Ethereum’s privacy paradox
When Vitalik Buterin walked on stage at Devcon 2025 to demo Kohaku, he summed up Ethereum’s situation bluntly. The network has strong security and privacy research and solid layer-1 security. But it still hasn’t “leveled up the last mile,” the wallets and apps people actually use.
On paper, Ethereum has spent a decade leading the way. Elliptic-curve precompiles in 2018 opened the door to zero-knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs) and privacy tools like Tornado Cash and Railgun. The DAO hack in 2016 pushed the ecosystem toward serious audits, helped drive demand for robust wallets such as Gnosis Safe and turned multisigs from a niche idea into standard practice.
Yet everyday private use in 2025 still feels clumsy. People juggle extra seed phrases, install special wallets, hope public broadcasters don’t fail and often fall back to centralized exchanges because they are simpler.
Kohaku is Ethereum’s solution.
Did you know? The Ethereum Foundation’s new Privacy Cluster already includes about 47 members, from protocol engineers to wallet teams, all tasked with pushing “privacy by default” into the ecosystem.
Why privacy is back on the front burner in 2025
So, why is Ethereum treating privacy as a core priority again instead of a niche feature for power users?
In his April essay “Why I Support Privacy,” Buterin described privacy as freedom, order and progress at the same time:
It’s freedom because people need space to act without every move being logged and judged.
It’s order because many social and economic systems quietly rely on the fact that not everyone sees everything.
And it’s progress because we want to use data for medicine, science and finance without turning daily life into a permanent surveillance feed.
Meanwhile, onchain life is more exposed and has higher stakes than ever. Real-world assets, larger decentralized finance (DeFi) positions and public identity increasingly overlap. Transparency is useful, but it also means your balances, donations and counterparties can be traced with a few clicks.
Kohaku arrives at exactly this point: Ethereum already has the cryptography it needs for privacy, but it now needs a way to make that privacy safe, usable and acceptable in a world that cares about regulation.
Did you know? A recent study of 53 Ethereum wallets found that address poisoning and fake token transfers have already cost users over $100 million largely because wallet interfaces don’t clearly flag suspicious activity.
What is Kohaku, in layman’s terms?
Kohaku is best understood as Ethereum’s new privacy-and-security toolkit for wallets.
For developers, it’s an open-source framework from the Ethereum Foundation that includes a modular software development kit (SDK) plus a reference wallet. The SDK provides reusable components for private sending, safer key management and recovery, and risk-based transaction controls, so teams don’t have to build an entire privacy stack from scratch.
For users, the first version is a browser extension wallet aimed at power users, built as a fork of Ambire. It supports private and public transactions, separate accounts per decentralized application (DApp), peer-to-peer broadcasting instead of centralized relays and tools to hide internet protocol (IP) addresses and other metadata where possible.
Under the hood, Kohaku plugs into existing Ethereum privacy tools like Railgun and Privacy Pools instead of inventing a new mixer or layer-2 (L2) network. That lets it focus on what has truly been missing: a coherent wallet architecture where privacy, recovery and security are built in from day one instead of bolted on as experimental extras.
How Kohaku works
Under the hood, Kohaku is less “one big app” and more a stack of Lego bricks for building private, safer wallets.
First comes the wallet architecture
The SDK defines how a Kohaku-style wallet should handle keys, transactions and recovery from day one. Instead of a single all-powerful key, it is designed for multiple keys with different roles, risk-based approvals and recovery flows that don’t depend on a single seed phrase written on a piece of paper.
Moving $100,000 can trigger extra checks and confirmations that a $10 transfer never sees. This is the kind of risk-based access Buterin has been pushing for.
On top of that sits opt-in shielding
Kohaku doesn’t push every transaction into the dark. It lets wallets offer public and private modes side by side. When you choose privacy, the wallet can route through protocols like Railgun or Privacy Pools, generate fresh and unlinkable addresses for receiving funds and keep the onchain footprint as small as possible. Tools like association lists are built into the design so teams can block clearly illicit flows without stripping privacy from everyone else.
Lastly, network privacy
Finally, the roadmap goes beyond what you write to the chain and into read and network privacy. Kohaku is meant to plug into mixnets to hide IP-level metadata and, over time, into zero-knowledge-powered browsers or remote procedure call (RPC) schemes so even checking your balance or reading decentralized application data doesn’t quietly leak who you are and what you are doing.
Kohaku and Ethereum’s 2025 privacy shift
Kohaku matters because it tackles the layer Ethereum has struggled with for years: the point where real people interact with the chain.
For years, research teams have shipped faster proofs, more efficient cryptographic primitives and safer contract patterns. But in his Kohaku talk, Buterin’s complaints were much more down to earth: extra seed phrases, no multisig support in private pools, unreliable broadcasters and clunky flows that push people back to centralized exchanges because they are easier.
By focusing on wallets, it also gives L2 networks and DApps something they have been missing: a shared, privacy-aware baseline. Instead of every rollup or app inventing its own stealth-address system, recovery flow and large-transfer warnings, Kohaku offers patterns and code they can all rely on. That matters in an ecosystem that increasingly looks like a web of rollups rather than a single chain.
Because this is coming from the core Ethereum ecosystem rather than a single startup wallet, Kohaku has a realistic chance of becoming the reference model that other wallets are expected to match or surpass.
Did you know? Kohaku is designed to be L2-agnostic, so in principle, the same privacy-aware wallet patterns can work across rollups, not just on Ethereum mainnet. That is significant in a world where most user activity is expected to migrate off L1.
Trade-offs, risks and open questions
Kohaku also forces Ethereum to confront a few uncomfortable questions.
The first is the line between maximal and responsible privacy. Association lists, auditable shielding and risk-based controls are exactly the kinds of features regulators and banks want. For part of the community, though, any selective visibility or blacklisting looks like the start of a slippery slope. Kohaku will not end that argument; it simply makes the tension more visible.
There is a technical risk, too. A wallet that juggles multiple keys, recovery paths, privacy toggles, different broadcasting options and plug-in modules has a larger attack surface than a simple seed-phrase-and-send setup. That demands serious audits and clear rules around upgrades and defaults.
Then there is user experience (UX) reality. A framework can suggest good patterns, but it cannot force teams to ship clear interfaces. If users cannot tell when they are sending privately versus publicly, what can be recovered or which approvals are critical, all that extra power turns into extra room for mistakes.
A new test case for privacy by design
For everyday users, Kohaku is a sign that using Ethereum privately should start feeling less like a side quest.
The real test is whether major wallets actually adopt its ideas: clear private and public modes, simpler recovery, added friction on large transfers and fewer chances for one click to reveal your entire onchain life. If that happens, privacy becomes just another setting in the wallet you already use.
For developers, Kohaku serves as an infrastructure layer that removes a lot of heavy lifting. Instead of rebuilding privacy and security primitives, they can rely on a shared toolkit and focus on decentralized application design and UX.
For institutions and regulators, it is a live experiment in privacy by design, a way to see how far Ethereum can push confidentiality without giving up auditability or legal clarity.
Bitcoin 
Ethereum 
Tether 
XRP 
BNB 
Wrapped SOL 
USDC 
TRON 
Lido Staked Ether 
Dogecoin 
Be the first to comment