Xelis, Nonos, Salvium: Three Lowcap Projects Rewriting the Rules
#privacy #lowcap #XEL #NOX #SAL #MiCA #ZKproof #DePIN
⚠️ Before we start: This article does not constitute investment advice. These are purely personal observations from a fundamental analyst who has been covering the privacy crypto space since 2016. Micro-cap and low-cap projects carry significant risk. Do your own research.
1. The Battlefield Has Changed
Let me be honest about something. When I started covering privacy coins back in 2016, the main risk was technical: would the cryptography hold up, would the network scale, would the developers stay committed. Today the battle is fought somewhere else entirely. The regulators have arrived, and they are not leaving.
2025 was the year the pressure became structural. The EU’s MiCA framework came into full force, and it is not subtle in its language: exchanges operating under a CASP license must be able to audit the provenance of funds. Assets whose transaction history cannot be reliably traced are effectively incompatible with the new European framework. The consequences showed up fast. Kraken delisted Monero for European users across 30+ EEA countries. XMR dropped 9% the same day. Binance, OKX, Crypto.com followed with their own privacy coin removals. By end of 2025, 73 exchanges had delisted privacy assets, versus 51 two years prior.
In the US, the SEC’s Privacy Coin Guidance memo (March 2025) drew a direct line between privacy-enhanced transactions and AML/KYC obligations. Exchanges not willing to conduct enhanced due diligence on privacy coin trades face regulatory exposure. Most chose the simpler path and removed them. Zcash survives thanks to its optional transparency layer, but its anonymity set is weakened by the fact that most users simply do not use shielded addresses. This is the context in which the new generation of privacy projects is building.
Key figure: 73 exchanges delisted privacy coins in 2025, a 43% increase versus two years earlier.
2. Why the Old Guard Is Struggling
Monero: Maximum Privacy, Zero Institutional Compatibility
Monero is the most battle-tested privacy coin in existence. Ring signatures, stealth addresses, RingCT: the three-layer cryptographic stack has been refined over a decade and it works. But that same architectural thoroughness is its structural problem in 2026.
Privacy-by-default means there is no audit path. No view keys that satisfy regulators, no selective disclosure mechanism that a CASP can use to prove transaction provenance. From an institutional perspective, listing XMR on a regulated exchange is simply not viable anymore in Europe. The network is not going to change its fundamental design, and regulators are not going to relax their requirements. Those two things are just incompatible.
XMR still has a role in the self-custody, peer-to-peer world — on DEXes, on darknet markets, in jurisdictions with minimal regulation. But as a tradeable listed asset on mainstream platforms, the door is closing.
Zcash: Good Technology, Weak Anonymity Set
Zcash did the right thing theoretically. zk-SNARKs, then Halo2 — the cryptographic foundation is sound. The problem is behavioral. Shielded transactions are opt-in, and historically fewer than 20% of Zcash transactions use the shielded pool. The anonymity set is therefore smaller than the cryptography would suggest.
ZEC still trades on several major exchanges and has posted interesting price performance recently. But it illustrates a key point: optionality tends toward the path of least resistance, and most users take the easy route.
The design challenge: New-generation projects need Monero’s cryptographic guarantees, Zcash’s selective disclosure, and the scalability to support DeFi. That is what the projects below are attempting.
3. The New Generation: Three Projects, Three Approaches
What I find genuinely interesting about the current lowcap privacy space is the fragmentation of strategy. These are not clones of Monero with a new ticker. Xelis, Nonos and Salvium each attack the problem from a completely different angle. That diversity is healthy, and it also means they are not directly competing with each other.
3.1 Xelis (XEL): The BlockDAG with Homomorphic Encryption
What it is
Xelis is a Layer-1 blockchain that replaces the traditional linear chain with a BlockDAG (Directed Acyclic Graph) architecture. Multiple blocks can be validated simultaneously at the same height, which eliminates the orphaned block problem that limits PoW throughput. The result is a 5-second block time on a Proof-of-Work network, which is fast.
The project launched without a VC raise, without pre-mine favoritism, without institutional backing. Fair launch, open source, Rust codebase. The GitHub repository shows close to 5,000 commits on the main blockchain repo, with consistent activity from lead developers Slixe and g45t345rt through all of 2025 and into 2026.
The privacy technology
This is where Xelis does something genuinely different. Instead of obfuscation (Monero) or zero-knowledge proofs on amounts (Zcash), Xelis uses homomorphic encryption based on ElGamal over the ristretto255 curve. Account balances and transaction amounts are encrypted on the ledger. When a transfer occurs, the network performs arithmetic directly on the encrypted values, verifying that balances decrease and increase correctly without ever seeing the plaintext amounts. ZKPs are layered on top to prevent inflation attacks.
The practical implication: the privacy is structural and mathematical, not probabilistic. There is no anonymity set to shrink, no opt-in rate that undermines the guarantee.
Smart contracts and DeFi
Xelis activated smart contract support through its own XVM (Xelis Virtual Machine), written in Rust with Tokio async runtime. Developers write contracts in Silex, a new language purpose-built for the architecture. The first native DEX, Xelis Forge, launched in early January 2026, enabling on-chain swaps and liquidity pools without third-party bridges.
Confidential Assets: any token deployed on Xelis inherits the same homomorphic encryption as XEL itself. Private DeFi, natively, from the base layer.
My take
From a fundamental standpoint, Xelis is doing the most technically ambitious thing in this space right now. The BlockDAG architecture is real, the encryption approach is novel, and the GitHub activity is the kind you cannot fake. The fair launch adds conviction for me personally — it removes a major category of risk.
The MiCA compatibility is the weak point. Full mathematical opacity makes exchange listing on regulated European platforms very difficult. Xelis will likely live primarily in the self-custody, DEX-native world unless it builds optional disclosure mechanisms in the future. That is not necessarily a bad position, but it is worth being clear about.
🎙️ Want to go deeper? Read our exclusive interview with Slixe, the lead developer of Xelis: Xelis: Homomorphic Encryption & BlockDAG — Interview with Slixe.
📌 Conviction note: Strong technical conviction. Fair launch, consistent development, novel cryptography. Liquidity risk is real given micro-cap size. Position sizing accordingly.
3.2 Nonos (NOX): When Privacy Starts at the Hardware Level
A completely different problem statement
Every other project in this list is securing the blockchain layer. Nonos asks a different question: what is the point of cryptographic privacy on a distributed ledger if the machine you are using to access it is compromised? Windows has keyloggers. MacOS has telemetry. Standard Linux distributions have unverified kernel modules. Your browser remembers everything. None of the on-chain privacy guarantees in the world protect you if your endpoint device is leaking data.
Nonos is a privacy-first operating system designed to run from a bootable USB device. It loads entirely into RAM. When the machine shuts down, the session is gone. No forensic recovery possible.
The technical architecture
This is not a Linux distribution with some privacy tweaks. Nonos is a microkernel, with applications running in isolated Capsules: cryptographically signed execution environments. A compromised browser cannot escape its capsule to access your private keys. The network layer runs onion mesh routing (onion.rs) hardcoded at the OS level, not as a browser extension you can forget to enable. IP addresses are masked by multiple encrypted hops before any packet leaves the machine.
The system integrates ZKPs into routing packet validation, which allows nodes to verify traffic legitimacy without decrypting content. zkAuth handles authentication through zero-knowledge proofs, meaning no passwords are transmitted over any network. Post-quantum cryptography is baked into the kernel by design, not bolted on as an update.
Nonos also integrates an Ethereum wallet at the kernel level, allowing crypto operations from within the hardened environment. The token model incentivizes network infrastructure: capsule installations, packet relays, proof verifications. Nodes earn NOX for providing infrastructure. The long-term commercial model targets ProtonMail-style tiered access: free base tier, paid enterprise subscriptions, and hardware USB device sales.
My take
Nonos is the most unusual project in this list, and I mean that as a compliment. It is not trying to compete with Monero or Xelis. It is protecting the attack surface that those projects ignore: the user’s own machine.
The caveats are real. Market cap is currently around $1.18M, making it genuinely micro-cap with all the concentration risk that implies (top wallet holds 28.5% of supply). The GitHub activity is solid for a kernel project (75 stars, active CLI tooling), but the community is still small and specialist. This is a project you need to believe in technically before the market does.
The use case is not speculative in the abstract. Institutions, high-net-worth individuals, journalists, and political dissidents all have concrete reasons to want an ephemeral OS with crypto-native security. The question is execution speed and distribution reach.
📌 Conviction note: High technical conviction, early-stage risk. The concentration of token holdings is a concern. Watch for mainnet milestone announcements and distribution progress before sizing up.
3.3 Salvium (SAL): Privacy Engineered for Compliance
The pragmatic bet
Salvium starts from an uncomfortable truth: the current regulatory environment is not going to relax. If privacy coins want to survive on centralized exchanges, they need to give those exchanges something workable. Not full transparency, but proof of auditability on demand.
Salvium is built on the CryptoNote/Monero codebase. Ring signatures, stealth addresses: the same battle-tested privacy stack. But the architecture is fundamentally modified with two additions that change everything from a regulatory standpoint.
SPARC and Carrot
The SPARC protocol (Selective Privacy and Auditability with Regulatory Compliance) provides optional, on-demand transaction disclosure. A user can generate a SPARC disclosure that proves transaction provenance to a regulator or exchange compliance team without exposing other wallet activity. Crucially, the Cypher Stack legal opinion (published 2025) concluded that SAL with SPARC satisfies AML/KYC requirements under MiCA when disclosure is invoked.
The Carrot protocol adds a second layer: a viewing key system that allows an authorized third party (a regulator, an auditor) to see inbound transaction amounts without accessing outbound flows or private keys. This is the kind of surgical disclosure mechanism that a compliance officer can actually work with.
Salvium is currently live on three CEXes, which is notable given the hostile environment for privacy coin listings. The mainnet is PoW-based (RandomX, same algorithm as Monero), making it ASIC-resistant and accessible to CPU miners.
DeFi and economics
Salvium allocates 20% of block rewards to SAL stakers, creating a yield mechanism that reduces sell pressure from miners and incentivizes long-term holding. Maximum supply is capped at 184.4 million tokens with a tail emission of 3 SAL to perpetuate network security. Private smart contracts and confidential stablecoin infrastructure are in development.
The GitHub shows 600+ commits on the main repo, with dedicated contributors maintaining both the blockchain and the SPARC-aware block explorer. The team moves methodically — not the explosive commit velocity of Xelis, but consistent and professional.
My take
Salvium has what I would call the clearest path to exchange listings of the three projects here. That Cypher Stack legal opinion is not marketing — it is a compliance document that a CEX legal team can actually use. For a privacy coin to get listed on Kraken or Gate in 2026, you need that kind of documentation.
The limitation is the flip side of the strength: Salvium accepts the regulatory constraint. Institutions can audit with SPARC. That is less cypherpunk-pure than Xelis, and that philosophical difference will matter to certain parts of the community. For me, it is a trade-off that makes sense given the environment we are operating in.
SAL is the most likely to achieve broader market accessibility. Whether that translates to price is a different question, but it materially reduces one major risk category.
🎙️ Want to go deeper? Read our exclusive AMA with the Salvium team on confidential DeFi and asynchronous transactions: Salvium AMA: Confidential DeFi & Asynchronous Transactions.
📌 Conviction note: Strong regulatory positioning, professional execution, audited code. Best near-to-medium-term listing prospects. The Monero heritage provides cryptographic credibility.
4. Side-by-Side: Xelis, Nonos, Salvium
Three projects, three strategies. They are not competing with each other — they are covering different layers of the same problem.
| Criteria | Xelis (XEL) | Nonos (NOX) | Salvium (SAL) |
|---|---|---|---|
| Layer | Layer-1 BlockDAG | Layer-0 OS DePIN | Layer-1 CryptoNote |
| Consensus | PoW xelis-hash (Kalman) | Proof of Decentralization + Micro-fees | PoW RandomX + 20% Staking |
| Privacy tech | Homomorphic Encryption + ZKP | Onion Mesh + ZKP + RAM-only | Ring Sigs + Stealth + SPARC |
| Block time | 5 seconds | n/a (OS-level) | ~2 minutes |
| Smart Contracts | Yes (XVM, Silex, DEX Forge) | Via Ethereum integration | In development |
| MiCA tolerance | Low–Medium | Out of scope | Very High (SPARC + Carrot) |
| Market cap | ~$1.65M est. | ~$1.18M | ~$692K est. |
| Stage | Mainnet live, DEX launched | Pre-mainnet, ERC-20 token | Mainnet live, CEX listings active |
5. The Investment Thesis (and the Risks)
Let me be direct about how I think about these three positions from a portfolio construction standpoint.
Why privacy lowcaps make sense right now
The regulatory pressure has done something counterintuitive to the opportunity set. First-generation privacy coins are being delisted from CEXes, which is suppressing the entire narrative. Projects like Xelis, Nonos and Salvium are building in that shadow, with minimal marketing budgets and small communities. Market caps are in the micro-cap range precisely because the narrative is under pressure.
But the demand for financial privacy has not disappeared. It has gone institutional. Companies need to protect trading strategies from on-chain analysis. High-net-worth individuals cannot afford to have their wallet balances visible on a public ledger. Governments under surveillance by other governments need private payment infrastructure. This demand does not go away because Binance delisted Monero.
The projects that figure out how to serve that demand while working within or around the regulatory framework are sitting on substantial upside. None of the three discussed here are priced for that scenario yet.
Risk factors to track
- Regulatory escalation: a further tightening of MiCA or an expansion of FinCEN rules could compress the accessible market further.
- Development risk: micro-cap projects with small teams can stall. Monitor GitHub commit frequency monthly.
- Token concentration: NOX in particular has significant whale concentration. Watch distribution metrics.
- Liquidity: all three are illiquid relative to top-cap assets. Exit positions take time at these market caps.
- Competition: larger, well-funded L1 projects (Aztec, Aleo) are building in the same direction with more resources.
How I size these positions
For micro-cap privacy projects at this stage, I apply strict position sizing. No single position exceeds 2–3% of a total portfolio allocation, regardless of conviction level. The risk/reward is genuinely asymmetric on the upside, but the downside can be complete. Diversification across the three approaches (Xelis for technical conviction, Nonos for infrastructure bet, Salvium for regulatory positioning) provides some narrative hedging.
Conviction is highest on Salvium for near-term catalysts, and on Xelis for long-term technological trajectory. Nonos is the highest risk, highest reward bet contingent on successful OS distribution.
6. Where This Goes
The privacy narrative in crypto has been suppressed by regulation. That suppression is creating an entry window in projects that are genuinely solving the next version of the problem: not just privacy, but privacy compatible with the financial system that regulators are building.
Xelis is building the financial infrastructure that transparent DeFi cannot provide. Nonos is building the secure environment that makes all other privacy tools actually work. Salvium is building the bridge that lets privacy assets live on regulated exchanges without compromising user sovereignty.
These are three different bets on three different layers of the same problem. The timeline is multi-year. The risks are real. But the combination of micro-cap entry points and genuine technical differentiation is exactly the setup that has historically produced asymmetric returns in crypto.
I will continue covering the development of all three projects on crypto-lowcap.com. When there are meaningful updates, team interviews, or significant technical milestones, you will find them here.
crypto-lowcap.com | @CryptoRowenta01 on X | Privacy, Decentralization & Blockchain Innovation
Not financial advice. Independent editorial research. DYOR.
Sources
Regulatory Framework & MiCA
- TRM Labs — Global Crypto Policy Review Outlook 2025/26
- Chainalysis — 2025 Crypto Regulatory Round-Up: What Changed and What’s Ahead
- Global Relay — Navigating MiCA Compliance for Crypto Asset Service Providers
- Latham & Watkins — US Crypto Policy Tracker: Regulatory Developments
- World Economic Forum — Crypto rule comparison: the US GENIUS Act versus EU’s MiCA
- SEC.gov — The SEC Launches “Project Crypto”
Privacy Coin Delistings & Market Context
- Altrady — Privacy Coins & Regulation: How the Law is Changing in 2025
- Kraken Support — Notice of Scheduled Asset Delistings – December 2025
- Chainalysis — Privacy Coins 101: Anonymity-Enhanced Cryptocurrencies
- Binance Square — $XMR plunges 9% as Kraken announces it will delist Monero for European customers
Monero vs Zcash: Technical Analysis
- Phemex — ZEC vs XMR: Comparing Top Privacy Cryptos in 2025
- ChangeNOW — Monero (XMR) vs Zcash (ZEC) 2026: Transaction Privacy & Adoption Metrics
- Gate.io Learn — Zcash vs Monero: A Comparative Analysis of Two Privacy Coins’ Technical Approaches
Xelis (XEL)
- GitHub — xelis-project/xelis-blockchain: A private blockDAG with Homomorphic Encryption and Smart Contracts
- Xelis Docs — Introduction – XELIS Documentation
- Xelis Whitepaper — XELIS: A High-Performance BlockDAG for Private, Instant, and Scalable Decentralized Transactions
- GitHub — xelis-project/xelis-vm: XELIS Virtual Machine (XVM) for Smart Contracts
- Xelis Community — Xelis Monthly Update — August 2025
Nonos (NOX)
- Nonos Systems — Official website: NONOS Systems
- GitHub — NØNOS – GitHub organization
- Medium — NØNOS: The Proof-Native DePIN Operating System
- Medium — NØNOS Core Development Update: Operating System and Tokenomics Integration
- CoinGecko — NONOS (NOX) Price, Market Cap & News Today
Salvium (SAL)
- Salvium — Official website: Salvium Protocol
- GitHub — salvium/salvium – GitHub repository
- Chainwire — Salvium Solves the Privacy Paradox: Salvium One Delivers MiCA-Compliant Privacy That Exchanges Can List
- TradingView / Chainwire — Independent Legal Opinion Confirms Salvium is a Privacy Coin Compliant for EU MiCA Regulated Exchanges
- Medium — Salvium: The First Privacy Chain Built with MiCA in Mind
