Editor's Note: On April 20, at the highly anticipated opening ceremony of the 2026 Hong Kong Web3 Carnival, Ethereum co-founder Vitalik Buterin delivered a keynote speech, deeply analyzing Ethereum's ultimate vision as the "world computer" and its core roadmap for the next five years. Below is the full text of the speech:
Good morning everyone! Where is the Ethereum protocol heading? I think that over the past few years, we have seen many significant changes in both theoretical and ecosystem areas. At the same time, we have also witnessed many transformations outside the Ethereum ecosystem, including the infinite possibilities brought by artificial intelligence, the potential imminent realization of quantum computing, and advancements in fields such as formal verification, cryptography, and zero-knowledge proofs.
I believe one of the important things we have been doing is rethinking what truly matters: What is the purpose of using Ethereum? Why Ethereum? What are its characteristics? What makes a decentralized network need to possess these features?
For example, how can we integrate these new technologies into the Ethereum protocol we previously wrote and the plans for the next five years? What exactly is the purpose of Ethereum? I think it has two main functions:
First, Ethereum is like a public bulletin board. It is a place where applications can post messages, and everyone can see the content and order of the messages. These messages can be anything—transactions, hashes, encrypted data, and many other things. In fact, there are many opportunities for applications to use Ethereum as a place to publish data while leveraging other types of protocols to interpret this data (i.e., decrypt the data and perform computations on it).
Second is computation. Basically, Ethereum allows you to have shared digital objects controlled by code. These digital objects can be many things—they can be assets, ERC-20 tokens, NFTs, whose meaning extends beyond the theoretical level (ENS is an example), and can even refer to control over organizations (DAOs are an example). You can do many things, so both are extremely valuable. For decentralized applications, Ethereum ensures autonomous security, verifiability, fair participation, and gathers all users.
"Self-sovereignty" basically means that as a user, you can participate, verify, and ensure your own security entirely based on your own infrastructure. You do not need to trust any third party to run Ethereum, and if you don't want to, you don't need to trust any third party outside of Ethereum either.
Therefore, verifiability and the ability to verify ensure that the chain operates correctly and that everything that happens is as it should be, while also ensuring everyone's rights and the actual right to publish information to the bulletin board. So this is the core; we should view Ethereum as a technical module and consider all the applications that this technical foundation can support. The most interesting applications will be a combination of on-chain and off-chain components. This includes ENS, prediction markets, etc. Prediction markets have on-chain components (i.e., assets created for each event, the ability to trade these assets) and off-chain components (one of which is the oracle). Sometimes the design of prediction markets or the matching of trading orders happens on-chain, and there are also aspects involving privacy.
For example, people have been researching cryptographic protocols for decades to simplify or enable secure electronic voting. Many such protocols typically rely on a public bulletin board where people can publish information. In this case, they are encrypted ballots, a method that ensures everyone can participate. Anything related to privacy must include an on-chain part (for publishing data) and an off-chain part (for interpreting the data).
If it interprets the data, it must be done off-chain through a private protocol. So, we talk a lot about L2 (Layer 2). In my view, to determine which type of L2 makes sense, we must first understand which type does not: if you just replicate Ethereum, scale it up 100 times, make it more centralized, and that's it, it's meaningless. I think the L2s that truly make sense are those where you start examining various applications and ask what off-chain components they need? What parts do they need besides L1? Then you go and build those things.
What does this mean for Ethereum? We need to scale data; we need the ability to publish more data on-chain. The recent hard fork last year, which introduced PeerDAS, already includes this, but we still need to push further. Scaling computational power is also important because, as part of the Ethereum chain, computational scaling can help different applications combine and communicate with each other without intermediaries.
If you visit the roadmap website (roadmap.org), you can find a roadmap designed for the next five years. The core short-term goals of the protocol are: first, short-term scaling, continuing to actively increase the Gas limit; second, starting the rollout of zkEVM. zkEVM allows Ethereum to expand further, perform more complex computations, while still making it easy to verify on-chain information. There is also early preparation for the post-quantum era. We have been thinking about quantum computing for years; we recognized early on that it is a risk, and we have some measures. Soon, in the short term, we will improve Ethereum's quantum resistance and refine the entire roadmap.
For example, eventually, all parts of Ethereum will be fully quantum-resistant and very efficient. We will also improve the block building process and enhance support for privacy. So, there are many EIP proposals for short-term scaling that will be applied in the next phase, such as the **Block Access List** enabling parallelization; Gas repricing improving efficiency and making Gas limit increases safer.
ePBS (Proposer-Builder Separation) makes it safer for Ethereum blocks to take longer to verify, and there are also improvements in nodes' ability to download state. There is also EIP-8141 (the account abstraction proposal), which is very simple and very powerful. Basically, a transaction is a series of calls, where one call might be verification and another might be execution. This enables Ethereum to easily provide native support for smart contract wallets, for paying for others' transactions, supporting quantum-resistant signature algorithms and privacy protocols.
So, this makes Ethereum more versatile, thereby supporting many functions. Quantum-resistant signature algorithms do exist; they have been around for 20 years, we know what they are, and we know how to build them. The problem is they are not efficient. A quantum-resistant signature takes up 2000-3000 bytes, while current signatures are only 64 bytes; it also costs 200,000 Gas on-chain, while now it only costs 3000 Gas. So there are two types of signatures we can use: one is hash-based, and the other is lattice-based signatures. The idea is to add vectorization, incorporate it into the EVM, basically applying the same logic that makes computers run AI. We are actively working to make signatures quantum-resistant and more efficient.
Scaling state storage, account balances, and smart contract execution is relatively easy, but scaling storage is more difficult; there is still a lot of work, and we must work on this. So, these are all the short-term and long-term plans, and this is the direction we truly want Ethereum to develop. Ethereum is not meant to compete with high-frequency trading platforms; Ethereum is not meant to be the fastest chain; Ethereum aims to be the secure chain, the decentralized chain, the chain that will always be online, the chain you can always rely on.
So, one goal is to maximize secure consensus. This means that if the network is secure, it can withstand 49% of nodes failing, and actually can even withstand almost all nodes going offline, thus possessing the same properties as Bitcoin. If the network has issues, you can still maintain 33% security certainty. This is the first part.
The second part is formal verification of everything. And we have started actively using artificial intelligence to generate code proofs, proving that the software version running Ethereum indeed has the properties it should. We have made progress that was impossible two years ago. AI is developing rapidly, so we are leveraging this, pursuing extreme simplicity, keeping the long-term protocol as simple as possible, and maximizing preparedness for the future.
Therefore, a network needs to pass the offline test. If a network needs to be used, you can rely on it even if there is no power outlet available. Because it's actually the same principle, and it's what Bitcoin pursues. If you want to be a long-term holder, you need to ensure the security of your digital assets long-term; you need to rely on something that can continuously ensure security, whose security does not depend on the continued existence of a team, nor on a team always working. Ethereum's consensus combines the advantages of two methods: Bitcoin's longest chain rule and the BFT (Byzantine Fault Tolerance) method. This is finality, combined with optimal security properties, quantum resistance, and fast finality.
Therefore, finality is achieved within one to three block slots, and the chain is expected to finalize in about 10-20 seconds, or even less. zkVM allows you to verify the chain without relying on large computers to run all operations yourself. Everyone should verify the chain; before you trust it, even your phone, IoT devices should verify the chain. And the zero-knowledge virtual machine zkVM is already fast enough to prove that real-time virtual machine execution is feasible. This year's goal is to make them secure enough, starting with a small proportion of the network using zkVM, then gradually increasing that proportion. By 2028, this will enable it to scale and handle more transactions without sacrificing decentralization.
What is the vision for these things? Ethereum is the world computer. It is both a globally shared layer for making commitments, publishing data, recording actions; it is a platform where data can be published, where it can be proven that data has been published, and also proven that data has not been published, and it is open for everyone to use; it is also a globally shared layer for guaranteeing the execution of high-value rules. Ethereum needs to have maximum robustness and be extremely easy to verify. I think that in the future, with AI, it will actually become easier, simpler than we imagine, to truly ensure software security.
If you want to ensure software security, but people are unwilling to ensure it, then software vulnerabilities will be 10 times more than before, and attacks will be 10 times more frequent. Therefore, Ethereum, as a blockchain, needs to ensure security first, and decentralization second. When these conditions are guaranteed, provide this security to users as much as possible. So, if you intend to build decentralized applications that ensure self-sovereignty, security, verifiability, and ensure user participation—this includes finance, decentralized social, identity, and partly financial, partly non-financial applications (including ENS, prediction markets, etc.), covering many things. Ethereum can make application development simple; by default, this is the core goal.
The roadmap for the next four years is designed precisely around this goal. Thank you!
