Is this the year of explosive growth for crypto privacy? What messages did the Ethereum Developers Conference convey?

Deng Tong, Jinse Finance

From November 17th to 22nd, 2025, the Ethereum Developer Conference was held in Buenos Aires, Argentina, with over 75 teams showcasing their work. At this conference, DeFi, social networking, hardware and wallets, games, artificial intelligence, L2, and NFTs demonstrated the many possibilities of the crypto world to attendees. Among the most eye-catching topics was the series of discussions on "privacy."

Projects such as Aztec, Fileverse, Holonym, Fluidkey, Rarimo (Unforgettable), Railgun, ZKPassport, 0xbow, and NYM all appeared in the privacy zone.

I. Vitalik Releases Kohaku, an Ethereum Privacy-Preserving Cryptographic Tool

When Vitalik Buterin took the stage to demonstrate Kohaku, he frankly summarized the current state of Ethereum. The network boasts robust security and privacy research, as well as a solid Layer-1 security mechanism.

But it still hasn't "upgraded the last mile"—the wallets and applications users actually use. Theoretically, Ethereum has been at the forefront for the past decade. The advent of elliptic curve precompilation in 2018 paved the way for zero-knowledge concise non-interactive knowledge arguments (zk-SNARKs) and privacy tools like Tornado Cash and Railgun. The 2016 DAO hack prompted a rigorous audit of the entire ecosystem, driving demand for robust wallets like Gnosis Safe and transforming multi-signature from a niche concept into standard practice. However, by 2025, everyday personal use still feels cumbersome. People need to remember extra mnemonic phrases, install dedicated wallets, and often opt for centralized exchanges because they are simpler to use. Kohaku is Ethereum's solution.

1. What is Kohaku?

Kohaku can be understood as a new privacy and security toolkit provided by Ethereum for wallets.

For developers, the Ethereum Foundation provides an open-source framework that includes a modular Software Development Kit (SDK) and a reference wallet. The SDK provides reusable components for private sending, more secure key management and recovery, and risk-based transaction control, so teams don't need to build the entire privacy protocol stack from scratch.

For users, the first version is a browser extension wallet for advanced users, based on Ambire.

It supports private and public transactions, independent accounts for each decentralized application, peer-to-peer broadcasting (rather than centralized relays), and tools for hiding Internet Protocol (IP) addresses and other metadata as much as possible. Kohaku's underlying architecture integrates seamlessly with existing Ethereum privacy tools such as Railgun and Privacy Pools, rather than developing new mixers or layer-two networks. This allows Kohaku to focus on what's truly missing: a unified wallet architecture with privacy, recovery, and security built in from the beginning, rather than adding it incrementally as experimental add-ons. 2. How Does Kohaku Work? Essentially, Kohaku is less of a "large application" and more of a set of Lego bricks for building private, more secure wallets. 1) Wallet Architecture Instead of using a single master key, Kohaku-style wallets are designed with multiple keys with different roles, a risk-based approval mechanism, and a recovery process that doesn't rely on a single mnemonic phrase written on paper. Transferring $100,000 will trigger additional review and confirmation procedures, while transferring $10 will not. This is precisely the risk-based fund access mechanism that Vitalik has been pushing for. 2) Protective Measures Kohaku doesn't hide all transactions. It allows wallets to provide both public and private key modes simultaneously. When the private key mode is selected, the wallet can route through protocols such as Railgun or Privacy Pools, generating entirely new, unassociated receiving addresses and minimizing on-chain space usage. Tools such as association lists are built into the design so that the team can prevent obviously illicit fund flows without infringing on the privacy of other users. 3) Cyber ​​Privacy Finally, the roadmap extends beyond data written to the chain to include read and cyber privacy. Kohaku aims to connect to hybrid networks to hide IP-level metadata and ultimately to zero-knowledge browsers or remote procedure call (RPC) schemes, ensuring that even checking balances or reading data from decentralized applications will not quietly reveal your identity and actions.

3.Why Kohaku is So Important

Kohaku is important because it solves a problem that Ethereum has been struggling to solve for years: the point of interaction between real users and the blockchain.

Over the years, the research team has continuously introduced faster proofs, more efficient cryptographic primitives, and more secure contract models.

But Buterin's complaints on Kohaku are more practical: additional mnemonic phrases, private pools not supporting multi-signature, unreliable broadcasting, and cumbersome processes all force users back to centralized exchanges because they are more convenient. By focusing on wallets, Kohaku provides L2 networks and DApps with something they've always lacked: a shared, privacy-focused infrastructure. Previously, each Rollup or application needed to develop its own covert address system, recovery process, and large transaction alert mechanism; Kohaku provides a set of patterns and code that all applications can rely on. This is crucial in an ecosystem increasingly characterized by interwoven Rollup networks rather than single blockchain structures. Because Kohaku originates from the core Ethereum ecosystem, rather than being a wallet for a startup, it is likely to become a reference model that other wallets need to reach or surpass. Kohaku also forces Ethereum to confront some thorny issues. First, striking the right balance between maximum privacy and responsible privacy is crucial. Related lists, auditable privacy shields, and risk-based controls are exactly what regulators and banks want to see. However, for some users, any selective privacy visibility or blacklisting practices are like the beginning of a slide into an abyss. Kohaku doesn't end the debate; it just makes the contradictions more apparent. Furthermore, there are technical risks. Wallets that manage multiple keys, recovery paths, privacy switches, different broadcast options, and plugin modules have a much larger attack surface compared to simple mnemonic phrase sending wallets. This necessitates rigorous auditing and clear upgrade and default setting rules. Then there are the real issues of user experience (UX). Frameworks can provide some good patterns, but they cannot force teams to develop a clear interface. If users cannot distinguish between private and public sending, which content can be recovered, and which approvals are crucial, all these additional permissions become factors that increase the likelihood of errors. 4. The Significance of Kohaku For ordinary users, the emergence of Kohaku signifies that using Ethereum for private operations is no longer a secondary task. The real test lies in whether mainstream wallets will truly adopt these principles: clear privacy and public models, simpler recovery processes, increased resistance to large transactions, and reduced likelihood of a single click revealing all on-chain activity. If these principles are realized, privacy will simply be a standard setting in your existing wallet. For developers, Kohaku provides an infrastructure layer that alleviates much of the heavy workload. They don't need to rebuild the underlying privacy and security mechanisms; instead, they can rely on a shared toolkit to focus on the design and user experience of decentralized applications. For institutions and regulators, this is a live experiment in privacy design and an opportunity to test the extent to which Ethereum can enhance confidentiality without sacrificing auditability or legal clarity.

II. Other Industry Discussions on Privacy

• Danny Ryan, co-founder of Ethereumize and former core researcher at the Ethereum Foundation, discussed how Wall Street institutions are increasingly recognizing the necessity of decentralization. He pointed out that Ethereum has unique advantages in eliminating counterparty risk, ensuring uptime, and providing cryptographic security and privacy. Ryan emphasized that institutions are not concerned with speculative tokens, but rather with real-world applications such as pension funds and real estate contracts. Privacy is a "barrier to entry" for institutions: if privacy is not handled well, institutions may be unwilling to participate.

  Coin Center Executive Director Val Keenburgh points out: "Nothing transparent can remain neutral, and nothing neutral can survive unless it's large enough." III. A List of Projects Featured in the Privacy Zone Fileverse is a decentralized, privacy-first file/collaboration platform. Users can manage their documents, pages, and multimedia using wallets, and manage access permissions via blockchain + smart contracts (using the UCAN permissions network). Files are end-to-end encrypted (E2EE), eliminating the need for centralized servers. Currently, Fileverse supports on-chain community collaboration (pages, wikis, personal notes) + multimedia + encrypted chat + access control, etc. Holonym builds the “human.tech” framework, a privacy infrastructure for digital identity. Through zero-knowledge technology, it allows users to prove certain identity attributes (such as age, nationality, account reputation, etc.) without revealing their full identity. Its protocol, "Human ID," uses ZK proofs for private authentication (KYC/Sybil resistance/identity reconstruction). Products designed include: Zeronym (ZK identity), Silk Wallet (user-friendly private wallet), and the Human Keys network. Fluidkey is a privacy-focused Ethereum wallet interface that provides stealth addresses. A new address is generated each time funds are received, preventing observers from linking funds back to the same user. It supports "social login + multi-chain fund transfer + bank transfer" (e.g., IBAN/ACH/bank line transfer). According to its website, its transfer volume has exceeded $400 million.

  • Rarimo
    

  Rarimo's official website already features several products, including Unforgettable and zk-Passport. zk Passport allows users to verify their identity attributes (such as nationality and age) using ZK proofs, such as passports, without revealing private data. Unforgettable.app is Rarimo's "self-recovering identity + wallet" module, allowing users to recover their wallets using their ZK identity without exposing traditional seed phrases (mnemonic words). Rarimo supports social use cases such as "anonymous voting and opinion marketplaces" while retaining ZK identity history (without exposing personal behavior).

  • ZKPassport
    

  ZKPassport allows users to verify identity attributes (such as nationality and age) using passports or other identity documents via ZK proofs without revealing private data.

  • Railgun
    

  Railgun is a decentralized protocol (not a traditional company) that uses DAO governance. Railgun provides zero-knowledge-driven privacy contracts, allowing users to conduct private transactions on-chain. It supports "private balances" + "0zk addresses" + shielding assets in private pools. It provides "Private Proofs of Innocence": allowing proof that an address is not involved in a malicious act (such as an attack), thus maintaining anonymity and compliance.

  • Railgun
    

  Railgun is a decentralized protocol (not a traditional company) that uses DAO governance ...>

  Railgun is a decentralized protocol (not a traditional company) that uses DAO governance.
  • Railgun is a decentralized protocol (not a Export transaction history to generate shareable but encrypted/read-only "viewing keys," facilitating auditing without disclosing all sensitive information. Railgun has achieved integration with multiple chains (Ethereum, Arbitrum, Polygon, etc.). Its privacy design is considered a crucial infrastructure for DeFi privacy and has received widespread attention from the community. 0xbow developed Privacy Pools—a protocol for achieving on-chain transaction privacy. It uses zero-knowledge proofs and a compliance layer called Association Set Provider (ASP) to screen user deposits to prevent association with illicit activities. Users can deposit crypto assets (such as ETH, wBTC, USDC, etc.) into the Privacy Pool and then withdraw them from different addresses, thus severing the on-chain association between deposit and withdrawal addresses. 0xbow's aim to achieve compliance (monitoring of AML/illegal funding sources) without sacrificing privacy is a response to the growing need in the DeFi industry to find a balance between privacy and regulatory compliance. NYM provides network-layer anonymity, achieving communication anonymity through Mixnet (similar to Tor, but protecting metadata through encryption, latency mixing, and latency bandwidth). NYM has been used as a privacy communication infrastructure in multiple ecosystems. IV. Why Does Ethereum Place Such Importance on Privacy? Why is Ethereum again prioritizing privacy as a core priority, rather than a niche feature for advanced users? In his April article, "Why I Support Privacy," Vitalik Buterin describes privacy as a combination of freedom, order, and progress: "It's freedom because people need space to act without fear of their every move being recorded and judged. Order exists because many social and economic systems silently rely on the fact that not everyone can see everything. It's progress because we want to use data for healthcare, science, and finance, not to turn everyday life into a permanent live surveillance broadcast."