Industry News

Industry News

Vitalik Buterin’s Vision for Ideal Ethereum Web3 Wallets: Security, Privacy, and Cross-L2 Transfers

brian danga

Brian D

By: Brian D

Thursday, December 5, 2024

Dec 5, 2024

4 min read

4 min

vitalik with a fun smirk
vitalik with a fun smirk
vitalik with a fun smirk

Photo by: Wikipedia

  • Vitalik Buterin has proposed various ways of building an “ideal” Ethereum-based Web3 wallet. 

  • The Ethereum co-founder centered his arguments around the blockchain's industry’s need for improved security and privacy. 

  • He also encouraged developers to enable seamless cross-Layer 2 asset transfers. 

Vitalik Buterin said Tuesday that Web3 developers must integrate advanced security and privacy features into crypto wallets to enable users to enjoy the full benefits of decentralization and “censorship resistance” on the largest blockchain network by total value locked (TVL). 

According to DefiLlama data, Ethereum hosts $70.16 billion in TVL, of which $53.17 billion is handled by a dozen Layer 2 scaling solutions (rollups), including Arbitrum, Base, Blast, Scroll, ZKsync Era, Starknet, Linea, Polygon zkEVM, World Chain, and others. Buterin also proposed easing asset transfers among these networks, noting that it would enhance user experience. 

Better Web3 Wallet Security and Privacy

In a December 3 blog post titled “What I would love to see in a wallet,” Buterin said that an ideal Web3 wallet should protect users against hacks and malicious attacks, as well as from their own mistakes, such as using poorly designed smart wallets or trading on centralized platforms, where a third party is responsible for the security of user assets. 

“My preferred solution to this, for over ten years, has been social recovery and multisig wallets, with graded access control. A user's account has two layers of keys: a primary key, and N guardians (eg. N = 5).” The post read.  

According to the post, the primary key could handle low-value and non-financial operations, while a majority of guardians would be needed to sign off on high-value transactions like transferring the entire balance in the account. Alternatively, a private key can handle these transactions with a timelock, which reduces counterparty risk by creating a time-based escrow. 

The Ethereum co-founder noted that various user groups could serve as guardians, including friends and family for experienced crypto users, institutions for high-value clients, and personal devices like phones, desktops, or hardware wallets. However, Buterin cautioned that hardware devices may be susceptible to theft if they are stored in the same location.

Commenting on privacy, Buterin urged Web3 developers to integrate private transfers directly into wallets, arguing that the need to download a separate privacy wallet, such as Railway (or Umbra for stealth addresses), inconvenienced users and hindered the adoption of private transactions. 

“A wallet could store some portion of a user's assets as a "private balance" in a privacy pool. When a user makes a transfer, it would automatically withdraw from the privacy pool first. If a user needs to receive funds, the wallet could automatically generate a stealth address.” Buterin proposed. 

Per the Ethereum co-founder, a wallet could also generate a new address for each decentralized application a user interacts with, channeling deposits and withdrawals via the privacy pool. “This allows a user's activity in any one application to be unlinked from their activity in other applications,” Buterin added. 

In addition to enhancing security and privacy in Ethereum-based Web3 wallets, Buterin wants developers to bolster the user experience of cross-L2 transactions. 

Vitalik’s Vision for Cross-L2 Transfers  for Eth Wallets

Referencing a short-term part of a detailed roadmap for improving cross-L2 experience, Buterin proposed two ideas that he termed “theoretically implementable even today.” These included the introduction of built-in cross-L2 sends and chain-specific addresses and payment requests. 

“Your wallet should be able to give you an address that (following the style of this draft ERC) looks like this: 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045@optimism.eth,” Buterin stated. “When someone (or some application) gives you an address of this format, you should be able to paste it into a wallet's "to" field, and click "send".” 

The Ethereum co-founder believes that this approach would allow Web3 wallets to automatically transfer coins directly across similar chains, use a protocol like ERC-7683 to facilitate cross-chain transfers, or leverage a decentralized exchange to enable seamless conversions into supported tokens before processing the send function.   

For decentralized applications that might require a deposit, Buterin advised developers to extend a Web3 API that allows the applications to make a chain-specific payment request, which the wallet should be able to meet in “whatever way it needs.” 

Buterin noted that the user experience could be improved if wallet providers carefully selected which chains to store users’ assets by default to improve security and ease of transactions. 


For businesses building Web3 wallets, incorporating these privacy and security features can set your product apart in the competitive blockchain industry. Learn more about how Web3 is incorporating security and privacy with Decentralized Data Storage

  • Vitalik Buterin has proposed various ways of building an “ideal” Ethereum-based Web3 wallet. 

  • The Ethereum co-founder centered his arguments around the blockchain's industry’s need for improved security and privacy. 

  • He also encouraged developers to enable seamless cross-Layer 2 asset transfers. 

Vitalik Buterin said Tuesday that Web3 developers must integrate advanced security and privacy features into crypto wallets to enable users to enjoy the full benefits of decentralization and “censorship resistance” on the largest blockchain network by total value locked (TVL). 

According to DefiLlama data, Ethereum hosts $70.16 billion in TVL, of which $53.17 billion is handled by a dozen Layer 2 scaling solutions (rollups), including Arbitrum, Base, Blast, Scroll, ZKsync Era, Starknet, Linea, Polygon zkEVM, World Chain, and others. Buterin also proposed easing asset transfers among these networks, noting that it would enhance user experience. 

Better Web3 Wallet Security and Privacy

In a December 3 blog post titled “What I would love to see in a wallet,” Buterin said that an ideal Web3 wallet should protect users against hacks and malicious attacks, as well as from their own mistakes, such as using poorly designed smart wallets or trading on centralized platforms, where a third party is responsible for the security of user assets. 

“My preferred solution to this, for over ten years, has been social recovery and multisig wallets, with graded access control. A user's account has two layers of keys: a primary key, and N guardians (eg. N = 5).” The post read.  

According to the post, the primary key could handle low-value and non-financial operations, while a majority of guardians would be needed to sign off on high-value transactions like transferring the entire balance in the account. Alternatively, a private key can handle these transactions with a timelock, which reduces counterparty risk by creating a time-based escrow. 

The Ethereum co-founder noted that various user groups could serve as guardians, including friends and family for experienced crypto users, institutions for high-value clients, and personal devices like phones, desktops, or hardware wallets. However, Buterin cautioned that hardware devices may be susceptible to theft if they are stored in the same location.

Commenting on privacy, Buterin urged Web3 developers to integrate private transfers directly into wallets, arguing that the need to download a separate privacy wallet, such as Railway (or Umbra for stealth addresses), inconvenienced users and hindered the adoption of private transactions. 

“A wallet could store some portion of a user's assets as a "private balance" in a privacy pool. When a user makes a transfer, it would automatically withdraw from the privacy pool first. If a user needs to receive funds, the wallet could automatically generate a stealth address.” Buterin proposed. 

Per the Ethereum co-founder, a wallet could also generate a new address for each decentralized application a user interacts with, channeling deposits and withdrawals via the privacy pool. “This allows a user's activity in any one application to be unlinked from their activity in other applications,” Buterin added. 

In addition to enhancing security and privacy in Ethereum-based Web3 wallets, Buterin wants developers to bolster the user experience of cross-L2 transactions. 

Vitalik’s Vision for Cross-L2 Transfers  for Eth Wallets

Referencing a short-term part of a detailed roadmap for improving cross-L2 experience, Buterin proposed two ideas that he termed “theoretically implementable even today.” These included the introduction of built-in cross-L2 sends and chain-specific addresses and payment requests. 

“Your wallet should be able to give you an address that (following the style of this draft ERC) looks like this: 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045@optimism.eth,” Buterin stated. “When someone (or some application) gives you an address of this format, you should be able to paste it into a wallet's "to" field, and click "send".” 

The Ethereum co-founder believes that this approach would allow Web3 wallets to automatically transfer coins directly across similar chains, use a protocol like ERC-7683 to facilitate cross-chain transfers, or leverage a decentralized exchange to enable seamless conversions into supported tokens before processing the send function.   

For decentralized applications that might require a deposit, Buterin advised developers to extend a Web3 API that allows the applications to make a chain-specific payment request, which the wallet should be able to meet in “whatever way it needs.” 

Buterin noted that the user experience could be improved if wallet providers carefully selected which chains to store users’ assets by default to improve security and ease of transactions. 


For businesses building Web3 wallets, incorporating these privacy and security features can set your product apart in the competitive blockchain industry. Learn more about how Web3 is incorporating security and privacy with Decentralized Data Storage

  • Vitalik Buterin has proposed various ways of building an “ideal” Ethereum-based Web3 wallet. 

  • The Ethereum co-founder centered his arguments around the blockchain's industry’s need for improved security and privacy. 

  • He also encouraged developers to enable seamless cross-Layer 2 asset transfers. 

Vitalik Buterin said Tuesday that Web3 developers must integrate advanced security and privacy features into crypto wallets to enable users to enjoy the full benefits of decentralization and “censorship resistance” on the largest blockchain network by total value locked (TVL). 

According to DefiLlama data, Ethereum hosts $70.16 billion in TVL, of which $53.17 billion is handled by a dozen Layer 2 scaling solutions (rollups), including Arbitrum, Base, Blast, Scroll, ZKsync Era, Starknet, Linea, Polygon zkEVM, World Chain, and others. Buterin also proposed easing asset transfers among these networks, noting that it would enhance user experience. 

Better Web3 Wallet Security and Privacy

In a December 3 blog post titled “What I would love to see in a wallet,” Buterin said that an ideal Web3 wallet should protect users against hacks and malicious attacks, as well as from their own mistakes, such as using poorly designed smart wallets or trading on centralized platforms, where a third party is responsible for the security of user assets. 

“My preferred solution to this, for over ten years, has been social recovery and multisig wallets, with graded access control. A user's account has two layers of keys: a primary key, and N guardians (eg. N = 5).” The post read.  

According to the post, the primary key could handle low-value and non-financial operations, while a majority of guardians would be needed to sign off on high-value transactions like transferring the entire balance in the account. Alternatively, a private key can handle these transactions with a timelock, which reduces counterparty risk by creating a time-based escrow. 

The Ethereum co-founder noted that various user groups could serve as guardians, including friends and family for experienced crypto users, institutions for high-value clients, and personal devices like phones, desktops, or hardware wallets. However, Buterin cautioned that hardware devices may be susceptible to theft if they are stored in the same location.

Commenting on privacy, Buterin urged Web3 developers to integrate private transfers directly into wallets, arguing that the need to download a separate privacy wallet, such as Railway (or Umbra for stealth addresses), inconvenienced users and hindered the adoption of private transactions. 

“A wallet could store some portion of a user's assets as a "private balance" in a privacy pool. When a user makes a transfer, it would automatically withdraw from the privacy pool first. If a user needs to receive funds, the wallet could automatically generate a stealth address.” Buterin proposed. 

Per the Ethereum co-founder, a wallet could also generate a new address for each decentralized application a user interacts with, channeling deposits and withdrawals via the privacy pool. “This allows a user's activity in any one application to be unlinked from their activity in other applications,” Buterin added. 

In addition to enhancing security and privacy in Ethereum-based Web3 wallets, Buterin wants developers to bolster the user experience of cross-L2 transactions. 

Vitalik’s Vision for Cross-L2 Transfers  for Eth Wallets

Referencing a short-term part of a detailed roadmap for improving cross-L2 experience, Buterin proposed two ideas that he termed “theoretically implementable even today.” These included the introduction of built-in cross-L2 sends and chain-specific addresses and payment requests. 

“Your wallet should be able to give you an address that (following the style of this draft ERC) looks like this: 0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045@optimism.eth,” Buterin stated. “When someone (or some application) gives you an address of this format, you should be able to paste it into a wallet's "to" field, and click "send".” 

The Ethereum co-founder believes that this approach would allow Web3 wallets to automatically transfer coins directly across similar chains, use a protocol like ERC-7683 to facilitate cross-chain transfers, or leverage a decentralized exchange to enable seamless conversions into supported tokens before processing the send function.   

For decentralized applications that might require a deposit, Buterin advised developers to extend a Web3 API that allows the applications to make a chain-specific payment request, which the wallet should be able to meet in “whatever way it needs.” 

Buterin noted that the user experience could be improved if wallet providers carefully selected which chains to store users’ assets by default to improve security and ease of transactions. 


For businesses building Web3 wallets, incorporating these privacy and security features can set your product apart in the competitive blockchain industry. Learn more about how Web3 is incorporating security and privacy with Decentralized Data Storage

Share this article

Related Articles

Related Articles

Related Articles