets as well as controls like freezing capabiities. Prior to CAPE, there were no solutions for these types of asset creators to offer privacy-enabled versions of their tokens to users while being able to meet needs around visibility and dispute resolution. With CAPE’s configurable viewing and freezing policies, this is now possible.

For end users, all of this adds up to better privacy options for sending, receiving, and holding assets than what is offered natively on Ethereum today. An important consideration in designing CAPE has been around empowering users to be aware of and actively opt in and out of the data they are sharing and who has insights into and controls over their transactions. For this reason, all policies for CAPE assets are surfaced in the user interface that we have designed (to be released soon). Making sure that users are educated around their options regarding who can see their data and who can control their assets will be an ongoing priority and area of work.

CAPE is also designed to support credential issuers and users. As digital credentials become increasingly popular in applications like DeFi permissioned pools, credit scoring, and more, it will become increasingly important to enable verification of credentials without having to publicly disclose the full underlying information. CAPE’s zk-credentials are designed to enable exactly this. Espresso Systems is glad to be collaborating closely with industry leaders like Centre in designing decentralized identity standards.

CAPE is the first step towards a more flexible approach to balancing privacy and transparency in decentralized systems. This will usher in users who have been compelled by the benefits of decentralization, but locked out due to their data sensitivities. Businesses do not want competitors to see payments to their suppliers; traders do not want their holdings visible; DAO contributors do not want their income public; investors do not want their investments to be public in real time; individuals do not want their assets and transactions leaked. CAPE takes aim at all of these problems without abandoning wholesale the benefits of transparency.

While CAPE can be run on any EVM blockchain, we will be deploying it soon as a demo on the Ethereum Goerli testnet with ultimate plans to migrate the application to Espresso and enable interaction with Ethereum assets via a token bridge.

You can check out CAPE’s open source contracts here and documentation here.



Espresso Systems

We are the lead developers of the Espresso Sequencer, which supports rollups with decentralization, scale, and interoperability.