Kohaku is a privacy-focused research and development project initiated by the Ethereum Foundation designed to enhance user security and confidentiality on the Ethereum network. It primarily consists of a set of primitives delivered through a software development kit (SDK) and a reference implementation wallet. The project's goal is to provide developers with the tools to build privacy features into their applications, rather than creating a mass-market consumer product. ^{[1] [2]}​

Overview

Kohaku is an end-to-end privacy solution for Ethereum that aims to make privacy a standard, integrated feature of the ecosystem. ^{[3] [4]} The project's philosophy is encapsulated in the slogan, "Privacy is normal. Privacy is for everyone." ^[2] It addresses privacy vulnerabilities at every layer of user interaction, from local network activity to on-chain transactions, seeking to minimize the exposure of user metadata. ^[4]​

The project delivers its technology in two main forms: the Kohaku SDK and the Kohaku reference wallet. The SDK is a modular toolkit with a plugin system, allowing wallet teams to select and integrate specific privacy and security features into their own products. The reference wallet, a browser extension forked from the Ambire wallet, serves as a demonstration vehicle for the SDK's capabilities and is targeted at developers and power users. ^{[1] [4]}​

The initiative is part of a broader, renewed focus on privacy by the Ethereum Foundation, which aims to make confidentiality a "first-class property" of the blockchain. ^[3] The project emphasizes a mainnet-first development approach, with plans to progressively support Layer 2 networks after the initial release. ^[1]​

History

The Kohaku project was officially announced on October 9, 2025, through coordinated posts by the Ethereum Foundation and key project figures on the social media platform X. ^{[2] [5]} Some outlets reported the official announcement date as October 10, 2025, although unofficial confirmations of the project had appeared in some channels as early as June 2025. ^[4] The announcement was timed to occur shortly before Devcon, the annual Ethereum developer conference. ^[3]​

The introduction of Kohaku followed the Ethereum Foundation's announcement on October 8, 2025, of the formation of the Privacy Cluster, a 47-member group of engineers, researchers, and cryptographers dedicated to integrating privacy across the Ethereum ecosystem. Kohaku is a key project within this broader strategic push. A public demonstration of the Kohaku wallet and its SDK was released for testing at the Devcon conference in Argentina in November 2025. ^[3]​

Name and Symbolism

The name "Kohaku" (琥珀) is the Japanese word for "Amber." This name was chosen because the project's reference wallet is a fork of the Ambire wallet. Coincidentally, "Kohaku" also refers to a well-known variety of red-and-white koi fish, and an illustration of a Kohaku koi was adopted as the project's logo. ^{[5] [4]}

Technology and Architecture

Kohaku is designed to provide end-to-end privacy, implementing features that protect user data from the local device up to the on-chain transaction. Its architecture relies on a combination of existing and novel cryptographic techniques. ^{[3] [4]}​

Core Components

The Kohaku project consists of two primary deliverables:

• Kohaku SDK: A software development kit designed with a modular plugin system. This allows wallet development teams to adopt the entire suite of privacy features or to select specific modules (e.g., private sends, social recovery) that fit their needs.
• Kohaku Reference Wallet: A browser extension wallet, forked from Ambire, that serves as a proof-of-concept and reference implementation for the SDK. It is targeted at power users and developers rather than the general public.

This two-part structure is intended to foster broad ecosystem adoption by providing flexible building blocks for existing wallet providers. ^{[1] [4]}​

On-Chain Privacy

For on-chain privacy, Kohaku integrates privacy pool protocols, with Railgun being the first supported implementation. This allows users to obscure their transaction details, including the sender, receiver, and amount. The user experience for this feature typically involves three steps: ^[4]​

1. Shield: A user deposits ERC-20 tokens or wrapped Ether into the privacy protocol's smart contract. This initial "shield" transaction is public on the blockchain.
2. Private Transactions: Once assets are within the private pool, the user can privately transfer, swap, or interact with dApps. These transactions are verified on-chain using zero-knowledge proofs, which confirm the validity of the transaction without revealing its details. Observers of the blockchain can only see cryptographic updates to the pool's state.
3. Unshield: The user withdraws funds from the private pool to a public address. This "unshield" transaction is also public. To maintain privacy, users are advised to withdraw to a new, unused address. ^[4]

Network and Node Privacy

Kohaku implements several features to minimize metadata leakage at the network level, reducing reliance on trusted third parties like RPC (Remote Procedure Call) providers. ^[1]​

• RPC Independence: The wallet integrates the Helios light client, which runs as a WebAssembly (WASM) package in the browser. This allows the wallet to verify blockchain data locally without trusting a third-party RPC provider, which could otherwise log a user's IP address and transaction data. An RPC fallback with a killswitch is included for redundancy. ^{[1] [4]}
• P2P Transaction Broadcasting: Users have the option to broadcast transactions directly to the Ethereum peer-to-peer network. This practice bypasses centralized relayers and makes it more difficult to link a user's IP address to their on-chain activity. ^[1]
• IP Leakage Prevention: The architecture includes mechanisms designed to prevent the unnecessary leakage of user IP addresses during interactions with the blockchain. ^[1]

dApp Interaction and State Reading

Kohaku introduces features to enhance privacy when interacting with decentralized applications (dApps) and reading blockchain state. ^[1]​

• Private State Reading: To prevent RPC providers from knowing which parts of the blockchain state a user is accessing, Kohaku implements a minimal execution client in the browser for private eth_call functions. The initial implementation uses an oblivious server combining a Trusted Execution Environment (TEE) with Oblivious RAM (ORAM). The long-term goal is to replace this with purely cryptographic methods like Private Information Retrieval (PIR). ^{[1] [4]}
• One Account Per dApp: To prevent on-chain analysis firms from correlating a user's activity across different services, the wallet's default behavior is to prompt the user to create and use a new address for each new dApp they connect to. This compartmentalizes a user's on-chain footprint. ^{[1] [4]}

Account Security and Recovery

Beyond transactional privacy, Kohaku incorporates advanced security and recovery features. ^[1]​

• Social Recovery: The project plans to offer standardized, intermediary-free social recovery options that leverage zero-knowledge proofs. This includes protocols like ZKemail, ZKpassport, and Anon Aadhaar, which allow users to recover accounts without publicly linking their real-world identities. ^[1]
• Post-Quantum Killswitch: To mitigate the future threat of quantum computers breaking current cryptographic standards, Kohaku includes an optional feature to enable Post-Quantum (PQ) secure accounts. This uses optimized Solidity verifiers for PQ signature schemes such as Falcon and Dilithium. ^{[1] [4]}
• Spending Policies: The wallet will allow users to create account-level policies, such as setting spending limits for different signers associated with an account. ^[1]

Hardware and Wallet Integration

The Kohaku roadmap includes plans to foster a more open and interoperable hardware wallet ecosystem. ^[1]​

• Universal Hardware Wallet App: A reference implementation for a universal "ethereum-app" for hardware wallets is planned to support advanced features and reduce vendor lock-in. ^[1]
• ZK Hardware Signer: To ensure hardware wallet compatibility with ZK-based privacy protocols, the project includes support for elliptic curves like Jubjub and Bandersnatch, which are commonly used in ZK circuits. ^[1]

Future Developments and Research

The Kohaku roadmap outlines several ambitious long-term goals aimed at building a more deeply integrated private-by-default environment for Ethereum users. ^[1]

• Native Ethereum Browser: The project contributors envision a native Ethereum browser as a logical next step. This would bring wallet security closer to the operating system level, enabling stronger security for dApp interfaces (e.g., those hosted on IPFS) and deeper P2P integration. ^[1]
• Local AI for Transaction Scoring: Research is underway to develop on-device AI models that can assess transaction risk without leaking private user data to third-party analysis services. ^[1]
• Privacy-Preserving Account Abstraction: A key research area is the development of privacy-preserving account abstraction, which would allow a single wallet to seamlessly control both public and private funds. This requires advances like client-side ZK-EVM or ZK-RISC-V provers. The team plans to work toward native account abstraction on Ethereum through 2026. ^[1]
• Private Data Recovery: The project is exploring new social recovery schemes specifically for private data, such as wallet secrets or private ZK POAPs (Proof of Attendance Protocol NFTs). ^[1]

Ecosystem and Collaboration

Kohaku is a collaborative effort led by the Ethereum Foundation and involves numerous teams and individuals from across the Ethereum ecosystem. ^[1]​

Key Figures

• Nicolas Consigny (@ncsgy): A developer at the Ethereum Foundation and one of the public faces of the Kohaku project. ^[5]
• Vitalik Buterin: Co-founder of Ethereum, who was presented alongside Nicolas Consigny as a public face of Kohaku, signifying the project's importance. ^[5]
• @niard: The credited author of the technical roadmap for Kohaku, indicating a lead role in the project's technical architecture and development. ^[2]

Collaborating Organizations and Teams

• Ethereum Foundation (EF)
• Privacy and Scaling Explorations (PSE)
• Ambire
• Railgun
• Wonderland
• Helios (a16z)
• Oblivious Labs
• ZKnox
• Walletbeat (expected collaboration)

Many individual contributors are also involved in the project's development. ^[1]​