Privacy in Directed Acyclic Graph (DAG)-based distributed ledger technologies (DLTs) has been systematically overlooked, leaving a critical gap in both theoretical understanding and practical mitigation strategies. Method: We propose the first privacy taxonomy for DAG-DLTs, formally defining six fundamental privacy threat models and exposing the intrinsic tension between scalability and privacy guarantees. We identify twelve key trade-off constraints and conduct rigorous privacy modeling, protocol-level security analysis, and empirical evaluation across major DAG-DLT systems—including IOTA, Nano, and Hedera. Contribution/Results: Our work delivers a deployable privacy-enhancement roadmap grounded in systematic analysis. It establishes actionable design principles and a research agenda for privacy-by-design next-generation DAG architectures, bridging theory and practice to enable robust, scalable, and privacy-preserving ledger systems.

Directed Acyclic Graph (DAG)-based Distributed Ledger Technologies (DLTs) have emerged as a promising solution to the scalability issues inherent in traditional blockchains. However, amidst the focus on scalability, the crucial aspect of privacy within DAG-based DLTs has been largely overlooked. This paper seeks to address this gap by providing a comprehensive examination of privacy notions and challenges within DAG-based DLTs. We delve into potential methodologies to enhance privacy within these systems, while also analyzing the associated hurdles and real-world implementations within state-of-the-art DAG-based DLTs. By exploring these methodologies, we not only illuminate the current landscape of privacy in DAG-based DLTs but also outline future research directions in this evolving field.