Introducing Bermuda: The Composable Privacy Layer of Status Network

Status Network is the first reputation-based L2 designed for humans and bots, enabling gasless transactions and composable privacy at scale. Today, we are introducing Bermuda, the native privacy layer of the Status ecosystem.

In contrast to conventional privacy solutions that function as isolated, high-friction applications, Bermuda is integrated as a native property within the Status Network protocol. This foundational infrastructure provides a level of confidentiality that standard banking and existing Layer 2s lack, enabling private onchain interactions that are fully composable with native ecosystem primitives, such as Orvex (DEX) and FIRM (CDP).

Why privacy should be a native feature, not a separate product

On most chains, every balance is public and every payment is traceable. While users value privacy, separate privacy apps have struggled to scale because switching interfaces creates high friction.

Bermuda is a UI-agnostic, plug-and-play SDK that changes this narrative. We believe privacy shouldn’t be a separate destination; it should be a native mode within the environment you already use. Bermuda will be incorporated into the network infrastructure from the start. This native approach unlocks:

• Network-specific privacy: Bermuda turns privacy into a native property of the Status Network, allowing for confidential balances and transactions across the entire ecosystem.
• Application-specific privacy: Bermuda enables any wallet or app on Status Network to adopt a "private mode".
• Interoperable privacy: Bermuda makes privacy interoperable, allowing an end-to-end privacy user experience across applications, for example with Orvex and FIRM, without exiting the privacy pool.

How Bermuda works: gasless, composable, and compliant

Bermuda operates as a privacy layer situated between the account and chain layers. It utilizes Zero-Knowledge (ZK) technology to prove and verify transactions and maintains a UTXO-based encryption scheme to shield assets.

Key Native Primitives

1) Maximizing privacy

• Gasless transactions through relayers: By leveraging a gasless execution environment, Bermuda removes one of the most persistent sources of metadata leakage in private on-chain activity.
• Confidentiality of the UTXO model: Bermuda’s core privacy layer is defined through its UTXO-based model which keeps value encrypted across the lifecycle of the assets.
• Bootstrapping anonymity sets through gasless cover traffic: Bermuda uses the gasless environment to route automated, real-looking traffic through the pool at zero cost. This creates continuous cover traffic, accelerates the formation of large anonymity sets, and makes individual user behavior materially harder to isolate.

2) Optimizing for an evolving regulatory landscape

• Fund lineage through a sub-UTXO model: Bermuda introduces fund lineage via a sub-UTXO model, enabling provenance and policy enforcement without compromising the privacy of the broader pool. This creates a more adaptable compliance foundation as regulatory expectations continue to evolve across jurisdictions.
• Enhanced fund and user verification: Bermuda strengthens compliance through enhanced fund and user verification methods designed to support a modular, risk-based approach. Rather than relying on blanket visibility, the system enables more targeted controls that can be tailored to specific regulatory and institutional requirements.
• User sovereignty by design: Bermuda emphasizes user sovereignty by eliminating master viewing keys, collective unshielding mechanisms, and fund freezes. This ensures compliance can be strengthened without introducing systemic backdoors, custodial control points, or surveillance-heavy architecture at protocol level.

3) Building a privacy ecosystem

• Composability across apps, jurisdictions, and chains: Bermuda is designed as a privacy infrastructure that can be composed across different applications, regulatory environments, and blockchain ecosystems. This makes privacy a reusable primitive that can support a wide range of use cases rather than remaining confined to a single closed system.
• App-specific on-chain logic: Bermuda enables application-specific on-chain logic, including compliance-sensitive rules tailored to different products, markets, and jurisdictions. This allows developers and institutions to build on a shared privacy layer while preserving flexibility at the application level.
• App-specific off-chain data exposure: Bermuda can expose app-specific off-chain data where required without compromising underlying user privacy. This is particularly important for serving regulated institutions that need reporting, verification, or operational visibility without undermining the confidentiality guarantees of the base protocol.

Compliance deep dive

Bermuda supports multiple compliance policies on shared rails. This makes compliance modular, adaptable, and foundational to a broader privacy ecosystem, unlike systems where policy logic is static or funds are segregated into separate pools.

• Verification-based at the edges: Bermuda’s compliance model is focused on deposit and withdrawal, rather than continuous surveillance of all in-pool activity. This preserves privacy internally while enforcing controls where they matter most.
• No fund freezes: Bermuda never freezes or seizes funds. If assets are flagged, they can still exit, but only through a public withdrawal path, preserving traceability for those specific funds without compromising the privacy of the broader pool.
• Dynamic fund status management: compliance is not a one-time check at deposit. Bermuda can detect and manage status changes throughout the lifecycle of funds, allowing updated risk signals or sanctions changes to be enforced at withdrawal.
• Application-specific compliance gates: on top of the base protocol policy, applications can introduce additional compliance requirements tailored to their own products, users, jurisdictions, or institutional needs.
• Extensible policy engine: Bermuda’s policy engine uses a predicate-based design with a base protocol configuration that is extensible by default. This allows application- and jurisdiction-specific logic to coexist on shared privacy infrastructure.

The economic engine: Karma and governance

Bermuda is a central component of the Status Network's economic flywheel.

• Earn Karma: contributing to the depth and liquidity of private pools is a core way to earn Karma, the L2's soulbound reputation token.
• Governance power: Karma holders govern the native yield pool, voting on how yield generated from bridged L1 assets and L2 app fees is allocated back to the ecosystem.
• Reputation-based access: high Karma scores unlock increased free transaction throughput, making complex, private DeFi strategies sustainable for both humans and bots.

Road to mainnet

Bermuda's core infrastructure is currently being integrated into the Status Hub and the Status super-app. To support the future of onchain activity, Status Network will adopt agentic protocols. When coupled with gasless transactions, this creates the premier environment for AI agents to execute their own proprietary strategies without the need to maintain complex paymaster or gas management architectures.

Native privacy is coming to Status Network.

• Pre-deposits are live: Visit hub.status.network/pre-deposits to deposit ETH, stablecoins, SNT, or LINEA and earn boosted Karma ahead of mainnet launch.
• Join the builders: Review our progress and documentation at docs.status.network.
• Follow us on twitter: https://x.com/StatusL2