Updated on May 1, 2020

Private transactions

Private transactions have extra attributes to public Ethereum transactions:

  • privateFrom - The Orion public key of the transaction sender
  • privateFor - The Orion public keys of the transaction recipients, or
  • privacyGroupId - The privacy group to receive the transaction
  • restriction - Whether the private transaction is restricted or unrestricted:

    • restricted private transactions, only the nodes participating in the transaction receive and store the payload of the private transaction.
    • unrestricted private transactions, all nodes in the network receive the payload of the private transaction, but only the nodes participating in the transaction can read the transaction.


    Besu implements restricted private transactions only.

The gas and gasPrice are used by the privacy marker transaction not the private transaction itself.

For more information about creating and sending private transactions, see the How To documentation.

Besu and Orion keys

Besu and Orion nodes both have public/private key pairs identifying them. A Besu node sending a private transaction to an Orion node signs the transaction with the Besu node private key. The privateFrom and privateFor attributes specified in the RLP-encoded transaction string for eea_sendRawTransaction are the public keys of the Orion nodes sending and receiving the transaction.


The mapping of Besu node addresses to Orion node public keys is off-chain. That is, the sender of a private transaction must know the Orion node public key of the recipient.


Private transaction processing involves two transactions, the private transaction distributed to involved participants and the privacy marker transaction included on the public blockchain. Each each of these transactions has its own nonce.

Private transaction nonce

Besu maintains separate private states for each privacy group. The private transaction nonce for an account is specific to the privacy group. That is, the nonce for account A for privacy group ABC is different to the nonce for account A for privacy group AB.


If sending more than one transaction for mining in the same block (that is, you are not waiting for the transaction receipt), you must calculate the private transaction nonce outside Besu.

Privacy marker transaction nonce

The nonce for the privacy marker transaction is the public nonce for the account.