Buenos Aires, Argentina – In a highly anticipated keynote at Ethereum Cypherpunk Congress 2 on November 16, Ethereum co-founder Vitalik Buterin introduced Kohaku, a bold new privacy framework designed to make private transactions the default experience for Ethereum wallet users. Speaking to a packed audience of over 3,500 cypherpunk enthusiasts during Devconnect week, Buterin explained why 2025 is the pivotal year for Ethereum to finally deliver “real-world privacy and security” directly inside wallets – not as clunky add-ons, but as seamless, user-friendly features.
The announcement has sent shockwaves through the crypto community. Search terms like “Vitalik Buterin Kohaku,” “Kohaku framework Ethereum,” and “Ethereum wallet privacy 2025” have exploded in the last 72 hours, with developers, privacy advocates, and investors racing to understand how Kohaku could redefine on-chain privacy.
This in-depth guide breaks down everything you need to know about Kohaku: its origins, technical architecture, roadmap, how it solves Ethereum’s long-standing privacy gaps, and what it means for the future of Ethereum in 2026 and beyond.
Why Kohaku Matters: Ethereum’s Privacy Problem in 2025
Ethereum has always been a leader in privacy research. Since 2017, the network has pioneered elliptic curve pre-compiles, funded seminal academic work on zero-knowledge proofs, and supported protocols like Tornado Cash, Railgun, Nocturne, and Nightfall. Layer 2 solutions such as Aztec have pushed enterprise-grade privacy even further.
Yet Buterin was blunt in his keynote: despite a decade of progress, user-facing privacy still sucks.
“Using privacy protocols in 2025 is great on the tech side – you can generate a ZK proof in under a second on a laptop,” Buterin told the crowd (wearing sunglasses and a viral Moodeng hippo shirt, naturally). “But the UI/UX side? Separate seed phrases. No multisig support. Five clicks just to send privately. Brittle public broadcasters that fail unless you toggle your VPN three times.”
He continued: “We’re in the last-mile stage of privacy. The base-layer tech is ready. Now we have to put concerted effort into making it actually usable.”
Buterin illustrated the stakes with a darkly humorous slide showing “APY” scenarios:
| Scenario | APY |
| Stake in DeFi | +3-8% |
| Do nothing | 0% |
| Lose your private keys | −100% |
| Lazarus Group discovers your keys | −100% |
| Wrong people discover your balances | ??? |
The message was clear: privacy isn’t just ideological – it’s financial survival.
What Is Kohaku Exactly?
Kohaku (named after the hardened warrior from the anime Inuyasha) is is not a single privacy protocol. It is a modular framework and SDK that gives wallets a suite of strong privacy and security primitives, plus a power-user reference wallet (forked from Ambire) that demonstrates how good the experience can be.
The project is a collaboration between the Ethereum Foundation’s Privacy & Scaling Explorations (PSE) team, Wonderland, Railgun, Helios, Ambire, and independent researchers including samczsun, pcaversaccio, and others.
Core philosophy: Privacy should be default, not opt-in. Kohaku aims to make private sends/receives as easy as normal transactions, while adding layers of security that today’s wallets lack.
Kohaku’s Killer Features (2025–2026 Roadmap)
The project is being built in phases, with mainnet-first development and progressive L2 support (prioritizing Stage 1+ chains committed to Stage 2).
Phase 1 – Privacy Primitives Already Shipping or Near-Shipping
- Private sends & receives via multiple protocols (Railgun, 0xbow privacy pools, eventually more) integrated directly into the normal send flow.
- Aggregated private balance view – see all your privacy-pool assets in one place without merging them publicly.
- One account per dApp by default – automatically prompts a fresh address when connecting to prevent address reuse leaks.
- Helios light client in-wallet (via Wasm) – validate blocks yourself, no trust in RPCs (fallback allowed via killswitch).
- Oblivious state reads – eth_call – read any contract without the RPC knowing which storage slots you’re touching (TEE+ORAM today, pure-crypto PIR long-term).
- No unnecessary IP leakage – built-in traffic obfuscation and mixnet integration.
- Private payment requests – request funds without revealing your real address.
Phase 2 – Interop + Cross-Chain Privacy (Already Demoed)
Kohaku v1 and v2 heavily feature emerging interop standards:
- ERC-7828 / ERC-7930 interoperable addresses → alice.eth@arbitrum, bob@zksync etc.
- Cross-chain sends via Open Intents Framework + ERC-7683 (Across).
- Universal balance view – same asset across all chains shown as one balance.
- Universal balance transactions – send from many chains at once, receiver gets everything on one chain.
- Private cross-chain swaps (coming soon).
Phase 3 – Advanced Security & Recovery
- ZK-based social recovery (ZK-Email, ZK-Passport, Anon Aadhaar) with walkaway test guarantees (no trusted intermediary can steal).
- Post-quantum “killswitch” – one-click migrate to PQ-safe keys (Falcon/Dilithium verifiers optimized).
- Spending policies & risk-based access control (different signers have different daily limits).
- Optional P2P transaction broadcasting (bypass RPC nodes entirely).
- ZK hardware signer support (Jubjub/Bandersnatch) so Ledger/Trezor work natively with privacy protocols.
Long-Term Vision (2026+)
- Native Ethereum browser with IPFS dApp hosting and security-focused frontend DSLs.
- Local AI transaction risk scoring (no data leaves your device).
- Privacy-preserving account abstraction with client-side ZK-EVM proving (same key controls public and private funds).
How Kohaku Fixes Today’s Pain Points
| Current Privacy Tools (2025) | Kohaku Solution | |——————————-|———————————-|—————–| | Separate seed phrase for privacy | Yes → Single wallet, single recovery phrase | | No multisig in privacy pools | Yes → Full 4337 + multisig support planned | | 5+ clicks for private send | Yes → One-click “Private Send” toggle | | Brittle broadcasters | Yes → Mixnets + P2P broadcasting | | Address reuse across dApps | Yes → Auto fresh address per connection | | RPC knows everything you read | Yes → Oblivious reads + local light client |
Buterin stressed that Kohaku is deliberately power-user first: “This reference wallet is not for grandma yet – it’s to show what’s possible and force the ecosystem to catch up.”
The plan is for other wallets (MetaMask, Rainbow, Zerion, etc.) to adopt pieces of the Kohaku SDK via its plugin system, so users get choice without fragmentation.
Why 2025 Is the Privacy Tipping Point
Three massive tailwinds make Kohaku possible now:
- Pectra upgrade (Q1 2025) – EIP-7702 and improved account abstraction make advanced wallet features dramatically easier.
- ZK proving speeds – <1 second on laptop, ~2 seconds on phone.
- Maturing interop standards – 7683, 7828, Open Intents finally shipping.
As Buterin put it: “The tech debt of the last decade is paid. Now we ship usability.”
Regulatory Reality Check
Privacy tools have faced intense regulatory heat (Tornado Cash sanctions, Railgun delistings). Kohaku takes a pragmatic approach: privacy pools with selective disclosure (the “Privacy Pools” paper Buterin co-authored in 2023) allow proving innocence without revealing everything.
Buterin has long argued that compliance-compatible privacy is not only possible but necessary for mainstream adoption. Kohaku’s modular design lets wallets choose how “spicy” they want to be.
What the Community Is Saying
Since the talk, reaction has been electric:
- PSE team confirmed they’re “all-in” on supporting Kohaku in 2025–2026.
- Ambire Wallet (the fork base) saw extension downloads spike 400%.
- Railgun and 0xbow both announced accelerated integration roadmaps.
- Privacy maxi accounts are calling it “the Railgun killer” – others say it’s “what Tornado Cash should have been if UX didn’t suck.”
Final Thoughts: Privacy Is About to Become Normal
Vitalik ended his keynote with a simple slide: PRIVACY IS NORMAL.
Kohaku is the vehicle to make that true on Ethereum.
In 2026 we will likely look back at 2025 as the year privacy stopped being a niche and became something every Ethereum user enables without thinking – just like we now use HTTPS without understanding TLS.
The code is already public:
https://github.com/ethereum/kohaku
https://github.com/ethereum/kohaku-extension
https://github.com/ethereum/kohaku-commons
If you’re a developer: start playing with it on Sepolia today.
If you’re a user: get ready – the era of actually private Ethereum wallets starts now.
Privacy isn’t coming.
With Kohaku, it’s already here.
Sources:
- Ethereum Foundation Blog Post on Kohaku (2025)
- Vitalik Buterin’s Presentation at Ethereum Cypherpunk Congress 2 (November 16, 2025)
- Ethereum Privacy and Scaling Explorations (PSE) Team Updates (pse.dev)
- https://cryptonewsbytes.com/vitalik-buterin-explains-kohaku-privacy-framework-at-ethereum-cypherpunk-congress-2025/wall-street/
Subscribe To Our Newsletter
Join our mailing list to receive the latest news and updates from our team.