Skip to content
You are reading Hyperledger Besu development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.
Last update: June 3, 2021



Orion features have been merged into Tessera! Read our Orion to Tessera migration guide and about all the new Tessera features.

In Besu, privacy refers to the ability to keep transactions private between the involved participants. Other participants cannot access the transaction content or list of participants.


For production environments requiring private transactions:

Using private transactions with pruning or fast sync is not supported.

Private transaction manager

Besu uses a private transaction manager, Tessera, to implement privacy. Each Besu node sending or receiving private transactions requires an associated Tessera node.

Tessera Nodes

Private transactions pass from the Besu node to the associated Tessera node. The Tessera node encrypts and directly distributes (that is, point-to-point) the private transaction to the Tessera nodes participating in the transaction.

By default, each participant in a privacy network uses its own Besu and Tessera node. Multi-tenancy allows more than one participant to use the same Besu and Tessera node.


Private Transaction Managers are also known as Enclaves.

Reorg-compatible privacy

In v1.4, using private transactions in a network using a consensus mechanism where forks occur (that is, PoW algorithms or Clique) is an early access feature. For example, using private transactions on Ropsten.

Do not use private transactions in production environments using consensus mechanisms where forks occur.

Questions or feedback? You can discuss issues and obtain free support on Hyperledger Besu chat channel.
For Hyperledger Besu community support, contact the mailing list