Are you an LLM? Read llms.txt for a summary of the docs, or llms-full.txt for the full context.
Skip to content
Solving the Barista Test: A Private Money Solution

Solving the Barista Test: A Private Money Solution

The barista test: when you buy coffee, the barista doesn't see your bank balance. Confidential tokens bring this privacy to blockchain — private balances, encrypted amounts, and transfers that reveal nothing to observers.

This is not a new primitive. Confidential tokens are an application — a pattern that combines encrypted transactions, conditional transactions, and re-encryption into a single use case. eUSDC is one implementation. The pattern works for any token.

What Confidential Tokens Demonstrate

Standard ERC-20 tokens expose everything. Balances. Transfer amounts. Transaction history. Anyone with a block explorer can trace flows, identify whales, and analyze spending patterns.

Confidential tokens change this:

Standard TokenConfidential Token
Balances publicBalances encrypted
Transfer amounts visibleAmounts encrypted
History traceableOnly sender/recipient see their flows
Contract sees all dataContract executes on encrypted state
No privacy guaranteesThreshold cryptography secures data

The technology isn't new — it's the combination of three existing primitives applied to a standard token interface.

The Three Primitives

Barista Test Comparison

1. Encrypted Transactions

The client encrypts the entire transaction — including the transfer amount — before submitting to the chain. The mempool sees only ciphertext. Validators reach consensus without knowing transfer values.

// Standard ERC-20: amount is plaintext
transfer(to, amount)
 
// Confidential: SDK encrypts the full transaction object
// Amount, destination, and calldata all encrypted
bite.encryptTransaction({ to, data, value: amount })
2. Conditional Transactions

Balance updates execute via CTX callbacks. The contract stores encrypted balances. When a transfer triggers, submitCTX() queues the state update. Next block, onDecrypt() executes the balance changes.

This ensures atomicity across multiple encrypted state changes. A transfer debits the sender and credits the recipient in the same decryption batch.

3. Re-encryption

Once the encrypted transaction executes, the transfer amount can be re-encrypted to the recipient's viewer key onchain. Only the recipient can decrypt their updated balance client-side.

Example: eUSDC

eUSDC is an encrypted representation of Bridged USDC from Base on SKALE. It's not pegged to the dollar — it maintains 1:1 with the underlying deposit asset:

  • Deposits: Bridged USDC (Base) → encrypted eUSDC via bridge
  • Transfers: Amounts and balances stay encrypted
  • Withdrawals: Encrypted eUSDC → Bridged USDC (Base) with amount reveal

The SDK usage is straightforward:

import { mpp } from '@skalenetwork/mpp/client'
 
const method = mpp.charge({
  chain: 'bite-sandbox',
  currency: 'eUSDC',
  extensions: {
    skale: { encrypted: true, confidentialToken: true },
    gasless: 'eip3009'
  }
})

encrypted: true — Transaction amount encrypts onchain. confidentialToken: true — Uses eUSDC with encrypted balances. gasless: 'eip3009' — No gas fees (EIP-3009 permit signature).

Integration with MPP and x402

Confidential tokens combine naturally with MPP (Machine Payments Protocol). I covered this in depth in Confidential MPP on SKALE — the summary:

AI agents paying for services via MPP can use confidential tokens to hide both the payment amount and their remaining balance. Only the agent and the service provider see transaction details.

This matters for:

  • Agent spending patterns — exact amounts hidden from competitors
  • Budget constraints — total holdings not visible onchain

The same applies to x402 payments. When an agent pays for a tool or API via x402, confidential tokens ensure the payment amount and the agent's balance stay private. The HTTP 402 response triggers a gasless payment — and with encryption, the chain only sees ciphertext.

The Pattern, Not The Product

eUSDC is one example. The confidential token pattern applies broadly:

Private Payroll. Companies pay employees without revealing salaries to the world. Each employee sees only their own transfers.

Agent-to-Agent Payments. AI agents transact without broadcasting financial positions. Trading bots settle without revealing strategies via payment patterns.

Sensitive Transfers. Donations, legal settlements, and personal payments execute without public scrutiny.

Compliance-Ready Privacy. Re-encryption enables selective disclosure to auditors without revealing data to the public chain. Threshold decryption can trigger for authorized compliance keys.

Any token can be made confidential using this pattern. These primitives are native to SKALE — no custom VMs, no circuit languages, no rewrites required.

What This Enables

Confidential tokens prove that programmable privacy isn't theoretical. The primitives work together to solve real problems:

  1. Encrypted transactions hide amounts in transit (client-side encryption)
  2. Re-encryption delivers private balances to recipients onchain
  3. Conditional transactions enable encrypted state updates (being explored)

The result is a token with the same functionality as ERC-20 but privacy properties that match traditional banking. The barista test — passed.

Want Confidential Tokens?

If you're issuing a token and want to add privacy to it, reach out.

Sawyer (TheGreatAxios) is VP Developer Success at SKALE and actively building AI systems and agents.