Etherscan currently displays 54 holders of BlackRock's BUIDL token on Ethereum mainnet. Anyone with a browser can see them. Tether's hot wallets are tracked in real time. Every USDC transfer above $1M gets flagged within seconds.
Now consider what isn't on-chain. Goldman's repo book. Apollo's loan-level allocations. Citadel's market-making inventory. The cross-currency basis swaps that move trillions overnight.
Both lists are growing. Neither is converging on the other. There's a sorting principle nobody talks about explicitly but every issuer eventually discovers: information sensitivity dictates infrastructure.
Add up the asset classes that cannot live on a transparent public ledger. Global OTC derivatives ($600T+ in gross notional). Bilateral repo (~$5T in daily flows). Securities lending (~$2T). Private credit ($1.7T+). Active institutional balance sheet positions. The total runs to tens of trillions, all of which will tokenize somewhere, just not anywhere a competitor can read them.
What's actually on public chains
Approximately $30 billion in real-world assets sits on public blockchains today (per RWA.xyz as of May 2026, excluding stablecoins). The mix is dominated by stablecoins themselves (~$300B separately), tokenized money market funds (BUIDL, BENJI, OUSG), tokenized Treasuries, and fund-level wrappers around private credit. These work in public because the information being exposed isn't strategic. A Treasury bill is the same instrument in every account. An MMF rebalances by formula. There's nothing competitively sensitive to hide.
Now contrast that with what hasn't moved on-chain at scale, despite years of pilots and billions in invested capital. Active hedge fund positions. Bilateral repo at the trade level. Securities lending inventory. Prime brokerage relationships. Loan-level private credit data. OTC derivatives books. Active market-making inventory. Bank balance sheets.
The reason is the same in every case. Exposing these on a public chain, even with KYC whitelists, multiple addresses, or custody-layer pseudonymity, leaks intelligence that competitors will harvest. When the Federal Reserve studied two tokenized bonds issued on public Ethereum (Santander 2019, EIB 2021), they found issuers had to push almost everything operationally meaningful off-chain to maintain confidentiality. The blockchain became a thin pointer system.
Privacy is coming. But when?
The standard response to all of this is that public-chain privacy primitives are being built, and once they ship, the rest of institutional finance will migrate. There's a familiar list of technologies people cite.
Stealth addresses (ERC-5564, proposed August 2022) have been around for nearly four years now, and no major institutional wallet supports them in production. Fully homomorphic encryption, championed by Zama and others, is genuinely promising research, but recent academic benchmarks still put it at 3-6 orders of magnitude slower than plaintext computation. That's not production-ready for institutional throughput. Anonymized RPC endpoints exist in research papers but aren't the default in any institutional wallet. Built-in wallet privacy remains vaporware as of 2026.
Each of these is real engineering work. But the institutional question isn't whether they'll exist eventually. It's whether an issuer launching today should defer by three to five years to wait for them. The answer for most is no. Which is why the data shows sensitive asset classes either don't tokenize at all, or tokenize on rails that already provide the privacy properties they need.
Privacy as architecture, not feature
Public chains optimize for trustless settlement between unknown, potentially adversarial parties with global verifiability. Privacy in that model is genuinely hard, because you're trying to give participants confidentiality from observers who have access to every byte of state.
For regulated entities, the threat model is different. Counterparties are known, KYC'd, and legally bound. The parties you need confidentiality from are competitors and the broader market, not anonymous attackers. You don't need cryptographic guarantees against Byzantine adversaries. You need architectural guarantees that information flows only to entitled parties.
That's the design choice @CantonNetwork made when it was built. Privacy isn't a layer added on top. It's the default. Whether that's the right answer in every case is a separate question, but the data on what's actually being tokenized is becoming hard to ignore. Broadridge's DLR repo platform on Canton settled $368 billion in average daily volume in April 2026, nearly $8 trillion for the month, a 268% year-over-year increase. DTCC announced it would tokenize DTC-custodied U.S. Treasuries on Canton with MVP in H1 2026. Goldman Sachs' Digital Asset Platform runs natively on Canton. Strategic investors closing late 2025 included BNY (custodian for $57T in client assets), Nasdaq, S&P Global, and iCapital.
These are the institutions that show up when industry analysts say "trillions are coming on-chain." Their actual production volume is on rails optimized for their actual privacy requirements.
A practical framework
Two questions resolve most of the public versus private chain decision.
1. Position-strategic risk. If a competitor sees my position, do I lose alpha?
2. Counterparty-confidential risk. If the public sees who I'm transacting with, am I exposing relationship intelligence?
Issuers who push assets onto rails that don't match their information profile usually end up in one of three places. They accept the leakage and lose competitive position. They push the meaningful state off-chain and end up with a blockchain that's really just an expensive pointer system. Or they delay the launch indefinitely, waiting for primitives that may not arrive on their timeline.
There's a fourth option, which is to pick the rail that matches the asset in the first place. That's increasingly the one institutions are quietly choosing.
@FiveNorthHQ is an infrastructure provider on the Canton Network. We build wallets, explorers, and validator infrastructure, operate as a Super Validator, and invest in middleware and applications across the regulated digital asset ecosystem.
