Vitalik's "Can't Be Evil" Roadmap: The New Role of Privacy in Ethereum's Narrative

While the market is still chasing the ups and downs of "privacy coins," Vitalik has already placed privacy on Ethereum's technical and governance roadmap for the next decade.

Written by: Sanqing, Foresight News

With the sharp rise in privacy sector prices, the "privacy narrative" has once again returned to the market's spotlight. Capital is searching for targets with the "privacy" label on charts, and the community is discussing whether privacy will become the main theme of the next cycle. However, if the perspective remains only on the price fluctuations of a particular privacy chain or a single token, it's easy to miss a more crucial turning point. At the 2025 Ethereum Argentina Developer Conference, Ethereum founder Vitalik Buterin, in a roughly 30-minute roadmap speech, once again placed privacy within Ethereum's future technical and governance framework.

What Exactly Does "Privacy" Mean?

In daily life, privacy usually means "don't let others randomly look at my chat records, salary, or address." On a public chain like Ethereum, the situation is exactly the opposite: the default setting is that once data is on-chain, it is public to everyone.

Everyday privacy and privacy in the Ethereum context are two branches of the same tree, but the latter is broken down more finely and technically. When discussing privacy in the blockchain context, it mainly deals with several very specific types of information.

First is assets and transaction records. Which addresses you have, what assets each address holds, how much money has been transferred between these addresses and how frequently—all of this is crystal clear on-chain. Anyone can see it by opening a blockchain explorer.

Second is identity and relationships. A single address may look like a random string, but through transaction relationships and time patterns, analysts can often infer which addresses belong to the same user, which addresses frequently interact with the same counterparties, thereby piecing together your "on-chain social circle" and fund flows.

Third is behavioral trajectories and preferences. The time periods you usually interact, which protocols you commonly use, whether you prefer high-risk products, and which new launches or airdrops you often participate in—all of this accumulates into a "behavioral resume." Who can use this resume and for what purpose is a real-world issue.

Fourth is network and device information. When wallets, browsers, and RPC services operate, they may access your IP address, rough geographic location, and device fingerprint. If this is further linked to on-chain addresses, the data is no longer just "anonymous addresses," but becomes identity clues that increasingly align with the real world.

From "Don't Be Evil" to "Can't Be Evil"

In this conference speech, Vitalik once again used a familiar comparison to summarize Ethereum's goal. He mentioned that centralized exchanges like FTX essentially operate on "everyone trusts a certain person or company," but their ledgers and risk exposures are invisible to outsiders. The early internet giants often used the slogan "Don't be evil," meaning the company promises not to do evil.

The goal of blockchain is different. What Ethereum wants to achieve is "Can't be evil," using cryptography and consensus mechanisms to design the system so that even if individual participants have malicious intentions, it is very difficult for them to succeed.

Within this framework, "transparency" solves the first part of the problem. Public ledgers and verifiable states can prevent assets from being misappropriated without anyone knowing—this is one of the most repeatedly emphasized values of blockchain. But if all information is pushed to extreme transparency, another type of risk emerges: for those who possess all behavioral data and analytical capabilities, this data can become an overwhelming intelligence advantage, used for profiling, stratification, differential treatment, and even forming new centers of power in terms of censorship and regulation.

Therefore, true "can't be evil" must set limits at both ends. On one end, assets and states cannot be quietly altered; on the other, information and permissions cannot be infinitely concentrated in the hands of a few. Privacy is the key tool for the latter. It is not opposed to transparency, but rather adds boundaries to transparency: making public only what must be public, and keeping the remaining information within the scope of "minimum necessary disclosure."

Vitalik: Privacy Is Ethereum's Shortcoming

When sorting out what blockchain is suitable and unsuitable for, Vitalik explicitly listed privacy in the latter category.

In his view, Ethereum's advantages are very clear. For example, payments and financial applications, DAOs and governance, ENS and decentralized identity, censorship-resistant content publishing, and the ability to prove that something truly happened or is scarce at a certain point in time.

At the same time, the shortcomings are equally clear: lack of privacy, difficulty supporting extremely high throughput and ultra-low latency computation, and inability to directly perceive real-world information. Privacy issues are not just user experience flaws in individual DApps, but are explicit limitations at the current architectural level.

This means that in Ethereum's official roadmap narrative, privacy is no longer a high-level feature piled on top, but one of the known inherent defects of this architecture. The way to solve this problem is not as simple as attaching a privacy sidechain. Vitalik describes another path: using a more diverse set of cryptographic tools and protocol combinations to abstract privacy as a fundamental capability.

In the speech, components such as Swarm and Waku were mentioned, which respectively serve the roles of decentralized storage and messaging, further layered with "programmable cryptography" modules like zero-knowledge proofs and homomorphic encryption. These building blocks are not for a single isolated project, but are toolkits for all developers. The goal is to leave room for more refined privacy design without sacrificing the public settlement properties of the mainnet.

In summary: the future Ethereum will be closer to a combination of "transparent settlement layer + programmable privacy layer," rather than simply swinging between complete openness and total black-box.

LeanEthereum: Laying the Foundation for "Provable Yet Concealable"

In the longer-term plan, Vitalik proposed the concept of "Lean Ethereum," aiming to adjust Ethereum's various components to a more compact and theoretically optimal form through a series of replacements and simplifications, many of which are directly related to privacy.

The first is a virtual machine and hash functions friendly to zero-knowledge proofs. Currently, deploying complex ZK systems on Ethereum is costly and has a high threshold, largely because the underlying virtual machine and state structure were not designed with "proof-friendliness" in mind—it's a bit like running a heavy-duty truck on a regular road. Lean Ethereum attempts to adjust the instruction set, state data structure, hash algorithms, and other fundamental elements so that "proving something is legitimate without revealing all the details" becomes a cost-controllable routine operation, rather than an expensive privilege that only a few protocols can afford.

The second is post-quantum cryptography and formal verification. Once a privacy system is breached, it is often difficult to "remedy after the fact." For example, if a widely adopted encryption scheme is broken by quantum computing in the future, historical data could collectively lose its protection in a short time. By considering quantum-resistant threats in the long-term roadmap and promoting formal verification of key components, Ethereum is essentially reserving a security boundary for future privacy contracts, privacy rollups, and privacy infrastructure.

User-Side Privacy: Blind Signing Is Both a Security and Privacy Issue

Beyond the protocol and architecture layers, another focus repeatedly emphasized by the Ethereum Foundation in this roadmap and related agendas is user experience and security. This area is also highly relevant to privacy.

In the Trillion Dollar Security speech, the Foundation's security team and audit institutions directly referred to the widespread phenomenon of "blind signing" as a "plague." When users initiate an operation in their wallet, a signature window pops up, displaying a long string of incomprehensible hexadecimal data and a contract address. Users cannot judge what permissions this signature will grant or what information it will expose, but if they want to complete the operation, they ultimately have to click "confirm." This issue simultaneously triggers both security and privacy alarms.

On the security side, users may unknowingly grant "permission to withdraw all assets at any time" to an unknown contract during what appears to be a routine interaction. On the privacy side, users do not know what behavioral data will be exposed by this signature, who is collecting, storing, and analyzing this data, or whether it will be used for profiling, risk control, or even targeted phishing. For users, this is like handing over a pass token in a black box; for those controlling the infrastructure, the related behavior is extremely transparent.

This type of problem is difficult to completely alleviate by "simply raising security awareness." A more realistic path is to promote reform at the standards and product levels. For example, through unified wallet specifications and contract interfaces, transaction consequences can be presented in a human-readable way; more complex data exchanges should be encapsulated in proofs or encrypted channels as much as possible, rather than requiring users to directly expose details. Combined with the evolution of light clients, account abstraction, and privacy protection at the network and RPC layers, on-chain interactions may maintain auditability and accountability without being "completely exposed."

Beyond Market Trends: The Focus of the Privacy Narrative Is Shifting

From a market perspective, the periodic rise of privacy-related assets shows that the "privacy" label still has strong narrative tension. But compared to the previous cycle, the focus of the privacy track is slowly shifting from "betting on a particular privacy chain" to "betting on who is solidly building privacy infrastructure."

On one end are dedicated privacy networks and assets centered on technologies like zero-knowledge proofs, continuing the path of "hiding transaction details at the chain level as much as possible"; on the other end is a whole set of infrastructure and toolkits built around privacy within the Ethereum ecosystem, including ZKRollup, privacy middleware, privacy-friendly wallets, and more secure contract interaction frontends.

In Vitalik's roadmap, Ethereum does not attempt to turn everything into an "untraceable black box," but instead emphasizes "controllable transparency" and "minimum necessary disclosure." The settlement layer remains public, verification logic is ensured by cryptography and contracts, and specific business data is protected in layers according to different scenarios through zero-knowledge proofs, encrypted communication, and access control.