This work addresses the inherent tension between the transparency of public blockchains and the confidentiality requirements of sensitive data, which has hindered their adoption in privacy-critical applications. The authors propose an open-source web platform that leverages smart contracts to enforce business logic on a public blockchain while ensuring transaction verifiability. To reconcile transparency with data privacy, the system integrates attribute-based encryption (ABE) to provide fine-grained access control over confidential information. This approach uniquely achieves, for the first time in a public blockchain setting, the simultaneous enforcement of business processes, public verifiability of transactions, and strong confidentiality guarantees. By overcoming the traditional trade-off between transparency and privacy, the proposed solution facilitates the practical deployment of blockchain technology in domains where data sensitivity is paramount.

Blockchain technology enforces the security, robustness, and traceability of operations of Process-Aware Information Systems (PAISs). In particular, transparency ensures that all data is publicly available, fostering trust among participants in the system. Although this is a crucial property to enable notarization and auditing, it hinders the adoption of blockchain in scenarios where confidentiality is required, as sensitive data is handled. Current solutions rely on cryptographic techniques or consortium blockchains, hindering the enforcement capabilities of smart contracts and the public verifiability of transactions. This work presents the CONFETTY open-source web application, a platform for public-blockchain based process execution that preserves data confidentiality and operational transparency. We use smart contracts to enact, enforce, and store public interactions, while we adopt attribute-based encryption techniques for fine-grained access to confidential information. This approach effectively balances the transparency inherent in public blockchains with the enforcement of the business logic.