In a post on Ethereum Magicians on April 11, the mathematician proposed a roadmap that focuses on making private transactions and anonymous onchain interactions more accessible and natural for everyday users without needing major changes to the networks core protocol.
The proposed roadmap covers four primary key forms of privacy: privacy of onchain payments, partial anonymization of onchain activity inside applications, the privacy of reads to the chain, and network-level anonymization, said Buterin.
My own current privacy roadmap (much lighter on L1 changes, but also more limited in its consequences): https://t.co/gBtRAC4Ou7
Highly encourage people to read both! https://t.co/vNw0ubNpEd
vitalik.eth (@VitalikButerin) April 11, 2025
Privacy on Ethereum is still too weak because it is transparent by design. While this is good for trust and security, it makes user activity easy to track. If someone knows an Ethereum address, they can trace the users entire transaction history, including balances, app usage, and interactions with other users.
Buterin’s roadmap focuses on fixing this through practical, incremental improvements that can be deployed without overhauling the network.
He said that wallets like MetaMask or Rabby should integrate tools like Railgun and Privacy Pools, offering users a shielded balance and private send options as a default.
Wallets should also automatically use different addresses for each dApp instead of a single one for everything, he said.
This is a major step, and it entails significant convenience sacrifices, but IMO, this is a bullet that we should bite because this is the most practical way to remove public links between all of your activity across different applications.
Additionally, sending ETH or tokens between your own wallets should be private by default to support the one-address-per-app design.
Adopting new standards such as FOCIL (Fork-Choice Enforced Inclusion Lists) and EIP-7701 (native account abstraction) would allow privacy protocols to run without centralized relays, making them easier to maintain and harder to censor, he said.
Buterin suggested using Trusted Execution Environments (TEEs) now and Private Information Retrieval (PIR) later for cryptographic guarantees to prevent data leaking to RPC (remote procedure call) nodes.
He also suggested that wallets should rotate between multiple RPC nodes and send data through mixnets to prevent metadata leaks. A mixnet, or mixing network, is a privacy-enhancing technology that hides the connection between the sender and recipient of messages or data, similar to a VPN.
Buterin suggested using proof aggregation, where multiple transactions can share a single on-chain proof, cutting down costs for users.
Finally, he said that users should be able to upgrade or change their wallet security, such as private keys, without revealing connections between their different assets or activities.
Vitalik urged integrating privacy more deeply into wallets, standards, and user habits now rather than waiting for long-term Ethereum upgrades.
The next major upgrade on Ethereum is Pectra, which will introduce account abstraction, and it is scheduled for mainnet deployment on May 7.