Vitalik’s Ethereum Privacy Roadmap Explained

Earlier this year, Ethereum co-founder Vitalik Buterin released his L1 privacy roadmap for Ethereum

The document proposes a few solutions enhancing users’ privacy in on-chain payments, application activity, and network interactions.

In an article “Why I support privacy” published a couple of days later, he gave a broader explanation of why privacy matters and provided a few indisputable arguments to support his point of view.

Since then, the need for crypto privacy has become more important than ever. Here’s why.

Government Backdoors: A Crypto Privacy Crisis

Buterin specifically highlights that adding government backdoors to privacy-oriented systems will lead to a dangerous imbalance in power.

Assume that only a selected group, such as a government or a political party, has access to private communications and data. That would undermine democracy and eliminate individuals’ control over their data.

Besides, the allowance of government backdoors may lead to the following problems:

  • Violence and bribery in public systems: Anyone with the power to verify your actions can bribe and pressure you to behave in a certain way.
  • Temptation to abuse data access. This refers to people in positions of power, like government officials or corporate executives. Such individuals will always feel the pull to exploit their privileges for personal gain.
  • A possibility of a hack. There is no centralized system that would be 100% hacker-proof and ensure data security. The recent data leaks at the US telecommunication companies and the Ukrainian government are the best examples.
  • Governments may change. Regimes do not always stay the same, as leaders may change, and those who are in charge today may later be persecuted. No one can tell what will happen to sensitive data in this case.

In addition, Buterin states that privacy is an important aspect of decentralization. Anyone who possesses the information has centralized control over it, and therefore, such situations must be avoided.

The Lack of Privacy in AI

AI personalization is the specific concern Buterin flags as deeply worrying. Tools like ChatGPT already use past conversations to shape future responses. The trajectory points toward AI systems that also pull in browsing history, email content, and biometric data to build richer user profiles.

In 2026, Buterin went further. He declared a vision he calls self-sovereign computing, a tech stack designed so users control their own data rather than surrendering it to centralized servers. The core principles:

  • Run AI tasks locally whenever possible, so your data never leaves your device
  • Use cryptography to protect remote computation when local processing is not an option
  • Use hardware verification to anchor privacy guarantees in the physical world, not just software promises
  • Reduce wallet and dApp reliance on centralized RPC nodes and cloud infrastructure

This is not a hypothetical. Vitalik framed self-sovereign computing as the defining technical project of 2026 for the Ethereum ecosystem. The goal is a crypto stack where privacy is the default, not an opt-in feature you have to hunt for.

What Buterin’s Roadmap Actually Proposes

Buterin’s L1 privacy roadmap splits into two distinct tiers: changes that can happen at the wallet and application layer without consensus-level shifts, and changes that require updates to the Ethereum protocol itself.

Wallet and Application Layer Changes

The first tier covers improvements that lower the implementation barrier because they do not require a hard fork or validator coordination.

Incorporating privacy tools into existing wallets is the most immediate step. Buterin specifically names Railgun and Privacy Pools as the tools wallets should support. The goal is shielded balances and private sends enabled by default, not hidden behind an advanced settings menu.

Using one address per application by default would make it significantly harder to link a user’s activity across different dApps. Today, a single address used across Uniswap, Aave, and OpenSea creates a public activity trail. Address-per-app defaults break that trail at the application level.

Aggregating proofs for privacy transactions would make those transactions cheaper and more scalable. By batching the cryptographic proof work across multiple users, per-transaction gas costs fall and throughput improves. This is what makes shielded transactions viable at scale rather than a premium feature for technically sophisticated users.

Some of these changes are achievable in the near term. The harder constraint is the cryptography. Vitalik said publicly in June 2026 that fully private on-chain computation, crypto’s most powerful cryptographic idea, is still nowhere near ready for wide use. The wallet and application layer steps are achievable on a shorter timeline. Full zk-privacy at scale is a longer road.

Protocol Layer Changes

The second tier requires changes to Ethereum’s core protocol. Two proposals are central to the roadmap.

EIP-7701 does not directly implement privacy features but enables private interactions at the wallet level. Once implemented, it would allow users to carry out operations without revealing their full identities or wallet details, by enabling more flexible account abstraction that supports privacy-preserving authentication flows.

FOCIL (Fork-Choice Enforced Inclusion Lists) takes a different approach. It is not a zk-rollup or a privacy mechanism in itself. It is a censorship-resistance mechanism built into Ethereum’s fork-choice rules. Validators are required to include a minimum set of transactions in each block, making it much harder for block builders to selectively exclude privacy transactions. FOCIL does not hide sender addresses or transaction amounts on its own. What it does is ensure that transactions from tools like Railgun or Privacy Pools cannot simply be dropped by a compliant builder looking to avoid regulatory exposure. Centralized regulators could still target the privacy smart contract itself. FOCIL removes one censorship layer that would otherwise make privacy tools unreliable regardless of how well they are built.

Together, the two tiers describe a phased approach: improve what is deployable now at the application layer, while pushing the protocol changes that make the application layer improvements trustworthy in the long run.

Ethereum’s 3-Step Privacy Upgrade: Where It Stands

Vitalik mapped out a staged approach to Ethereum privacy that breaks the work into three distinct phases. Each phase builds on the last.

Step 1: Short-term privacy defaults. This covers wallet-level changes that can ship without touching the consensus layer. Using one address per application, integrating Railgun or Privacy Pools into standard wallets, and enabling shielded balances by default. These are available now in some wallets and require no Ethereum protocol change.

Step 2: Protocol-level censorship resistance. FOCIL and EIP-7701 fall here. FOCIL ensures privacy transactions cannot be systematically excluded from blocks. EIP-7701 enables wallets to operate without revealing full identity details during transactions. Both are in active development.

Step 3: Full on-chain privacy via zero-knowledge proofs. This is the hard part. Aggregate zk-proofs for private transactions, private mempools, and shielded-by-default smart contract interactions. Vitalik acknowledged in June 2026 that this phase is still far from deployment-ready.

The Kohaku privacy toolkit has been discussed as a potential framework for Step 1 and Step 2 tooling, offering a blueprint for shielded-by-default design across Ethereum applications.

Knowing which step is which matters. If you are a developer or a user looking for privacy today, Step 1 tools are usable right now. Steps 2 and 3 require patience.

Privacy Tools You Can Use on Ethereum Today

Step 1 tools are live. Here is how the main options compare.

👉 Quick takeaway: Railgun and Privacy Pools both use zero-knowledge proofs but take opposite approaches to compliance: Railgun makes it optional, Privacy Pools bake it in by design. Stealth addresses are the lowest-overhead option for basic unlinkability. Aztec is the strongest choice for developers building privacy-native applications.

Tool How It Works Gas Cost Impact Compliance Feature Best For
Railgun On-chain shielded balances using zk-SNARKs ⚠️ Higher than standard transfers
Varies by network congestion
Private Proofs of Innocence (optional)
Compliance is opt-in
Users wanting shielded DeFi interactions
🏆 Best for shielded DeFi on Ethereum
Privacy Pools Selective disclosure via association sets ⚠️ Moderate overhead 🟢 Built-in via association proofs
🏆 Strongest built-in compliance model
Users needing regulatory-friendly privacy
🏆 Best for compliance-sensitive users
Stealth Addresses One-time addresses per transaction 🟢 Minimal overhead
No extra proof cost
🏆 Lowest gas cost of all four tools
⚠️ No built-in compliance layer Basic sender/receiver unlinkability
🏆 Best low-overhead privacy option
Aztec Network Separate zk-rollup with native privacy Separate fee market from Ethereum L1
Not directly comparable to L1 gas
🟢 Programmable compliance rules Developers building private applications
🏆 Best for privacy-native app development

None of these tools make your transactions invisible to someone who already knows your wallet address and traces the chain carefully. What they do is raise the cost and complexity of that tracing significantly. For most users, that is enough.

If you want to start today, Railgun and Privacy Pools integrate with existing Ethereum wallets. Aztec requires moving assets to its own network. Stealth addresses are the lightest-weight option and require no new infrastructure.

The Regulatory Problem Nobody Has Solved Yet

Privacy tools face a structural tension that Vitalik has not fully resolved and neither has anyone else. Regulators in the US and EU treat privacy-preserving transactions with deep suspicion. The OFAC sanctioning of Tornado Cash in 2022 set a precedent: a smart contract itself can be treated as a sanctioned entity, regardless of who uses it.

Privacy Pools was designed partly as a response. It lets users generate proofs that their funds did not come from sanctioned sources, without revealing the full transaction history. That is a meaningful step. It does not satisfy every compliance requirement, and it does not prevent a regulator from targeting the contract itself.

Vitalik has expressed reservations about systems like Sam Altman’s World project, which tries to solve identity and privacy through biometric verification. His concern is that centralized biometric databases create exactly the kind of honeypot that backdoor risks create: one breach exposes everyone.

The honest position is that privacy and compliance are not yet reconciled in crypto. The tools exist to make tracing harder. They do not yet exist to make privacy fully regulator-proof. That gap is where most of the real work is happening in 2026.

What the ZK Research Pipeline Actually Looks Like

Zero-knowledge proofs are the technology underpinning most of Ethereum’s long-term privacy ambitions. The gap between theory and deployment is real, but it is narrowing.

On the research side, recent work includes zk-X509, a framework for zero-knowledge identity verification using existing certificate infrastructure, and ZK-Flex, an acceleration framework for zero-knowledge proofs designed to reduce the computational cost that currently makes zk-privacy impractical at scale. Neither is deployed on Ethereum mainnet. Both inform the feasibility timeline.

Vitalik’s June 2026 caution that crypto’s most powerful cryptographic idea is still not ready for wide use refers specifically to fully private on-chain computation, the kind that would let you run a smart contract without revealing any inputs or outputs. That is the hardest version of the problem. Simpler zk applications, like proving you are not on a sanctions list without revealing your wallet history, are closer to usable.

The honest timeline is: simple selective-disclosure proofs are here now. Private computation at scale is probably 3 to 5 years away, assuming current research momentum continues.

How Zcash, Aztec, and the Broader ZK Renaissance Influence Ethereum

Ethereum is not building privacy from scratch. Several ecosystems have been doing this longer and their design choices are feeding back into Ethereum’s roadmap.

Zcash pioneered shielded-by-default transactions using zk-SNARKs and has spent a decade refining the tradeoffs between privacy, performance, and compliance. Its approach, where shielded transactions are the default rather than an opt-in, is exactly what Vitalik’s roadmap proposes for Ethereum wallets.

Aztec Network took a different path. It built a separate zk-rollup on top of Ethereum with native privacy at the execution layer. Developers building on Aztec write private smart contracts using a language called Noir. The tradeoff is that users must bridge assets to Aztec’s network, adding friction.

Aleo takes the approach further still, building a layer-1 blockchain where every transaction is private by default using zk-proofs. It has not reached Ethereum’s scale, but its architecture is closely watched by Ethereum researchers.

The broader trend across all of these projects is a shift toward zkVMs, zero-knowledge virtual machines that can execute arbitrary programs and generate proofs of correct execution without revealing inputs. If zkVMs mature, they become the engine for the Step 3 privacy that Vitalik says is still years away.

Where Does This Leave You?

Vitalik is right that crypto needs more privacy. He is also honest that the hardest parts are not ready yet.

Here is what that means in practice right now:

If you want privacy today: Use Railgun or Privacy Pools. Both integrate with standard Ethereum wallets. Neither is invisible, but both raise the cost of tracing your transactions significantly.

If you are a developer: The short-term roadmap items, address-per-app defaults, shielded balances, FOCIL-compliant transaction inclusion, are buildable now. You do not need to wait for zk-proofs to mature.

If you are watching the long game: The Kohaku toolkit and full zk-privacy at the protocol level are the milestones worth tracking. Vitalik’s own timeline suggests these are years away, not months.

Privacy in crypto is not a switch you flip. It is a stack of incremental improvements, each one making mass surveillance a little more expensive and a little less reliable. That is worth building toward.

Kate is a blockchain specialist, enthusiast, and adopter, who loves writing about complex technologies and explaining them in simple words. Kate features regularly for Liquid Loans, plus Cointelegraph, Nomics, Cryptopay, ByBit and more.


Posted

in

by

Tags: