On a Tuesday in late March, at LIFT Day in Brasília, Brazil’s central bank confirmed what its Drex coordinator had been signalling since August: the wholesale CBDC programme that the global central-banking community had spent two years treating as a working laboratory for programmable money would launch in 2026 without a blockchain underneath it.
That sentence deserves a second read. The Banco Central do Brasil — operator of Pix, the most operationally successful real-time-payments system any central bank has ever shipped — ran a DLT pilot on Hyperledger Besu, brought in sixteen consortium proposals, tested privacy solution after privacy solution across two phases, and at the end concluded that none of them cleared the bar. Phase 1 of Drex, the version that goes live next year, is a centralised lien-reconciliation system — what Brazilians call gravames — for banks, notaries and brokers. No programmable money. No retail wallet. No smart contracts. No DLT.
We need to be honest about something before going further. In April, Clarqo described Drex as “a technical benchmark” for programmable money — a wholesale CBDC framework “driving significant interest” for automated escrow, conditional payments and DeFi-compatible settlement. That framing is now wrong. The BCB itself has invalidated it. The piece you are reading exists because we said something a month ago that the issuing central bank has since contradicted, and saying so on the record is the only reasonable response.
The operative public document is the BCB’s own scoping update on Phase 2, published in September 2024, which has now been ratified by the redirection of Phase 1. The bank’s own language is worth quoting verbatim:
“The privacy technological solutions tested so far, despite evolution over the period, have not demonstrated the necessary maturity.”
That is the structural sentence. It is not a budget complaint. It is not a vendor complaint. It is a statement that, after two years of work with serious counterparties on a permissioned Ethereum-derivative chain, the BCB could not reconcile two requirements that any central bank must hold simultaneously: confidentiality of inter-bank transactions, and supervisory visibility for the central bank itself. Fábio Araújo, the Drex programme coordinator, said the quiet part loudly in August: Phase 1 “will not feature decentralisation elements.” Phase 2 may yet return to blockchain — Araújo explicitly held that door open — but on no announced timetable.
The privacy-versus-supervision tension is not a Brazil problem. It is the central architectural problem of every wholesale CBDC running on a shared ledger. Brazil’s significance is that it tried harder than anyone to solve it, and stopped.
The case for putting a wholesale CBDC on DLT has always been instrumental, not aesthetic. It rested on three implicit assumptions: that smart contracts on a permissioned chain are the cheapest way to deliver atomic settlement and programmability; that the privacy primitives required for inter-bank confidentiality are within engineering reach; and that pilot-stage learnings would mature into production posture on a predictable curve. The BCB’s pivot does not falsify any of those assumptions absolutely. But it removes the most active operational proof-point that they hold together at the scale of a real national settlement system.
Read the room. The European Central Bank is preparing a digital euro with a target window of 2027–2028, with offline functionality and a €3,000 holding cap and a privacy debate that the European Parliament has not closed. The People’s Bank of China runs e-CNY on a permissioned chain that explicitly does not try to solve the inter-bank confidentiality problem — the central bank sees everything by design, and that is a feature of the political system, not of the technology. The Bank of England’s digital-pound consultation is technology-neutral by stated intent. None of these programmes were waiting on Brazil. But the 134-jurisdiction BIS survey that anchors most CBDC commentary depends on the assumption that the more advanced pilots are clearing structural hurdles. The most advanced wholesale pilot just told us its hardest hurdle is not cleared.
Phase 1, launching in 2026, is a closed-perimeter database with strong identity controls that talks to PIX, sits inside the National Financial System, and does one thing: tells a bank whether the asset a borrower is pledging as collateral has already been pledged to another bank. That is a real problem — gravames fraud and double-pledging is a meaningful drag on Brazilian credit pricing — and solving it is genuinely useful. It is also, structurally, the work of a registry, not of a currency. There is no balance held in Drex. There is no Drex-denominated transfer between members of the public. There is no programmability layer.
The marketing language (“Drex”) is preserved. The substance has changed. A reader who hears “Brazil’s CBDC launches in 2026” and pictures something analogous to e-CNY or the proposed digital euro is being misled by the brand continuity.
Three things. First, whether the BCB publishes the post-mortem in technical detail — which privacy tools were tested, against which threat models, with which failure modes. That document, if it appears, is the most valuable public artefact in central-bank DLT work since the start of the experiment. Second, whether any other wholesale CBDC programme — the BIS mBridge corridor is the obvious one — produces a structural counter-claim. Third, whether Phase 2 in Brazil restarts the DLT track with a named timeline, or quietly absorbs the gravames registry as the permanent shape of the programme.
We will revisit our April framing in the next CBDC piece and tag back to this one. The honest line, as of today, is narrower than the one we ran a month ago: Brazil has shown that a serious central bank, given two years and a competent technical partner pool, can fail to make wholesale DLT work to its own standards. That is not the end of the CBDC-on-blockchain story. It is the most informative data point that story has produced.