The fundamental bargain
Monero hides every transaction at the protocol level. Ring signatures pick decoy inputs from past UTXOs; stealth addresses make every output a one-time key; RingCT hides the amount. There is no role for an operator to decide whether a particular sender or amount deserves to be private — there isn't a knob to turn. The privacy is structural.
Privacy Pools hides individual deposits inside a smart-contract pool, then lets you withdraw with a zero-knowledge proof that "my deposit is somewhere in this approved subset of the pool." The approved subset — the association set — is curated by 0xbow. 0xbow's published positioning: "a compliant way to anonymously transact on Ethereum. 0xbow blocks illicit actors to ensure pool integrity." Translation: the privacy is real, but it's conditional on 0xbow's filter accepting you.
That's the trade. Monero's bargain is "no permissions, no exceptions, no recourse." Privacy Pools' bargain is "permissions exist, filtering is the price, and you get back ETH/USDC/etc. on the chain you already use." Both are honest. They just defend different things.
Who decides you get to be private?
This is the question that splits the two designs more cleanly than anything else.
- Monero: the protocol. You. Nobody else can revoke the privacy of a transaction you already broadcast. There is no operator to subpoena, no association set to be excluded from, no withdrawal queue to be stuck in. The closest thing to "revocation" is a future protocol-level change — which requires hard-fork consensus.
- Privacy Pools: 0xbow. They run the association-set curation. Their filter determines which past deposits you can prove membership in. If your deposit lands on the wrong side of that filter — even by mistake — your withdrawal proof can't reference a "clean" subset and the funds become recovery-only.
0xbow has not (publicly) documented their inclusion criteria, the appeal process for false positives, or which jurisdictions' sanctions lists they honour. That information may exist in the smart-contract code (the frontend is open source at 0xbow-io/privacy-pools-website), but the operational policy that drives the filter sits with the operator.
What happens when the gatekeeper says no
This is the failure mode worth thinking about before you deposit, not after.
Scenario: you deposit USDT into the Privacy Pools USDT pool. Six months later, you go to withdraw. 0xbow's association set has been updated, and your deposit transaction now associates with addresses they consider compromised — maybe a counterparty you transacted with three steps back got sanctioned. Your withdrawal proof either fails to verify against the "compliant" set, or your withdrawal lands on a different subset that is itself a leakage signal ("this withdrawal came from outside the clean set" is informative).
The Privacy Pools paper proposes that excluded deposits aren't lost — they can be associated with the unfiltered set, which is itself a "I didn't pass the compliance filter" signal but still lets you move the funds. In practice, the unfiltered set is exactly where chain analysts focus, so privacy collapses to "your counterparty doesn't know who deposited, but the surveillance industry does."
Monero's equivalent failure mode is a protocol-level break (Triptych decoy-set weaknesses, traceable transactions from a future cryptanalysis result). Both are real risks, but the Monero version requires breaking the cryptography; the Privacy Pools version requires the operator to update a JSON file.
When Privacy Pools is the right tool
Privacy Pools is genuinely useful when two things are true at once:
- You must stay on Ethereum (or BNB, Optimism, Arbitrum, Starknet — the chains it supports) because the asset you hold only exists there. USDT-ERC20 has no Monero analogue; some DeFi positions can't be unwound without staying on-chain.
- Your threat model is your counterparty, not the operator. You're okay with 0xbow having visibility into your deposit; you're not okay with the recipient of your withdrawal being able to backtrace to it.
That's a real use case — a freelancer paid in stablecoins by a client they don't trust to keep their books private, for example. Privacy Pools breaks the direct link between deposit and withdrawal, which is enough for that threat model.
The liquidity check matters too. As of 2026-05-30, the USDT pool on Ethereum (~$4.1M total funds) and USDC pool (~$1.5M) and ETH pool (~$1.6M) are the only pools with anonymity sets large enough to defend a non-trivial deposit. The long-tail pools (wstETH, BOLD, frxUSD, WOETH, USDS, sUSDS, USD1, Arbitrum USDC + ETH) have deposit counts so small that each individual deposit is approximately self-identifying.
When Monero is the right tool
For most readers of this directory, this is the answer:
- Your threat model includes the operator. You don't want any third party able to look at your transactions, ever, for any reason.
- You're willing to bridge in. Buying XMR without KYC is well-trodden; the same about leaving it.
- You don't have an Ethereum-bound asset constraint — you're free to settle in XMR or convert at the edges.
- You want privacy without an off-switch. Monero's protocol-level guarantees don't change when a regulator sends a letter.
This is the configuration the rest of this site is optimised for. The directory's mixers category, the wallets list, the no-KYC exchanges all assume you can route through XMR for the privacy-critical hops.
Decision short-form
If you can't tell yourself the truth about your threat model, you'll pick the wrong tool. Try this:
- Is the asset you need to move only on Ethereum/L2? Yes → consider Privacy Pools (on the high-liquidity pools — USDT, USDC, ETH on Ethereum mainnet, not the long tail).
- Are you okay with 0xbow being able to flag and exclude your deposit on a policy change? Yes → Privacy Pools may fit. No → stop, you're looking for Monero (or self-coordinated CoinJoin for BTC; see our mixers page).
- Is your counterparty more dangerous to you than a future regulator + the surveillance industry combined? Yes → Privacy Pools' "break the direct link" is enough. No → Monero, full stop.
If you find yourself answering "I want privacy from everyone, but I really need to stay on Ethereum," the honest answer is: those two goals are partly in tension with each other on a transparent chain. Privacy Pools narrows the link; it doesn't sever it the way Monero's protocol does.
Where to go from here
- Privacy Pools listing — Grade B, with the compliance-gating caveat in the review.
- Monero listing — Grade A, listed first on the mixers page because it makes the rest of that page optional.
- How to buy Monero without KYC — if you decided Monero is the right answer.
- What "no-KYC" actually means — the editorial framing this site uses to grade things.