Ten years of separation, reconnected overnight: Vitalik personally demonstrates Kohaku, Ethereum privacy finally enters the mainstream.

Original article | Odaily Planet Daily ( @OdailyChina )

Author | Ethan ( @ethanzhang_web3)

On November 16, 2025, at Devcon 2025, when Vitalik presented Kohaku on the main stage, my first reaction was: "Another privacy narrative?"

Indeed, the privacy sector has been booming recently: from the seizure of 120,000 BTC by the U.S. Department of Justice in October to the sentencing of Qian Zhimin, the main suspect in a money laundering case involving 60,000 BTC, in the UK in November, on-chain privacy topics have been constantly discussed; ZEC has even surged from $50 to $603, driving the overall privacy sector to take off.

Therefore, many people naturally view Kohaku as yet another privacy product that has emerged out of necessity.

But it isn't. Kohaku isn't an enhanced version of Tornado, nor is it a wrapper around the new ZK protocol—it targets an infrastructure gap that has been ignored for a decade: Ethereum's wallet entry layer, which has never truly supported privacy.

Since 2015, Ethereum has made continuous progress in privacy technology, but the wallet layer has always been a weak point: RPC reliance, address fragmentation, and the inability of privacy accounts to communicate with the main account... These obstacles have kept cryptographic achievements confined to a "small circle of users" for a decade. In other words, Ethereum doesn't lack privacy technology; what it lacks is an entry point that mainstream users can use.

What Kohaku needs to do is to reconnect this broken point.

What exactly is Kohaku?

Kohaku is not a wallet, nor is it a new privacy protocol; rather, it is an open-source "wallet privacy operating system kernel." Its official name is the Kohaku Privacy Wallet Framework , and it is led by the Ethereum Foundation's Privacy Cluster (a team of 47 people). The roadmap was first announced on October 9, 2025, and Vitalik Buterin gave its first public demonstration at the Ethereum Developers Conference in Argentina on November 16–17.

According to the most precise official definition ( EF Official X ): "The Ethereum Foundation is proud to build Kohaku, a set of primitives that enables wallets to be secure and to process private transactions while minimizing dependencies on trusted third parties."

In layman's terms, it provides all wallet developers with a "privacy and security Lego set." Once integrated, wallets natively possess capabilities such as default privacy, untrusted state reading, and compliance module proofs, eliminating reliance on centralized RPCs like Infura and Alchemy, and eliminating the need for a separate wallet for privacy scenarios.

According to the officialroadmap , Kohaku's architecture consists of three layers:

The first layer is the SDK, which provides privacy and security primitives for the wallet; the second layer is the reference implementation, a browser extension for advanced users that demonstrates how these primitives can be combined; the third layer is the plugin system, allowing the wallet to enable different modules on demand, just like calling system APIs. In other words, Kohaku is not Metamask 2.0, nor is it a "more privacy wallet," but rather a set of underlying specifications that define the fundamental capabilities of the entire wallet ecosystem.

How to protect privacy?

Regarding Kohaku's privacy protection mechanism, crypto community researcher @tmel0211 explained the working principle of Stealth Addresses with a very intuitive example. Here, we will supplement and modify that explanation slightly:

In a traditional Ethereum transfer, Alice would directly transfer the money to Bob's public address, and the entire network would be able to see that "Bob received the money."

Kohaku's stealth address schemes (such as ERC-7811) are completely different:

1. Bob's wallet holds a permanent Stealth Meta-Address pair (master public key + master private key), where the master public key can be securely disclosed.
2. Each time a payment is received, Alice and Bob's wallets jointly generate a temporary random private key, calculate a shared secret using elliptic curve pairing (EC-pairing), and then derive a brand new, one-time receiving address from it.
3. When Alice sends funds to this one-time address, the blockchain will only show "a new, unfamiliar address received a sum of money," and it will not be able to establish any connection with Bob's primary identity.
4. Bob can identify and control these funds in real time by scanning locally with his master private key—the whole process does not require a mixing pool or waiting for an additional "claim" step.

In other words, the blockchain cannot determine who owns the asset, but the entire process does not require entering a black box like Tornado.

Stealth addresses are just one of Kohaku's many privacy primitives. Through a modular SDK, these capabilities can be seamlessly embedded into different wallets, allowing developers to implement default privacy at extremely low cost. According to the roadmap, Kohaku will also integrate Railgun (funds shielding + ZK proof of innocence), Privacy Pools (under development, transaction obfuscation + compliance pool), Helios light clients + PIR/TEE (privacy-enabled on-chain state reading), per-dApp address isolation, P2P broadcasting, and post-quantum emergency switching capabilities.

These components together form a “wallet-level privacy execution environment” that covers the entire chain from requesting, reading, transferring funds, to compliance verification.

What changes have been made to the operation?

Before Kohaku, privacy features were typically designed as plug-in additions rather than default capabilities of wallets.

In the past: You wanted privacy → Open a new wallet → New mnemonic phrase → Switch back and forth between different addresses → Assets were fragmented → In the end, you still had to rely on centralized RPC.

Currently (Kohaku's target state): When you open any wallet that supports Kohaku (MetaMask, Rainbow, Trust Wallet, etc.), it is in privacy mode by default; you can manage public and private assets using the same mnemonic phrase, multisignature works as usual, dApps automatically isolate addresses, and compliance module proofs can be generated with one click when necessary. The entire process is verified locally; the node only knows that you are connected to the network, but it doesn't know what you are doing, what you are looking at, or what you are transferring.

A more intuitive difference in user experience is that you no longer need to "switch identities." For example, when you first connect to a dApp, your wallet automatically generates a unique address for it, preventing your actions from being linked together. When you need to send a transfer, the wallet will default to using the stealth address path and prompt you to attach a privacy certificate if necessary—you don't even need to know which protocol is being used behind the scenes, nor do you need to switch to another "privacy wallet" for processing. In the future, if certain DeFi protocols are compatible with Kohaku, this "seamless privacy" will extend from the entry point to some interactive processes.

In other words, Kohaku aims to merge the previously separate actions of "using a wallet" and "enabling privacy" into a single process. This mechanism is currently in the testing phase, with integration examples of existing wallets showcased at the conference and available for online testing.

Of course, the project is still in its early stages (some toolkits are still marked "under development" on the official GitHub ), but the core module Railgun is already testable, and the Privacy Pools and Tornado toolkits are being improved; the reference implementation extension can already run the complete process, and all code repositories are publicly available.

There has been progress, but also limitations.

Essentially, Kohaku isn't an upgraded version of any privacy protocol, but rather the first time that Ethereum's privacy capabilities, scattered across the research layer over the past decade, have been organized into a "lower-level interface" that wallets can directly inherit, filling the long-standing gap in the entry point layer. Vitalik mentioned at the event that he never expected multisignature wallets to become so popular—what truly popularizes technology is never cryptography itself, but rather "whether the entry point is user-friendly enough." Kohaku is replicating this path, transforming privacy from an "extra wallet" into the "default wallet."

Of course, its limitations are also clear: Kohaku's privacy only covers account and transfer information; once assets enter a DeFi protocol, all operations remain completely exposed—this is determined by the EVM architecture, not a problem that wallets can solve. This is also why it has been able to be deployed so quickly: it avoids the structural problems of the execution environment and prioritizes solving the problem closest to the user.

Even so, Kohaku remains the true starting point for Ethereum's privacy system. It won't make Ethereum "invisible" overnight, but it made it possible for privacy to be scaled into mainstream wallets for the first time. It can't solve the problem of transparent execution in DeFi, but it ensures that the entry layer is no longer a weakness after a decade. Whether privacy can penetrate to the contract execution layer is a question for the next generation of Ethereum and the next generation of execution environments, and not a matter for wallets.