Author: Deng Tong, Jinse Finance From November 17th to 22nd, 2025, the Ethereum Developer Conference was held in Buenos Aires, Argentina, with over 75 teams participating. At the conference, DeFi, social networking, hardware and wallets, gaming, artificial intelligence, L2, and NFTs showcased the many possibilities of the crypto world. Among the most captivating topics were the series of discussions on "privacy." Projects such as Aztec, Fileverse, Holonym, Fluidkey, Rarimo (Unforgettable), Railgun, ZKPassport, 0xbow, and NYM have all appeared in the privacy zone. I. Vitalik releases Kohaku, an Ethereum privacy-preserving encryption tool When Vitalik Buterin took the stage to demonstrate Kohaku, he bluntly summarized the current state of Ethereum. The network boasts robust security and privacy research, as well as a solid Layer-1 security mechanism. However, it still lacks an "upgrade to the last mile"—the wallets and applications that users actually use. Theoretically, Ethereum has been at the forefront for the past decade. The advent of elliptic curve precompilation in 2018 paved the way for zero-knowledge concise non-interactive knowledge arguments (zk-SNARKs) and privacy tools like Tornado Cash and Railgun. The 2016 DAO hack prompted rigorous audits across the entire ecosystem, fueled demand for robust wallets like Gnosis Safe, and transformed multi-signature from a niche concept into standard practice. However, by 2025, it still feels cumbersome for everyday personal use. People need to remember additional mnemonic phrases, install dedicated wallets, and often choose to use centralized exchanges because they are simpler to operate. Kohaku is an Ethereum solution. 1. What is Kohaku? Kohaku can be understood as a new privacy and security toolkit that Ethereum provides for wallets. For developers, the Ethereum Foundation provides an open-source framework that includes a modular software development kit (SDK) and a reference wallet. The SDK offers reusable components for private sending, more secure key management and recovery, and risk-based transaction control, so teams don't need to build the entire privacy protocol stack from scratch. For users, the first version is a browser extension wallet for advanced users, built on Ambire. It supports private and public transactions, independent accounts for each decentralized application, peer-to-peer broadcasting (instead of a centralized relay), and tools for hiding Internet Protocol (IP) addresses and other metadata as much as possible. Kohaku's underlying architecture integrates seamlessly with existing Ethereum privacy tools such as Railgun and Privacy Pools, rather than developing new mixers or layer-two networks. This allows Kohaku to focus on what's truly missing: a unified wallet architecture with privacy, recovery, and security built in from the start, rather than adding them incrementally as experimental add-ons. 2. How does Kohaku operate? Essentially, Kohaku is less of a “large application” and more of a set of Lego bricks for building a private, more secure wallet. 1) Wallet Architecture Instead of using a single master key, Kohaku-style wallets employ multiple keys with different roles, a risk-based approval mechanism, and a recovery process that does not rely on a single mnemonic phrase written on paper. A $100,000 transfer will trigger additional review and confirmation procedures, while a $10 transfer will not. This is precisely the risk-based funding access mechanism that Vitalik has been advocating for. 2) Protective measures Kohaku doesn't hide all transactions. It allows wallets to provide both public and private key options simultaneously. When the private key option is selected, the wallet can route transactions via protocols like Railgun or Privacy Pools, generating entirely new, unassociated receiving addresses and minimizing on-chain space usage. Tools like association lists are built into the design so the team can prevent obviously illicit fund flows without compromising the privacy of other users. 3) Online privacy Finally, the roadmap not only covers data written to the chain but also extends to reading and network privacy. Kohaku aims to integrate with hybrid networks to hide IP-level metadata and eventually with zero-knowledge browsers or remote procedure call (RPC) schemes, ensuring that even viewing balances or reading decentralized application data will not quietly reveal your identity and actions. 3. Why is Kohaku so important? Kohaku is important because it solves a problem that Ethereum has been struggling to address for years: the point where real users interact with the blockchain. Over the years, the research team has continuously introduced faster proofs, more efficient cryptographic primitives, and more secure contract models. But on Kohaku, Buterin's complaints are more practical: additional mnemonic phrases, private pools' lack of support for multi-signatures, unreliable broadcasting, and cumbersome processes are all forcing users back to centralized exchanges because they are more convenient. By focusing on wallets, Kohaku provides L2 networks and DApps with something they've been missing: a shared, privacy-focused infrastructure. Previously, each Rollup or application had to develop its own covert address system, recovery process, and large transaction alert mechanism; Kohaku provides a set of patterns and code that all applications can rely on. This is crucial in an ecosystem increasingly characterized by interwoven Rollup networks rather than single blockchain structures. Since Kohaku originated from the core Ethereum ecosystem, rather than being a wallet from a startup, it is likely to become a reference model that other wallets need to reach or surpass. Kohaku has also forced Ethereum to confront some thorny issues. First, striking the right balance between maximum privacy and responsible privacy is crucial. Connection lists, auditable privacy shields, and risk-based controls are exactly what regulators and banks want to see. However, for some users, any selective privacy visibility or blacklisting practices feel like the beginning of a downward spiral. Kohaku won't end this debate; it will only make the contradictions more apparent. Furthermore, there are technical risks. Compared to simple mnemonic phrase wallets, wallets that manage multiple keys, recovery paths, privacy switches, different broadcast options, and plug-in modules have a larger attack surface. This necessitates rigorous auditing and the establishment of clear upgrade and default setting rules. Then there are the real issues of user experience (UX). Frameworks can provide some good patterns, but they can't force teams to develop clear interfaces. If users can't distinguish between private and public messages, which content can be restored, and which approvals are crucial, then all these extra permissions become error-prone factors. 4. The meaning of Kohaku For ordinary users, the emergence of Kohaku signifies that using Ethereum for private operations is no longer a secondary task. The real test lies in whether mainstream wallets will truly adopt these principles: a clear privacy and public model, a simpler recovery process, increased resistance to large transactions, and reduced likelihood of a single click revealing all on-chain activity. If these principles are implemented, privacy will simply be a standard setting in your existing wallet. For developers, Kohaku provides an infrastructure layer that reduces much of the heavy lifting. Instead of rebuilding the underlying privacy and security mechanisms, they can rely on a shared toolkit and focus on the design and user experience of decentralized applications. For institutions and regulators, this is a live experiment on privacy design and an opportunity to test the extent to which Ethereum can enhance confidentiality without sacrificing auditability or legal clarity. II. Discussions on privacy by other industry professionals Danny Ryan, co-founder of Etherealize and former core researcher at the Ethereum Foundation, discussed how Wall Street institutions are increasingly recognizing the necessity of decentralization. He pointed out that Ethereum has unique advantages in eliminating counterparty risk, ensuring uptime, and providing cryptographic security and privacy. Ryan emphasized that institutions are not interested in speculative tokens but rather in real-world applications such as pension funds and real estate contracts. Privacy is a "barrier to entry" for institutions: if privacy is not handled well, institutions may be unwilling to participate. Val Keenburgh, managing director of Coin Center, pointed out: "Anything that is transparent cannot remain neutral, and anything that is neutral cannot survive unless it is large enough." III. List of Items Featured in the Privacy Zone Aztec The core team behind Aztec Network is Aztec Labs, founded in 2018. Aztec is a privacy-first Layer-2 (ZK Rollup) solution on Ethereum. It uses zero-knowledge proofs to achieve programmable privacy, mixed public/private state, and bridges the Ethereum mainnet via Aztec Connect. Currently, the Aztec public testnet is live, allowing users and developers to experience privacy transactions. Fileverse Fileverse is a decentralized, privacy-focused file/collaboration platform. Users can manage their documents, pages, and multimedia using wallets, and manage access permissions via blockchain and smart contracts (using the UCAN permissions network). Files are encrypted end-to-end (E2EE), eliminating the need for a centralized server. Currently, Fileverse supports on-chain community collaboration (pages, wikis, personal notes), multimedia, encrypted chat, and access control. Holonym Holonym has built the "human.tech" framework, a privacy infrastructure for digital identity. Through zero-knowledge technology, it allows users to prove certain identity attributes (such as age, nationality, account reputation, etc.) without revealing their full identity. Its protocol, "Human ID," uses ZK proofs for private authentication (KYC/Sybil resistance/identity reconstruction). Products already designed include: Zeroym (ZK identity), Silk Wallet (a user-friendly private wallet), and the Human Keys network. Fluidkey Fluidkey is a privacy-focused Ethereum wallet interface that provides anonymous addresses. A new address is generated each time funds are received, preventing observers from linking funds back to the same user. It supports social login, multi-chain fund transfers, and bank transfers (e.g., IBAN/ACH/bank transfers). According to its website, its transfer volume has exceeded $400 million. Rarimo Rarimo's official website already features several products, including Unforgettable and zk-Passport. zk Passport allows users to verify their identity attributes (such as nationality and age) using ZK authentication with passports or other forms of identification, without revealing private data. Unforgettable.app is Rarimo's "self-recovering identity + wallet" module, allowing users to recover their wallets using their ZK identity without exposing traditional seed phrases (mnemonic words). Rarimo supports social use cases such as anonymous voting and opinion marketplaces, while preserving ZK identity history (without exposing personal behavior). ZKPassport “ZKPassport” allows users to use passports or other forms of identification to verify their identity attributes (such as nationality and age) through ZK authentication without revealing their private data. Railgun Railgun is a decentralized protocol (not a traditional company) governed by a DAO. It provides zero-knowledge-driven privacy contracts, allowing users to conduct private transactions on-chain. It supports "private balances" + "0zk addresses" + shielding assets in private pools. It offers "Private Proofs of Innocence," allowing proof that an address is not involved in malicious activity (such as an attack), thus maintaining anonymity and compliance. It exports transaction history, generating shareable but encrypted/read-only "viewing keys," facilitating auditing without revealing all sensitive information. Railgun has been integrated with multiple chains (Ethereum, Arbitrum, Polygon, etc.). Its privacy design is considered a crucial infrastructure for DeFi privacy and has received widespread attention from the community. 0xbow 0xbow has developed Privacy Pools—a protocol for achieving on-chain transaction privacy. It uses zero-knowledge proofs and a compliance layer called Association Set Provider (ASP) to screen user deposits to prevent association with illicit activities. Users can deposit crypto assets (such as ETH, wBTC, USDC, etc.) into Privacy Pools and then withdraw them from different addresses, thus severing the on-chain association between deposit and withdrawal addresses. 0xbow aims to achieve compliance (monitoring of AML/illegal funding sources) without sacrificing privacy, responding to the DeFi industry's growing need for a balanced approach to privacy and regulatory compliance. NYM NYM provides network-layer anonymity, achieving communication anonymity through mixnet (similar to Tor, but protecting metadata through encryption, latency mixing, and latency bandwidth). NYM has been used as a privacy communication infrastructure in multiple ecosystems. IV. Why does Ethereum place such importance on privacy? Why is Ethereum once again prioritizing privacy as a core objective, rather than as a niche feature for advanced users? In his April article, "Why I Support Privacy," Vitalik described privacy as a combination of freedom, order, and progress: This is freedom, because people need space to move without worrying that their every move will be recorded and judged. Order exists because many social and economic systems silently depend on the fact that not everyone can see everything. This is progress because we want to use data for healthcare, science, and finance, rather than turning everyday life into a permanent live surveillance broadcast.Author: Deng Tong, Jinse Finance From November 17th to 22nd, 2025, the Ethereum Developer Conference was held in Buenos Aires, Argentina, with over 75 teams participating. At the conference, DeFi, social networking, hardware and wallets, gaming, artificial intelligence, L2, and NFTs showcased the many possibilities of the crypto world. Among the most captivating topics were the series of discussions on "privacy." Projects such as Aztec, Fileverse, Holonym, Fluidkey, Rarimo (Unforgettable), Railgun, ZKPassport, 0xbow, and NYM have all appeared in the privacy zone. I. Vitalik releases Kohaku, an Ethereum privacy-preserving encryption tool When Vitalik Buterin took the stage to demonstrate Kohaku, he bluntly summarized the current state of Ethereum. The network boasts robust security and privacy research, as well as a solid Layer-1 security mechanism. However, it still lacks an "upgrade to the last mile"—the wallets and applications that users actually use. Theoretically, Ethereum has been at the forefront for the past decade. The advent of elliptic curve precompilation in 2018 paved the way for zero-knowledge concise non-interactive knowledge arguments (zk-SNARKs) and privacy tools like Tornado Cash and Railgun. The 2016 DAO hack prompted rigorous audits across the entire ecosystem, fueled demand for robust wallets like Gnosis Safe, and transformed multi-signature from a niche concept into standard practice. However, by 2025, it still feels cumbersome for everyday personal use. People need to remember additional mnemonic phrases, install dedicated wallets, and often choose to use centralized exchanges because they are simpler to operate. Kohaku is an Ethereum solution. 1. What is Kohaku? Kohaku can be understood as a new privacy and security toolkit that Ethereum provides for wallets. For developers, the Ethereum Foundation provides an open-source framework that includes a modular software development kit (SDK) and a reference wallet. The SDK offers reusable components for private sending, more secure key management and recovery, and risk-based transaction control, so teams don't need to build the entire privacy protocol stack from scratch. For users, the first version is a browser extension wallet for advanced users, built on Ambire. It supports private and public transactions, independent accounts for each decentralized application, peer-to-peer broadcasting (instead of a centralized relay), and tools for hiding Internet Protocol (IP) addresses and other metadata as much as possible. Kohaku's underlying architecture integrates seamlessly with existing Ethereum privacy tools such as Railgun and Privacy Pools, rather than developing new mixers or layer-two networks. This allows Kohaku to focus on what's truly missing: a unified wallet architecture with privacy, recovery, and security built in from the start, rather than adding them incrementally as experimental add-ons. 2. How does Kohaku operate? Essentially, Kohaku is less of a “large application” and more of a set of Lego bricks for building a private, more secure wallet. 1) Wallet Architecture Instead of using a single master key, Kohaku-style wallets employ multiple keys with different roles, a risk-based approval mechanism, and a recovery process that does not rely on a single mnemonic phrase written on paper. A $100,000 transfer will trigger additional review and confirmation procedures, while a $10 transfer will not. This is precisely the risk-based funding access mechanism that Vitalik has been advocating for. 2) Protective measures Kohaku doesn't hide all transactions. It allows wallets to provide both public and private key options simultaneously. When the private key option is selected, the wallet can route transactions via protocols like Railgun or Privacy Pools, generating entirely new, unassociated receiving addresses and minimizing on-chain space usage. Tools like association lists are built into the design so the team can prevent obviously illicit fund flows without compromising the privacy of other users. 3) Online privacy Finally, the roadmap not only covers data written to the chain but also extends to reading and network privacy. Kohaku aims to integrate with hybrid networks to hide IP-level metadata and eventually with zero-knowledge browsers or remote procedure call (RPC) schemes, ensuring that even viewing balances or reading decentralized application data will not quietly reveal your identity and actions. 3. Why is Kohaku so important? Kohaku is important because it solves a problem that Ethereum has been struggling to address for years: the point where real users interact with the blockchain. Over the years, the research team has continuously introduced faster proofs, more efficient cryptographic primitives, and more secure contract models. But on Kohaku, Buterin's complaints are more practical: additional mnemonic phrases, private pools' lack of support for multi-signatures, unreliable broadcasting, and cumbersome processes are all forcing users back to centralized exchanges because they are more convenient. By focusing on wallets, Kohaku provides L2 networks and DApps with something they've been missing: a shared, privacy-focused infrastructure. Previously, each Rollup or application had to develop its own covert address system, recovery process, and large transaction alert mechanism; Kohaku provides a set of patterns and code that all applications can rely on. This is crucial in an ecosystem increasingly characterized by interwoven Rollup networks rather than single blockchain structures. Since Kohaku originated from the core Ethereum ecosystem, rather than being a wallet from a startup, it is likely to become a reference model that other wallets need to reach or surpass. Kohaku has also forced Ethereum to confront some thorny issues. First, striking the right balance between maximum privacy and responsible privacy is crucial. Connection lists, auditable privacy shields, and risk-based controls are exactly what regulators and banks want to see. However, for some users, any selective privacy visibility or blacklisting practices feel like the beginning of a downward spiral. Kohaku won't end this debate; it will only make the contradictions more apparent. Furthermore, there are technical risks. Compared to simple mnemonic phrase wallets, wallets that manage multiple keys, recovery paths, privacy switches, different broadcast options, and plug-in modules have a larger attack surface. This necessitates rigorous auditing and the establishment of clear upgrade and default setting rules. Then there are the real issues of user experience (UX). Frameworks can provide some good patterns, but they can't force teams to develop clear interfaces. If users can't distinguish between private and public messages, which content can be restored, and which approvals are crucial, then all these extra permissions become error-prone factors. 4. The meaning of Kohaku For ordinary users, the emergence of Kohaku signifies that using Ethereum for private operations is no longer a secondary task. The real test lies in whether mainstream wallets will truly adopt these principles: a clear privacy and public model, a simpler recovery process, increased resistance to large transactions, and reduced likelihood of a single click revealing all on-chain activity. If these principles are implemented, privacy will simply be a standard setting in your existing wallet. For developers, Kohaku provides an infrastructure layer that reduces much of the heavy lifting. Instead of rebuilding the underlying privacy and security mechanisms, they can rely on a shared toolkit and focus on the design and user experience of decentralized applications. For institutions and regulators, this is a live experiment on privacy design and an opportunity to test the extent to which Ethereum can enhance confidentiality without sacrificing auditability or legal clarity. II. Discussions on privacy by other industry professionals Danny Ryan, co-founder of Etherealize and former core researcher at the Ethereum Foundation, discussed how Wall Street institutions are increasingly recognizing the necessity of decentralization. He pointed out that Ethereum has unique advantages in eliminating counterparty risk, ensuring uptime, and providing cryptographic security and privacy. Ryan emphasized that institutions are not interested in speculative tokens but rather in real-world applications such as pension funds and real estate contracts. Privacy is a "barrier to entry" for institutions: if privacy is not handled well, institutions may be unwilling to participate. Val Keenburgh, managing director of Coin Center, pointed out: "Anything that is transparent cannot remain neutral, and anything that is neutral cannot survive unless it is large enough." III. List of Items Featured in the Privacy Zone Aztec The core team behind Aztec Network is Aztec Labs, founded in 2018. Aztec is a privacy-first Layer-2 (ZK Rollup) solution on Ethereum. It uses zero-knowledge proofs to achieve programmable privacy, mixed public/private state, and bridges the Ethereum mainnet via Aztec Connect. Currently, the Aztec public testnet is live, allowing users and developers to experience privacy transactions. Fileverse Fileverse is a decentralized, privacy-focused file/collaboration platform. Users can manage their documents, pages, and multimedia using wallets, and manage access permissions via blockchain and smart contracts (using the UCAN permissions network). Files are encrypted end-to-end (E2EE), eliminating the need for a centralized server. Currently, Fileverse supports on-chain community collaboration (pages, wikis, personal notes), multimedia, encrypted chat, and access control. Holonym Holonym has built the "human.tech" framework, a privacy infrastructure for digital identity. Through zero-knowledge technology, it allows users to prove certain identity attributes (such as age, nationality, account reputation, etc.) without revealing their full identity. Its protocol, "Human ID," uses ZK proofs for private authentication (KYC/Sybil resistance/identity reconstruction). Products already designed include: Zeroym (ZK identity), Silk Wallet (a user-friendly private wallet), and the Human Keys network. Fluidkey Fluidkey is a privacy-focused Ethereum wallet interface that provides anonymous addresses. A new address is generated each time funds are received, preventing observers from linking funds back to the same user. It supports social login, multi-chain fund transfers, and bank transfers (e.g., IBAN/ACH/bank transfers). According to its website, its transfer volume has exceeded $400 million. Rarimo Rarimo's official website already features several products, including Unforgettable and zk-Passport. zk Passport allows users to verify their identity attributes (such as nationality and age) using ZK authentication with passports or other forms of identification, without revealing private data. Unforgettable.app is Rarimo's "self-recovering identity + wallet" module, allowing users to recover their wallets using their ZK identity without exposing traditional seed phrases (mnemonic words). Rarimo supports social use cases such as anonymous voting and opinion marketplaces, while preserving ZK identity history (without exposing personal behavior). ZKPassport “ZKPassport” allows users to use passports or other forms of identification to verify their identity attributes (such as nationality and age) through ZK authentication without revealing their private data. Railgun Railgun is a decentralized protocol (not a traditional company) governed by a DAO. It provides zero-knowledge-driven privacy contracts, allowing users to conduct private transactions on-chain. It supports "private balances" + "0zk addresses" + shielding assets in private pools. It offers "Private Proofs of Innocence," allowing proof that an address is not involved in malicious activity (such as an attack), thus maintaining anonymity and compliance. It exports transaction history, generating shareable but encrypted/read-only "viewing keys," facilitating auditing without revealing all sensitive information. Railgun has been integrated with multiple chains (Ethereum, Arbitrum, Polygon, etc.). Its privacy design is considered a crucial infrastructure for DeFi privacy and has received widespread attention from the community. 0xbow 0xbow has developed Privacy Pools—a protocol for achieving on-chain transaction privacy. It uses zero-knowledge proofs and a compliance layer called Association Set Provider (ASP) to screen user deposits to prevent association with illicit activities. Users can deposit crypto assets (such as ETH, wBTC, USDC, etc.) into Privacy Pools and then withdraw them from different addresses, thus severing the on-chain association between deposit and withdrawal addresses. 0xbow aims to achieve compliance (monitoring of AML/illegal funding sources) without sacrificing privacy, responding to the DeFi industry's growing need for a balanced approach to privacy and regulatory compliance. NYM NYM provides network-layer anonymity, achieving communication anonymity through mixnet (similar to Tor, but protecting metadata through encryption, latency mixing, and latency bandwidth). NYM has been used as a privacy communication infrastructure in multiple ecosystems. IV. Why does Ethereum place such importance on privacy? Why is Ethereum once again prioritizing privacy as a core objective, rather than as a niche feature for advanced users? In his April article, "Why I Support Privacy," Vitalik described privacy as a combination of freedom, order, and progress: This is freedom, because people need space to move without worrying that their every move will be recorded and judged. Order exists because many social and economic systems silently depend on the fact that not everyone can see everything. This is progress because we want to use data for healthcare, science, and finance, rather than turning everyday life into a permanent live surveillance broadcast.