4 hours ago
284
The Ethereum Foundation has published a roadmap for Kohaku, a new privacy-focused wallet feature that improves security and confidentiality in Ethereum decentralized applications (dApps).
According to notes shared on Thursday by Nicolas Consigny, protocol supporter and coordinator at the Foundation, Kohaku is a “set of primitives that provides wallets with security and privacy.” Its development uses an open-source software development kit (SDK) and a reference wallet implementation for advanced users.
Consigny explained that the SDK will deploy privacy and security features that can be integrated by other wallets “either in full or in parts that they care about.”
Ethereum Foundation: Kohaku improves dapps security
The Ethereum Foundation notes mentioned that the idea of developing Kohaku came from its efforts to build a browser extension with similar capabilities. The extension is a fork of the Ambire wallet meant for developers and “power users” who value privacy within the Ethereum ecosystem.
Development will prioritize mainnet support before expanding to Layer 2 networks that are at least stage one and committed to progressing toward stage two.
Kohaku’s plugin architecture allows developers to choose privacy modules that make wallet customization easier and future-proof. The Foundation plans to progressively introduce new privacy protocols into this plugin list and add private functionality within applications.
Consigny wrote that in the first phase of deploying the plugin, Helios light client will be added directly into the browser extension for users to validate blockchain data locally without external Remote Procedure Call (RPC) dapp providers.
This feature, he noted, removes the “need to trust RPC providers for validity.”
Multi-layered privacy in sending and receiving assets
The Ethereum Foundation sees Kohaku as the way to add several layers of private interaction in sending and receiving assets and private payment requests, all routed through various privacy protocols.
Users will have access to an aggregated view of their balances across enabled privacy systems protected by traffic obfuscation, prevention of IP leakage, and transparent support for private addresses.
“The wallet has RPC hijacking in cases where decentralized applications enforce their own RPC systems in support of asset discovery through ERC-7811 standards,” the Foundation expounded.
Additionally, Kohaku limits developers to one account per decentralized application (dApp) by default. Each new connection will ask users to generate a separate address to minimize data linkage between different activities. It will introduce a “wallet connection kit,” a privacy-first protocol for peer-to-peer JSON-RPC connectivity.
EF is testing social recovery tools leaning towards zero-knowledge verification methods, including “ZKemail,” “ZKpassport,” and “Anon Adhar.” These tools could standardize recovery processes and uphold what Consigny coined “maximally-intermediary-free.”
Security researchers on Kohaku have come up with a “Post-Quantum killswitch” for token holders to enable post-quantum accounts using Falcon or Dilithium verifiers, optimized for Solidity. This could protect assets against the much-feared quantum computing, which developers argue could compromise Ether’s Elliptic Curve Digital Signature Algorithm (ECDSA).
Beyond making changes to wallet software, Kohaku proposes a “universal Ethereum-app for hardware” to take away vendor lock-in and provide open access to advanced features. Complementing this, the team is developing a zero-knowledge hardware signer based on the Jubjub and Bandersnatch curves, all compatible with existing privacy protocols.
The SDK and reference wallet will also incorporate spending policy tools like assigning specific spending limits for different signers. There is optional peer-to-peer transaction broadcasting for those who would like to send transactions directly through the Ethereum network and bypass centralized RPC nodes entirely.
What’s in the Kohaku post-launch phase?
Kohaku’s initial release tackles privacy and SDK integration, but the Foundation has promised to create a native Ethereum browser that runs close to the system kernel, improving security for decentralized application interfaces.
Consigny said it would support IPFS-based user interfaces, security-oriented front-end languages, and improved peer-to-peer networking.
The roadmap further mentions experimentation with AI systems that assess transaction risk levels without transmitting sensitive user information, referred to as “local AI transaction scoring.” It could help users identify malicious or high-risk smart contract interactions privately.
Consigny also wrote about the Foundation’s intent to develop new models for social recovery of private data, such as privacy wallet secrets and zero-knowledge proof-based badges (zkPOAPs).
According to the roadmap, complete privacy will require native account abstraction supported directly by the Ethereum protocol, slated to move ahead in 2026. The “privacy-preserving account abstraction,” uses client-side zero-knowledge proof systems like ZK-EVM or ZK-RISC-V to verify wallet control.
Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.
English (US)