Privacy methodology

Gavin · May 28, 2026, 8:00pm

hello! L2BEAT’s new privacy dashboard is

it covers a lot, and really well: tvl, deposit/withdraw counts, asset breakdown, architecture, risk, governance, compliance, etc

i think we can do even better, and would love to help. we have been collaborating with https://explorer.web3privacy.info

i think we need more contextual asset privacy strength. we’re calling it Effective Crowd. our privacy score should answer the Q:
“how many plausible alternatives does a user have for this kind of action in this time window?”

Effective Crowd: the live, relevant set of actions a user can plausibly blend into

here’s our first attempt here: https://dune.com/gavinly/railgun-privacy

for example, “for a ~$1k USDC action today, how many plausible alternatives exist?”

Effective Crowd tries to estimate: asset type, amount range, timing, and entry/exit ambiguity

these can be complementary, like L2BEAT gives protocol-level privacy infra metrics, and Effective Crowd gives action-specific crowd/context metrics

Gavin · May 29, 2026, 1:04pm

actually i gave a talk about this in Prague recently, at a web3privacy now meetup. these are the slides: https://drive.google.com/file/d/1m0uKgTXkslE9qjw-t_JHOGSs6d8eF2C3/view?usp=sharing

since then we’ve done a bit of work on exact metrics. here’s a live example: https://dune.com/gavinly/railgun-privacy

Gavin · May 29, 2026, 1:07pm

some examples (thanks to chatgpt)

Live Crowd - Is there recent privacy-relevant activity?
Example: $5M TVL, but only 4 withdrawals in 30 days → weak Live Crowd.
Asset Crowd - Is there activity for this specific asset?
Example: USDC has 500 recent actions, NEAR has 1 old deposit → USDC has crowd, NEAR does not.
Size Crowd - Are there similar-sized actions?
Example: A $700 withdrawal blends with $500–$1k withdrawals, not $100k whale exits.
Time Crowd - Are similar actions happening nearby in time.
Example: 20 similar withdrawals this week → stronger. Last similar one 3 months ago → weak.
Entry/Exit Ambiguity - Is it hard to pair deposits with withdrawals?
Example: One 10,000 USDC deposit followed by one 10,000 USDC withdrawal two days later → low ambiguity

Gavin · May 29, 2026, 1:37pm

for an MVP, the dashboard could use Dune to compute a few reference checks each week (rather than asking every user/project to input arbitrary values)

eg. ETH (or WETH): 0.1, 0.5, 1 ETH, 5 ETH
USDC/USDT/DAI: $100, $500, $1k, $10k

the project page could show a compact note, eg. “Effective Crowd estimate is for common reference amounts.”

then maybe an external link to a standalone dashboard. we could use a Dune dashboard with a table:

protocol - chain - asset - amount - 30d window
Effective Crowd: High/Med/Low
Live Crowd / Asset Crowd / Size Crowd / Time Crowd / Entry-Exit Ambiguity

projects that want to be listed on the dash can provide contract addresses and i think we’ll need their event semantics

basti · May 29, 2026, 1:47pm

nice, but why not keep calling it anonymity set?
you can look at the anon set naively and just take all deposits, or look at it in more detail as you do in your effective crowd. but imo as soon as you go into more detail you should also look at other fingerprinting methods than the ones that are strictly onchain, this is where the real reduction in anon set or doxxing comes from these days imo

oh also have you seen the ‘Anonymity set’ paragraph in Onchain privacy best practice - L2BEAT?

Gavin · May 29, 2026, 2:59pm

hi @basti, nice to meet, and thanks for responding

yes! saw the anonymity-set paragraph in the best-practices piece. ++well-considered and nuanced. (btw, very grateful you’re advancing this, and i look forward to donating to L2BEAT in the next security round). the naive set can be much larger than the practical set once address reuse, timing analysis, and off-chain info are applied

i don’t think “Effective Crowd” replaces ‘Anonymity Set’ as the technical concept. the dashboard idea is to try to make one slice of that practical reduction visible. the challenge is that anonymity set often gets communicated via proxies like total deposits, total notes, pool size, tvl, etc

but the Q users should actually care about is more contextual

“for this asset, this amount range, and this time window, how many plausible alternatives exist?”

or more simply

“i want this amount of my asset to be private. will i blend in?”

so i think of it as

naive anonymity set → all possible candidates

effective crowd → the portion of that set that remains relevant after obvious filters eg. asset, amount, timing, entry/exit patterns

agree that on-chain data is only part of the story. but it’s the part that’s public, permanent, and available for anyone to analyze indefinitely, which makes it a useful place to start

to me, “Effective Crowd” is just a scoped anonymity-set estimate, and potentially a more intuitive dashboard label for regular users

Topic		Replies	Views
Reworking TVL on L2BEAT Methodology & Framework	6	2298	July 8, 2022
Data Availability Risk Framework - call for feedback Methodology & Framework	16	2384	October 21, 2024
List $COTI a privacy-centric L2 for Ethereum! Listing Requests	0	249	February 29, 2024
L2Bridge Risk Framework Methodology & Framework	28	14391	September 11, 2023
Rollup maturity ranking proposal - call for final feedback Methodology & Framework	11	2629	April 7, 2025

Privacy methodology

Related topics