Why Kohaku is crucial for Ethereum's privacy transformation in 2025

Author: Bradley Peak, Source: Cointelegraph, Translated by: Shaw Jinse Finance

The Privacy Paradox of Ethereum

At the 2025 Devcon developer conference, Vitalik Buterin took the stage to demonstrate Kohaku, and he candidly summarized the current state of Ethereum. The network boasts strong security and privacy research as well as a robust Layer-1 security mechanism. However, it still has not “solved the last mile,” referring to the wallets and applications that users actually use. Theoretically, Ethereum has been at the forefront for the past decade. The elliptic curve pre-compilation in 2018 opened the door to zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARKs), giving rise to privacy tools such as Tornado Cash and Railgun. The DAO hack in 2016 prompted the entire ecosystem to undergo rigorous audits, driving the demand for secure wallets like Gnosis Safe and transforming multi-signature from a niche concept into a standard practice.

However, by 2025, everyday private use still feels cumbersome. People need to remember extra mnemonic phrases, install dedicated wallets, hope that public broadcasts don’t fail, and often revert to centralized exchanges because decentralized exchanges are too complicated.

Kohaku is a solution for Ethereum.

Why are privacy issues back in the spotlight in 2025?

So, why is Ethereum once again prioritizing privacy as a core focus rather than just a feature for advanced users?

In an article published in April titled “Why I Support Privacy,” Vitalik Buterin describes privacy as a unified combination of freedom, order, and progress:

• This is freedom, because people need space to act without worrying that every move they make is being recorded and judged.
• The reason order exists is that many social and economic systems quietly rely on the fact that not everyone can see everything.
• This is progress, as we hope to use the data for healthcare, science, and finance, rather than turning daily life into a permanent surveillance record.

At the same time, on-chain life is more open and transparent than ever, with higher risks. The overlap between real-world assets, larger decentralized finance (DeFi) positions, and public identities is increasingly prevalent. While transparency is important, it also means that with just a few clicks, your account balance, donations, and counterparty information could be tracked.

Kohaku is precisely focused on this point: Ethereum already has the cryptographic technology needed to achieve privacy, but now it needs a way to make this privacy feature secure, usable, and acceptable in a regulatory-focused world.

Explain what Kohaku is in simple and easy-to-understand terms?

Kohaku can be understood as a new privacy and security toolkit for wallets provided by Ethereum.

For developers, the Ethereum Foundation provides an open-source framework that includes a modular software development kit (SDK) and a reference wallet. The SDK offers reusable components for private sending, more secure key management and recovery, as well as risk-based transaction control, allowing teams to avoid building the entire privacy tech stack from scratch.

For users, the first version is a browser extension wallet aimed at advanced users, developed based on Ambire. It supports private and public transactions, with each decentralized application (DApp) having an independent account, using peer-to-peer broadcasting instead of centralized relays, and providing tools to hide Internet Protocol (IP) addresses and other metadata when possible.

Kohaku's underlying architecture seamlessly integrates with existing Ethereum privacy tools (such as Railgun and Privacy Pools), rather than developing a new mixer or L2 network from scratch. This allows Kohaku to focus on the truly missing part: a unified wallet architecture built-in with privacy, recovery, and security from the very beginning, rather than adding them as experimental add-on features.

How Kohaku Works

Essentially, Kohaku is less a “large application” and more a set of “LEGO bricks” for building private, more secure wallets.

wallet architecture

The SDK defines how the Kohaku-style wallet should handle keys, transactions, and recovery from the very beginning. It does not use a single universal key, but instead designs multiple keys with different roles, a risk-based approval mechanism, and a recovery process that does not rely on a single mnemonic phrase written on paper.

Transferring $100,000 will trigger additional review and confirmation procedures, while a transfer of $10 does not require these procedures. This is precisely the risk-based capital access mechanism that Vitalik Buterin has been advocating.

voluntary protective measures

Kohaku does not hide all transactions. It allows wallets to provide both public key and private key modes simultaneously. After selecting the private key mode, the wallet can route through protocols like Railgun or Privacy Pools to generate new, untraceable receiving addresses while minimizing on-chain space usage as much as possible. Tools like the association list are built into the design so that the team can prevent obvious illegal fund flows without depriving other users of their privacy.

Network Privacy

Finally, the roadmap covers not only the data written on the chain but also aspects of reading and network privacy. Kohaku aims to connect to a hybrid network to hide IP-level metadata and gradually integrate zero-knowledge supported browsers or remote procedure call (RPC) solutions over time, ensuring that even viewing balances or reading decentralized application data does not quietly leak user identity and actions.

Kohaku and Ethereum's Privacy Transformation in 2025

Kohaku is important because it addresses a problem that Ethereum has been struggling to solve for years: the interaction layer between real users and the blockchain.

For years, research teams have continuously introduced faster proofs, more efficient cryptographic primitives, and more secure contract models. But Buterin's complaints are more practical: additional mnemonic phrases, private liquidity pools not supporting multi-signatures, unreliable broadcasts, and cumbersome processes have forced users back to centralized exchanges, as they are simpler.

By focusing on wallets, Kohaku provides L2 networks and DApps with what they have always been missing: a shared, privacy-focused infrastructure. Previously, each Rollup or application had to develop its own stealth address system, recovery processes, and large transfer warning mechanisms, whereas Kohaku offers a set of patterns and code that all applications can rely on. This is crucial in an ecosystem that increasingly presents an interwoven network of Rollups rather than a single blockchain structure.

Since Kohaku originates from the core Ethereum ecosystem rather than being a standalone startup wallet, it is likely to become a reference model that other wallets need to meet or exceed.

Weighing, Risks, and Pending Issues

Kohaku also forces Ethereum to confront some tricky issues.

• First, it is crucial to understand the boundary between maximizing privacy and responsible privacy. Association lists, auditable privacy shields, and risk-based control measures are precisely what regulators and banks want to see. However, for some users, any selective privacy visibility or blacklist practices feel like the beginning of a slide into the abyss. The Kohaku incident will not end this debate; it merely makes this contradiction more apparent.
• In addition, there are technical risks. Compared to a simple mnemonic wallet, wallets that manage multiple keys, recovery paths, privacy switches, different broadcasting options, and plugin modules have a larger attack surface. This requires strict audits and clear rules for upgrades and default settings.
• Then there are the real issues of user experience (UX). Frameworks can provide some good patterns, but they cannot compel teams to deliver clear interfaces. If users cannot distinguish between private sending and public sending content, which content can be recovered, and which approvals are critical, then all these additional features will become factors that are easier to get wrong.

New Test Cases for Privacy Design

For ordinary users, the emergence of Kohaku signifies that using Ethereum for private operations is no longer a secondary task.

The real test is whether mainstream wallets will truly adopt these concepts: clear privacy and public models, simplified recovery processes, increased limits on large transfers, and reduced risks of leaking all on-chain information with one click. If these concepts are realized, privacy protection will merely be a standard setting in your existing wallet.

For developers, Kohaku provides an infrastructure layer that can alleviate much of the heavy workload. They do not need to rebuild the underlying mechanisms for privacy and security, but can instead rely on a shared toolkit and focus on the design and user experience of decentralized applications.

For institutions and regulators, this is a real-time experiment in privacy design, as well as an opportunity to test to what extent Ethereum can enhance confidentiality without sacrificing auditability or legal clarity.