hodler

28 Jan 2026, 16:22

K9 Finance DAO Announces Final Sunset of Shibarium Products

January 2026 In response to the Shibarium exploit, DAO members approved an operational wind-down and community-led transition beyond Shibarium K9 Finance DAO announced the DAO-approved, orderly, and permanent sunset of all products deployed on Shibarium, effective February 25, 2026. The decision was made following the September 12, 2025 Shibarium bridge exploit and the subsequent determination that Shibarium no longer meets the minimum decentralisation, security, or economic standards required for responsible K9 DAO operations. This decision was reached through a formal governance vote of K9 DAO token holders, with record-setting participation, reflecting the seriousness of the circumstances and the community’s commitment to resolving the situation transparently and decisively. DAO-Led Decision With Record Participation K9 Finance DAO is, and has always been, a fully decentralised autonomous organisation. After exhausting all reasonable recovery, remediation, and negotiation paths, the DAO was presented with a structured set of options. Following extensive public discussion, KNINE holders voted to sunset all Shibarium-based products, marking an unfortunate but necessary outcome driven by a number of factors. This decision was not taken lightly. It represents the collective judgment of the community, recorded on-chain, after months of diligence, analysis, and engagement. A Record of Leadership, Delivery, and Ecosystem Contribution A history of K9 Finance DAO shows that they historically performed well. The DAO executed against a clearly defined roadmap — on time, on budget, and with over-delivery — supported by ecosystem partnerships and external validation. Some of these highlights include: Record-setting total value locked (TVL) on the Shiba Inu Layer 2 The largest DeFi protocol on Shibarium with the most daily active users (DAU); with over 500,000 users across its products The most widely used utility in the Shiba Inu ecosystem Material SHIB burn contributions are larger than any other Shibarium products A DAO-managed budget that gave the product operational runway for many years with dedicated upgrades & maintenance, while also exploring expansion opportunities through DAO-voted exploration funding programmes A fully decentralised contributor base exceeding 1,000 active DAO participants that produced open source, audited smart contracts across all product lines In 2025, K9 Finance DAO was selected as a recipient of a $200,000 Google Cloud Grant for Web3 Startups, awarded in recognition of its software development, validator infrastructure, analytics tooling, and open-source contributions. Audited, Open-Source Infrastructure Left for the Community K9 Finance DAO has consistently prioritised audited, open-source development. As part of the sunset process, all Shibarium-based K9 products — including smart contracts, documentation, and deployment tooling — will remain fully audited, open source, and publicly accessible. This enables the Shibarium team or any independent community member to host, operate, or modify these systems at their own discretion, expense, and business model. Following the sunset, the K9 DAO Foundation will no longer be responsible for hosting, maintaining, or operating these services. Root Cause of the Exploit and Independent Findings On September 12, 2025, the Shibarium bridge was exploited following the compromise of 10 out of 12 validators, all operated by the Shibarium team. K9 Finance DAO’s validator was not compromised. Independent assessments of validator decentralisation and operational risk concluded that validator concentration at this level constitutes a systemic security failure and is not an appropriate environment for DAO-level financial infrastructure. Approximately 25% of the total KNINE supply was removed from the bridge and remains unrecovered, leaving the Shibarium deployment economically impaired and under-collateralised. These findings materially informed the DAO’s decision to sunset. Exhaustive Recovery Efforts Following the exploit, K9 Finance DAO undertook extensive good-faith recovery efforts, including: Emergency on-chain actions to blacklist stolen tokens Joint bounty initiatives with Shib-affiliated contributors On-chain communication with the attacker Independent forensic tracing of stolen assets Escalation to centralised exchanges Public disclosure of findings when progress stalled Despite these efforts, the stolen assets were not recovered, the bridge remained closed, and no finalised compensation plan or remediation timeline was delivered. The Shiba Inu team publicly announced that they would compensate all impacted users, but their compensation plan consisted of a product called a Shib Owes You (SOU) program in which impacted users would receive an NFT on-chain that represented the amount that they were owed. They announced their recovery efforts would be made incrementally to these NFT holders, and impacted users are still eligible for Shiba Inu’s compensation plan and should contact Shiba Inu directly regarding these. Orderly Sunset, Liquidity Migration, and Decentralised Transition As approved by DAO vote: All Shibarium-based K9 products will sunset on February 25, 2026 Liquidity currently deployed on Shibarium will be migrated to a new chain Operational bottlenecks will be handed to the community to further decentralize control K9’s full-time development and operations contributors will assist with product shutdowns, open-source releases, and the delivery of a fully audited membership token and secure claim portal on a new chain. A new decentralised website hub will be launched and hosted as a permanent community archive and historical record of K9 DAO. Following this transition, the continuation and evolution of K9 will rest entirely with the community. DAO-Governed Migration and Claims Process Following DAO approval: K9 membership tokens will be minted on a new chain Tokens will represent DAO membership and governance rights A claim portal is expected prior to May 30, 2026 All affected users will be notified through official K9 channels Any claims related to losses arising from the Shibarium bridge exploit must be addressed to the Shibarium team, as K9 Finance DAO does not control or operate Shibarium infrastructure. Conclusion K9 Finance DAO is a truly sad story. The DAO delivered on its roadmap, exceeded its mandate, and upheld the highest standards of decentralised development. This sunset is not a failure of the DAO — it is the consequence of infrastructure conditions that no longer meet the requirements of trustless, community-governed systems. K9 leaves behind a legacy of audited code, open infrastructure, and a decentralised future — now governed entirely by its community. Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

28 Jan 2026, 15:54

SwapNet loses $13.4 million after input validation flaw enables asset drain

Blockchain security firm BlockSec has released a technical analysis of the attacks that hit two decentralized finance protocols, resulting in losses of more than $17 million. SwapNet, a DEX aggregator, suffered losses of over $13.4 million across Ethereum, Arbitrum, Base, and Binance Smart Chain, while Aperture Finance, which manages concentrated liquidity positions, lost an estimated $3.67 million in a concurrent but unrelated incident. “The victim contracts expose an arbitrary-call capability due to insufficient input validation, allowing attackers to abuse existing token approvals and invoke transferFrom to drain assets,” BlockSec stated in a summary of its analysis on X. The security firm stated , “These incidents serve as a reminder that flexibility in contract design must be carefully balanced with strict call constraints, especially in closed-source systems where external review is limited.” What was behind SwapNet’s vulnerability? In the SwapNet case, the vulnerability came from the function 0x87395540(), which lacked proper validation on critical inputs. By replacing expected router or pool addresses with token addresses such as USDC, attackers tricked the victim contract into treating tokens as valid execution targets. This led to low-level calls being executed with attacker-controlled calldata, enabling the victim contract to perform calls that allowed the attacker to siphon all approved assets. The vulnerability impacted users of Matcha Meta , a DeFi exchange meta-aggregator, who had disabled the platform’s “One-Time Approval” setting and granted infinite approval directly to SwapNet contracts. The largest single loss came from one user who lost around $13.34 million . In total, 20 users were affected. The attack began on Base at block 41289829, prompting SwapNet to pause contracts on Base 45 minutes after the initial exploit was detected. It also paused contracts on other chains shortly after; however, during that window, an additional 13 users were affected across three chains. Similar weakness hit Aperture Finance Aperture Finance, which manages Uniswap V3 liquidity positions on behalf of users, fell victim to the same class of vulnerability in its function 0x67b34120(). When this function was invoked, an internal function 0x1d33() executed low-level calls using calldata supplied by users without enforcing strict constraints on the call target or function selector. This enabled attackers to construct malicious calldata that siphoned ERC-20 tokens and also approved Uniswap V3 position NFTs. Users who had authorized approvals for “Instant Liquidity Management” features were the ones at risk from this attack. In one representative attack on Ethereum, the attacker created a contract that invoked the vulnerable function with just 100 wei of ETH. After wrapping the native tokens into WETH, the malicious call to WBTC.transferFrom() was executed, allowing the attacker to drain approved tokens while passing a balance check by specifying their own swap output value. What changes are the affected platforms making? The incidents have prompted both protocols to reassess their approach to security. First, both protocols asked their users to revoke approvals using tools such as Revoke.cash. Matcha Meta stated that it has disabled the toggle that allows users to turn off One-Time Approval. It has also removed SwapNet from its platform until further notice, while stating that “Erring on the side of customizability over security is not a posture we will allow moving forward.” Aperture Finance stated that it has disabled all affected web application functionalities. On its recovery efforts, it stated, “We are working closely with top-tier forensic security firms and are coordinating with law enforcement to trace funds,” while adding that it is also establishing channels to negotiate the return of funds as well. Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.

27 Jan 2026, 15:14

Moltbot founder denies involvement in meme coins after scammers exploit Clawdbot rebrand

Peter Steinberger, the developer who previously built PSPDFKit and is now behind the viral AI assistant Clawdbot, which has now rebranded to Moltbot, took to X to denounce what he described as harassment from “crypto folks” attempting to link him to unauthorized meme coins. “Please stop pinging me, stop harassing me. I will never do a coin,” Steinberger wrote , adding that any project listing him as a coin owner is a scam. The controversy erupted after Anthropic , the company behind Claude AI, forced Steinberger to rename his project from Clawdbot to Moltbot over trademark concerns. During the transition, crypto opportunists seized the organization’s GitHub and X renames, according to Steinberger’s account of events. Within hours, fake CLAWD tokens and different variations of the rebranded name were created and distributed, with one already having a market cap of over $8.48 million and a trade volume of over $17 million, as seen on GMGN.AI as of the time of writing. What happened during Clawdbot’s rebranding? In a post explaining the situation, Steinberger wrote, “Had to rename our accounts for trademark stuff and messed up the GitHub rename, and the X rename got snatched by crypto shills.” Steinberger later clarified that the name change was not voluntary. “Crypto folks: I was forced to rename the account by Anthropic. Wasn’t my decision,” he stated. The original Clawdbot account no longer exists, as it seems the X team has taken it down. However, it created an opening for individuals promoting cryptocurrency schemes, a development that has caused confusion among the project’s legitimate user base and opened the door for scammers to falsely associate Steinberger with token launches. Viral project becomes scam magnet Clawdbot, which Steinberger named after his AI assistant “Clawd,” had achieved remarkable organic growth before the controversy. The open-source project garnered 9,000 GitHub stars within 24 hours of launch and crossed 60,000 stars by day three, making it one of the fastest-growing developer tools in recent memory. The self-hosted AI assistant allows users to run an AI agent locally with full system access, integrating with multiple messaging platforms, including WhatsApp, Telegram, Slack, and Discord. Its popularity and that of the founder may have made it an attractive target for crypto scammers looking to capitalize on viral technology trends. However, due to trademark reasons, the project had to be rebranded and is now known as Moltbot. What is Steinberger saying regarding the project? The Moltbot founder has made it clear that he would not accept any fees or compensation related to cryptocurrency projects. “You are actively damaging the project,” he told those continuing to associate him with tokens. The Moltbot project continues under its new branding, though the incident has raised questions about the vulnerability of technology founders to cryptocurrency-related harassment and impersonation. Steinberger himself has posted an update on the recovery of his GitHub account, clarifying that it was his personal account that was hijacked and has now been recovered. He wrote , “GitHub’s resolved. This only affected my personal account, not the org (messed up the rename).” He stated that it will take another day to resolve the X account issue, adding that the original X handle is @moltbot and “not any of the 20 scam variations of it.” Steinberger also informed users that they do not need to do anything for the next release, as the update will work just as before. The smartest crypto minds already read our newsletter. Want in? Join them .

26 Jan 2026, 21:50

Coinbase Commerce hack wallet reactivated after nearly two years

Coinbase Commerce hack (2024) linked wallet came back to life after nearly two years of inactivity. On-chain data shows the attacker began moving funds in January 2026. In the fresh moves, it deposited $5.4 million worth of Ethereum into Tornado Cash so far. Before the deposits, the theft-linked address moved roughly $5.8 million in DAI to a fresh wallet. That DAI was swapped for Ether. The ETH was then broken into multiple deposits, and Tornado Cash activity followed a clear batching pattern. The attacker sent twenty deposits of 100 ETH, and then smaller amounts followed. These included 10 ETH, 1 ETH, and fractional transfers. However, a separate wallet linked to the attacker is still holding about $4.6 million in DAI. This comes in when the global crypto market is dealing with heavy selling pressure. Ethereum has dropped by almost 10% in the last 7 days. ETH was trading in the range of $3,100-$3,700 in April 2024, when the exploit happened. As of now, Ether is trading at an average price of $2,890. Coinbase Commerce exploit The incident traces back to the date flagged in April 2024. On-chain investigator ZachXBT reported suspicious outflows from a Coinbase Commerce contract at the time. On April 21, 2024, the contract recorded more than 1,700 USDC outflows over a 16-hour window on Polygon. The total value reached $15.97 million. The pattern suggested a merchant using Coinbase Commerce had been exploited. The funds were drained in repeated transfers. The stolen USDC was later bridged from Polygon to Ethereum. It was swapped for Ether and was split across three wallets. The attacker has resumed activity after nearly two years of dormancy and is now depositing stolen funds into Tornado Cash. A total of $5.4M has been deposited so far. Prior to this, the theft address transferred $5.8M DAI to a fresh wallet, which was subsequently swapped for… https://t.co/6hZWByeuRQ pic.twitter.com/67vx2CLk6U — Specter (@SpecterAnalyst) January 26, 2026 Shortly after the theft, a threat actor using the alias “Excite” began discussing the funds in private chats. ZachXBT linked those claims to addresses tied to the outflows. He mentioned that back in May 2024, a Telegram user using the handle “tezedasads12” sent a 1 DAI transaction. The transfer was used to prove control over a wallet holding about $6 million from the theft. The same actor claimed ownership of the Instagram username “Excite.” He also attempted to purchase a matching Telegram username but failed. The Instagram account was initially private, but it later went public. The account showed luxury watches and other high-value items. ZachXBT stated that open source intelligence suggested the individual may have been based in Denmark. That detail was not independently confirmed. After the initial laundering phase, most of the funds stopped moving. Wallets linked to the exploit went dormant. Meanwhile, a smaller portion of funds was later routed through decentralized exchanges and staking platforms. Those transactions were used to move assets into new wallets. One deposit address showed high exposure to known drainer infrastructure. Investigators flagged that as a risk signal. The January 2026 Tornado Cash deposits mark the first major activity tied to the exploit in nearly two years. Coinbase hack 2025 The case adds to a series of security incidents tied to Coinbase. In May 2025, Coinbase disclosed a separate cyber attack. The company said the incident could cost up to $400 million. In that case, attackers obtained limited customer data by paying contractors and employees. The data was used to impersonate Coinbase and trick users. Coinbase said fewer than 1 percent of customers were affected. The attackers demanded $20 million and Coinbase refused to pay. Private keys were not compromised. However, the company said it would reimburse affected users. Join a premium crypto trading community free for 30 days - normally $100/mo.

26 Jan 2026, 19:10

US Marshals Probe Shocking $40M Crypto Theft by Contractor’s Son in Major Government Security Breach

BitcoinWorld US Marshals Probe Shocking $40M Crypto Theft by Contractor’s Son in Major Government Security Breach WASHINGTON, D.C. — March 2025 — Federal authorities confront a staggering security breach as the U.S. Marshals Service launches a comprehensive investigation into the alleged embezzlement of more than $40 million in cryptocurrency from a government-controlled wallet. This shocking incident involves the child of an employee at CMDSS, a critical federal contractor responsible for managing digital assets seized by law enforcement agencies nationwide. The case immediately raises profound questions about security protocols surrounding government-held cryptocurrency and represents one of the largest potential thefts from federal digital asset reserves in American history. US Marshals Service Investigates Major Government Crypto Breach The U.S. Marshals Service confirmed its active investigation this week following initial reporting by CoinDesk. This federal agency, operating under the Department of Justice, manages one of the government’s most significant cryptocurrency portfolios through seized assets from criminal cases. Consequently, the alleged theft represents not just a financial loss but a substantial breach of federal asset management systems. The investigation centers on transactions occurring over several months, with blockchain analysts tracing movements from official government wallets to private accounts. Federal contractors like CMDSS play crucial roles in maintaining these systems. Specifically, CMDSS provides specialized IT services to both the Department of Defense and Department of Justice. Their responsibilities include securing and managing cryptocurrency seized during federal operations. Therefore, this incident exposes potential vulnerabilities in the chain of custody for digital assets worth hundreds of millions of dollars. The Marshals Service has historically auctioned seized cryptocurrency through approved channels, generating substantial revenue for federal crime victim funds. Contractor Security Protocols Under Scrutiny CMDSS, the contractor at the center of this investigation, maintains contracts with multiple federal agencies. The company specializes in secure information technology solutions for sensitive government operations. According to procurement records, CMDSS has received over $50 million in federal contracts during the past five years. Their work includes developing and maintaining systems for tracking and securing seized digital assets. However, this incident suggests possible failures in their security implementation or personnel oversight procedures. The alleged perpetrator, identified as the son of CMDSS President Dean Daghita, reportedly gained access through unclear means. Blockchain investigator ZachXBT noted the complexity of tracing the transactions. “The movement patterns suggest either sophisticated social engineering or compromised authentication systems,” ZachXBT stated in their analysis. Furthermore, the scale of the theft indicates it may have occurred over an extended period rather than as a single event. This pattern raises additional concerns about detection systems and regular auditing practices. Historical Context of Government Crypto Management This incident follows several high-profile cases involving mismanagement of government-held cryptocurrency. In 2023, the Department of Justice established new guidelines for seized digital asset management. These guidelines specifically addressed secure storage solutions and regular auditing requirements. Previously, in 2021, the Internal Revenue Service faced criticism for inadequate tracking of seized cryptocurrency during drug trafficking investigations. The Marshals Service itself has conducted multiple auctions of Bitcoin and other cryptocurrencies since 2014, developing what many considered robust procedures. The table below shows recent major government cryptocurrency seizures: Year Agency Asset Type Approximate Value 2022 Department of Justice Bitcoin $3.36 billion 2023 IRS Criminal Investigation Various Cryptocurrencies $1.2 billion 2024 U.S. Marshals Service Ethereum, Bitcoin $900 million These substantial holdings make effective security protocols absolutely essential. The alleged $40 million theft, while significant, represents a relatively small percentage of total government-held cryptocurrency. Nevertheless, the breach of trust and security implications carry substantial weight. Federal agencies increasingly rely on specialized contractors for technical expertise in the rapidly evolving cryptocurrency landscape. Blockchain Forensics and Investigation Methods Investigators employ multiple techniques to trace the alleged theft. Blockchain analytics firms typically use clustering algorithms to connect wallet addresses. They also analyze transaction patterns and timing to identify potential controllers. In this case, the movement of funds suggests attempts at obfuscation through mixing services or decentralized exchanges. However, most mixing services retain some transaction records that skilled analysts can potentially unravel. Key investigation challenges include: Wallet identification – Determining which addresses belong to government entities Transaction tracing – Following funds across multiple blockchain networks Timeline establishment – Creating accurate sequence of events Access verification – Determining how authentication systems were compromised Blockchain investigators like ZachXBT have developed sophisticated tools for these purposes. Their work often involves analyzing millions of transactions across multiple blockchains. Additionally, they collaborate with cryptocurrency exchanges to identify account holders associated with specific wallet addresses. This multi-pronged approach has proven effective in numerous high-profile cryptocurrency investigations worldwide. Potential Impacts on Federal Crypto Policies This incident will likely trigger significant policy reviews across multiple agencies. Congressional oversight committees have already indicated plans to examine government cryptocurrency management practices. Potential outcomes include stricter contractor vetting requirements, enhanced auditing protocols, and revised custody solutions. Some legislators may advocate for reducing government cryptocurrency holdings through more frequent auctions. Others might propose creating a dedicated federal digital asset management agency with enhanced security standards. The cryptocurrency industry closely watches these developments. Many blockchain companies provide custody solutions specifically designed for institutional clients. These companies emphasize multi-signature wallets, hardware security modules, and institutional-grade key management. Federal agencies have historically been slower to adopt such solutions than private sector financial institutions. This incident may accelerate adoption of more sophisticated security measures across government cryptocurrency operations. Legal Implications and Prosecution Pathways Federal prosecutors will likely pursue multiple charges if evidence supports the allegations. Potential charges include wire fraud, computer fraud, theft of government property, and money laundering. Each charge carries substantial prison sentences, particularly given the amount involved. Prosecutors must establish both the theft itself and the defendant’s knowledge that the funds belonged to the government. They must also demonstrate how the defendant gained unauthorized access to the wallet systems. The Department of Justice has developed substantial expertise in cryptocurrency cases. Their National Cryptocurrency Enforcement Team, established in 2021, coordinates complex digital asset investigations. This team works alongside the U.S. Marshals Service and other agencies. Their involvement suggests this case will receive high-level attention and resources. Successful prosecution could establish important precedents for future government cryptocurrency theft cases. Defense strategies might focus on access authorization questions. If the defendant had legitimate access through their parent’s position, the case becomes more complex. Alternatively, defense attorneys might argue the defendant believed they were accessing legitimate test networks or demonstration systems. These arguments would require substantial supporting evidence regarding system configurations and access permissions. Conclusion The US Marshals Service investigation into the alleged $40 million cryptocurrency theft represents a critical moment for federal digital asset security. This shocking breach exposes vulnerabilities in contractor-managed government systems and highlights the evolving challenges of securing cryptocurrency holdings. As the investigation progresses, expect significant policy revisions, enhanced security protocols, and potentially landmark legal proceedings. The case underscores the urgent need for robust, auditable systems for managing government cryptocurrency reserves in an increasingly digital financial landscape. Ultimately, this incident will likely transform how federal agencies secure, manage, and audit their growing cryptocurrency portfolios. FAQs Q1: What is the U.S. Marshals Service investigating? The U.S. Marshals Service is investigating the alleged theft of over $40 million in cryptocurrency from a government wallet. The investigation focuses on transactions potentially involving the son of an employee at federal contractor CMDSS. Q2: How did the alleged perpetrator access the government cryptocurrency wallet? Investigators have not yet determined the exact access method. Blockchain analyst ZachXBT noted it remains unclear whether the individual gained unauthorized access or received improper authorization through their connection to CMDSS leadership. Q3: What is CMDSS and what role do they play? CMDSS is a federal contractor providing IT services to the Department of Defense and Department of Justice. The company manages cryptocurrency seized by law enforcement agencies, making them responsible for securing substantial government digital asset holdings. Q4: How significant is this theft compared to other government cryptocurrency holdings? While $40 million represents a substantial sum, it constitutes a relatively small percentage of total government-held cryptocurrency. The U.S. Marshals Service alone has managed billions in seized digital assets in recent years through controlled auctions. Q5: What are the potential consequences of this security breach? Potential consequences include criminal prosecution of those involved, revised security protocols for government cryptocurrency management, increased contractor oversight, and possible congressional hearings on federal digital asset security practices. This post US Marshals Probe Shocking $40M Crypto Theft by Contractor’s Son in Major Government Security Breach first appeared on BitcoinWorld .

26 Jan 2026, 16:34

Vitalik Buterin reverses stance on 2017 dismissal of blockchain self-verification

Vitalik Buterin, co-founder of Ethereum, has admitted he was wrong about something he said nearly ten years ago. The blockchain pioneer recently said he’s changed his mind about how users should interact with and check blockchain networks. Buterin caused a stir in 2017 when he referred to the notion of individuals verifying blockchain data on their own as a “weird mountain man fantasy.” He now claims that viewpoint was incorrect. His latest remarks on X demonstrate that he has been persuaded to change direction by both new technologies and lessons learned over the years. The 2017 debate over blockchain design The change brings up a long-standing debate over the proper operation of blockchains. That year, Buterin and blockchain theory researcher Ian Grigg engaged in a public argument. According to Grigg, blockchains should simply record transaction times. He reasoned that the real state of affairs, such as how much money people have or what smart contracts are doing, could be recreated on separate machines and subsequently discarded. Buterin strongly opposed that idea . He said it would force people to constantly replay every transaction that ever happened just to know what’s current, or they would have to rely on outside services to tell them what’s going on. Buterin advocated for Ethereum’s approach instead. Snapshots of the network’s state get attached to each block. With something called Merkle proofs and assuming most miners or validators are honest, users could check specific information without depending on a middleman. The problem with making everyone verify everything themselves, Buterin argued back then, was that regular computers couldn’t handle it. The only way to make it work would be to severely limit how much the network could do. New cryptography changes the equation So what changed? The answer is zk-SNARKs, a type of advanced math that lets someone prove they did a bunch of calculations correctly without having to show their work or make others redo everything. After years of having to choose between poor solutions, Buterin characterizes zk-SNARKs as discovering an inexpensive, universal solution. Thanks to this technique, Ethereum can now provide full verification security without making it excessively costly or challenging for average users. He says this breakthrough means Ethereum can rethink compromises it once had no choice but to accept. That’s particularly true when it comes to scaling up, staying decentralized, and allowing peopl e to ve rify things themselves. Buterin also admit s hi s earlier thinking depended too much on perfect conditions. In the real world, networks fail. In addition to slowing down connections and shutting down services, middlemen may be forced to prohibit specific apps or users due to external pressure from society or governments. When those issues arise, relying on other parties or requiring developers to intervene becomes a vulnerability. That realization supports his renewed interest in what he calls the “mountain man’s cabin” idea. It’s a backup plan that lets people work directly with the blockchain when everything else falls apart. zk-SNARKs are now a major focus of Ethereum’s development plans, particularly through zero-knowledge rollups. By processing thousands of transactions off the main chain and giving Ethereum a single cryptographic proof, these second-layer networks significantly reduce expenses. These methods are already being used in projects like zkSync , StarkNet, and Scroll . Regarding proof size, transparency, and processing costs, each person adopts a different strategy. Around mid-2025, community members suggested that keeping personal information off-chain and using cryptographic proofs might help Ethereum meet European data protection requirements. Zk-SNARKs came up as a way for validators to confirm data is correct without actually seeing it. This would reduce what needs to be stored on-chain. Technically speaking, Buterin has realized that some outdated design decisions currently impede Ethereum’s zero-knowledge objectives. After the modular exponentiation precompile, which he had included himself, proved to be a significant barrier to producing zk proofs, he proposed eliminating it in late 2025. Get seen where it counts. Advertise in Cryptopolitan Research and reach crypto’s sharpest investors and builders.