Written by: Zhixiong Pan
Although the Ethereum Foundation officially announced the privacy wallet tool Kohaku project yesterday, it was actually confirmed through various channels as early as June this year.
Kohaku will involve collaboration across multiple teams, integrating various components to create a complete browser extension wallet that other wallets can reference, enhancing end-to-end privacy. This includes the Helios light client developed by a16z, the PSE team from the Ethereum Foundation, as well as Ambire, Railgun, Wonderland, and others.
The origin of the word Kohaku is also quite interesting. Since the project is a fork from Ambire, the Japanese word for Amber, "Kohaku," was chosen. However, in Japanese, it also has the meaning of "koi" (specifically the red and white ones), so the project adopted the koi as its image.
What is Kohaku?
Kohaku is a set of privacy and security primitives and SDK for "wallets," along with a reference wallet (browser extension) aimed at advanced users to implement these capabilities.
Kohaku is not intended to create a mass-market consumer wallet but rather to provide composable privacy/security building blocks for various wallet teams, allowing them to integrate "all" or "part" of the features as needed (plugin-based). The initial focus is on privacy features, with the reference wallet being a browser extension forked from Ambire. The official emphasis is on mainnet priority, gradually supporting L2 (with attention to "fast withdrawal" capabilities).
The core goals of Kohaku are:
A strong privacy/security primitives SDK;
A reference wallet for heavy users based on this SDK;
Collaboration with other wallets to integrate all or part of the capabilities as needed;
The reference wallet is a fork of Ambire, with mainnet priority, followed by L2 support;
Both the SDK and reference wallet include a plugin system, making it easy for wallet teams to select features as needed.
Core Direction: Not Just "On-Chain Privacy," But "End-to-End"
Kohaku's privacy is not simply about "putting transactions into a private pool," but rather considers trustlessness and exposure at every step from the device to the node. The roadmap outlines a clear "privacy/security checklist":
Built-in Helios light client (WASM): Bringing blockchain state verification to run locally, minimizing reliance on centralized RPC. (Helios is a multi-chain Ethereum light client developed by a16z, which can be compiled into WASM, suitable for embedding in wallets and dApps.)
Minimal execution client + private ethcall: Even for reading on-chain state (common ethcall), it should "prevent the server from knowing what you are reading." The roadmap states, "TEE+ORAM (Trusted Execution Environment + Oblivious RAM) will be implemented first, with the long-term goal of pure cryptographic PIR."
Private sending / private receiving / private payment requests: The wallet will include multiple privacy protocols (initially including Railgun), supporting "private sending/receiving" and "encrypted payment requests."
Unified view of private balances (multi-protocol aggregation): If you have funds across multiple privacy protocols, the wallet will provide an aggregated view.
Avoiding IP leaks and hiding traffic, with optional P2P broadcast transactions (bypassing traditional RPC broadcasting).
Default "one dApp one account" when connecting to dApps: Naturally reducing address association.
Social recovery (ZKEmail / ZKPassport, etc.): Using zero-knowledge to perform "recovery" without leaking identity.
Post-quantum "emergency switch": If necessary, switch to post-quantum signatures like Falcon/Dilithium (Solidity verifier optimization) to guard against quantum security risks.
General hardware Ethereum app / ZK hardware signer / spending limit strategies: Making hardware capabilities into open-source reference implementations, breaking vendor lock-in, and introducing more detailed "spending strategies."
You can think of it this way: Railgun and other "on-chain privacy pools" are one of the foundations, but Kohaku also aims to address "leaky privacy points" such as node trust, network broadcasting, front-end connections, recovery, and hardware signing, achieving "end-to-end minimal exposure."
Roadmap and Collaborative Ecosystem
Phase 1: Privacy/security foundational capabilities.
Ongoing direction: Bringing the wallet as close to the device/kernel as possible, even exploring a "native Ethereum browser" in the future, along with deeper integration with IPFS front-end, P2P, local AI transaction security scoring (without leaking data), etc.
Collaborative teams: Ambire, Railgun, Wonderland, Helios, PSE, Oblivious Labs, ZKnox, etc.
Product Form: SDK + Reference Wallet (Browser Extension)
SDK: Composable "privacy/security" modules for other wallet teams.
Reference wallet (Kohaku Extension): A browser extension forked from Ambire, designed to "run these privacy and security capabilities, demonstrate and prototype," targeting advanced users, not a final product for the general public.
The GitHub side currently shows: The main repository (ethereum/kohaku) is a monorepo listing the @kohaku-eth/railgun package ("railgun privacy protocol lib"). There are also kohaku-extension and kohaku-commons repositories, the former being the extension code (based on Ambire), and the latter being Ambire's public logic library (which has been forked in).
The repository homepage also indicates: It is still under development and not ready for production.
Why is it More "Private" than MetaMask?
First, let's discuss the current state of MetaMask or other wallets:
You use a public account (EOA), and the address and transactions are permanently public.
When interacting with dApps, you often go through centralized RPC (e.g., Infura), and the RPC service can see your requests and IP.
You often use the same address to connect to different dApps, making it easy to be linked through on-chain analysis.
How does Kohaku rewrite this path? Kohaku uses a set of "end-to-end" methods to block "associable information" as much as possible, with the core differences in these three layers:
On-chain transfers themselves
Through protocols like Railgun, the "money you want to transfer" is first shielded (into the pool) to a private address (0zk), and then "transfers/interactions" occur within the private pool; what is seen on-chain are new commitments/nullifiers (to prevent double spending) and other encrypted records, without directly exposing the source, destination, or amount of funds. Railgun documentation clearly states: 0zk addresses never appear on-chain, and the system updates state and prevents double spending based on UTXO/Note + zk proofs.
It is important to note: Shielding and unshielding (leaving the pool) are visible on-chain (because you need to deposit/withdraw ERC-20 from a contract), but the "transfers, exchanges, and calls" within the pool are private. Railgun currently charges a 0.25% fee for the shielding action (determined by its DAO; only shielding incurs a fee, while private transfers within the pool are free).
Interaction with nodes/networks
The wallet embeds the Helios light client: Many read verifications are done locally, reducing trust and exposure to RPC (especially for reads).
Planned "private eth_call": Even for reading on-chain storage, it should use TEE+ORAM (with the long-term goal of PIR) to prevent the other party from knowing what you specifically read.
Optional P2P broadcasting: Sending transactions without going through traditional RPC reduces the probability of binding "your IP + your transaction."
Front-end/connections and associability
Default "one dApp one account": Each time you connect to a dApp, the wallet will suggest using a "new address/new account," avoiding cross-site profiling.
Private payment requests / private receiving: Payment information is transmitted to the other party using links/QR codes for "0zk payment information," which does not appear on-chain.
Social recovery also uses ZK: For example, ZKEmail, ZKPassport, Anon Aadhaar, allowing "recovery" without leaking privacy.
Complete User Experience from MetaMask to Kohaku
You can think of it as: first putting money "into a private wallet room," doing things inside, and then deciding how to "leave the room."
Step A: Install the Kohaku browser extension and import your mnemonic phrase or create a new one. 
Step B: Enable "Private Mode" in the settings and check the Railgun plugin (Kohaku supports multiple protocol plugins). The wallet will generate key materials for 0zk locally. 
Step C: Shield (deposit): Deposit the ERC-20 you want to use "privately" into the Railgun contract (if it's native ETH, it will first be wrapped into wETH before entering the pool, as per Railgun's rules). This step is visible on-chain (because it involves sending money to the contract), but it is the only "public transaction" to "enter the privacy space." 
Step D: Conduct transfers / swaps / LP / interact with dApp contracts within the private pool. Here, ZK proofs will be generated locally, and only the updates of commitments/nullifiers will be visible on-chain, without revealing who you transferred to or how much. 
Step E: Private receiving: You simply send the 0zk payment link/QR code to others, and this address information will not appear on-chain.
Step F: If needed, unshield (withdraw) to a new public address (preferably not back to the original address to reduce association). Some protocols or front-ends may have configured delay windows/compliance checks (for example, the Privacy Pools direction and Railgun community's proof mechanisms); the Railgun ecosystem has also introduced mechanisms like "a small observation period that can only be returned along the original path" to balance compliance. 
Step G: Optionally enable P2P broadcasting, independent accounts for each dApp, and Helios local verification to further reduce "bindable metadata." 
Which parts are still visible?
Your deposits (shielding) to the privacy pool and withdrawals (unshielding) from the privacy pool are both public transactions. However, transfers/interactions within the pool are private (the sender, receiver, and amount are not visible; only the "pool status" updates can be seen).
If you directly withdraw to "the public address you previously deposited to," analysts may still "reasonably guess" the connection between the two—it's best to withdraw to a new address or continue spending within the privacy domain. 
Summary
Kohaku introduces a new privacy and security paradigm to the Ethereum wallet ecosystem, going beyond simple on-chain privacy protocols and deeply integrating towards end-to-end privacy protection. It will significantly enhance the privacy experience for users interacting with decentralized applications, changing the current norm of transparent on-chain behavior, and setting a new standard of "default privacy" for future wallet products.
As its SDK and plugin system are widely adopted by more wallet teams, the way users interact with the blockchain may be reshaped: moving from transparency to privacy, from centralized trust to local verification, and from on-chain public identities to zero-knowledge identities. Kohaku will drive the Ethereum ecosystem into the mainstream era of privacy applications, accelerating the exploration of innovative models that coexist with compliance and privacy protection, and laying a crucial foundation for the decentralized internet to enter the next stage.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
