Open Access  Subscription Access

As central banks worldwide explore the development of Central Bank Digital Currencies (CBDCs), a critical design challenge lies in reconciling user privacy with regulatory oversight [1-2]. Traditional account-based systems inherently expose transaction details, while fully anonymous approaches may conflict with anti-money laundering (AML) and counter-terrorism financing (CTF) requirements. To address this challenge, we propose a privacy-preserving CBDC transaction framework that combines a UTXO-based model with Ring Confidential Transactions (RingCT), stealth addresses, and elliptic curve cryptography. The system is implemented on Hyperledger Besu, an enterprise grade Ethereum compatible platform designed for permissioned blockchain environments. We evaluate the proposed framework through intra-bank and inter-bank transaction scenarios, analyzing throughput, latency, and resource utilization. Our results show that while privacy-enhancing mechanisms introduce cryptographic overhead, the system maintains stable performance and acceptable latency. Furthermore, we introduce a dual-scenario privacy model that enables selective transparency, allowing authorized entities—such as auditors—to access encrypted transaction metadata without compromising individual privacy. This research demonstrates the practical viability of embedding strong privacy guarantees within CBDC architectures while preserving auditability and operational efficiency. The proposed model provides a scalable and adaptable foundation for future digital currency infrastructures.

Central Bank Digital Currency (CBDC), Unspent Transaction Output (UTXO), Ring signature, Stealth address, Ring Confidential Transaction (RingCT)