Vitalik's 256 ETH Bold Gamble: Privacy Communication Needs More Radical Solutions

Original author: David, Deep Tide TechFlow

 

When you truly support something, the most direct way is to give it money.

On November 26, Vitalik Buterin donated 128 ETH each to two privacy messaging apps, Session and SimpleX, with a total value of about $760,000.

He wrote in a tweet: Encrypted messaging is crucial for protecting digital privacy. The next key step is to achieve permissionless account creation and metadata privacy.

$760,000 is not a small amount, but what’s even more intriguing are these two recipient apps.

Session and SimpleX are almost unknown outside the crypto community. Why did Vitalik choose to invest in them instead of more mature privacy messaging tools?

The donation amount itself is also interesting.

128 is not a convenient number for humans, but in binary it is 2 to the 7th power. Some community members interpret this as a statement from Vitalik, that this is a structural privacy investment, not just a casual tip.

Just one day before the donation, the Council of the European Union reached an agreement on the "Chat Control" proposal. This proposal requires messaging platforms to scan users’ private messages, which privacy advocates see as a direct threat to end-to-end encryption.

Vitalik chose to make the donation public at this time, making his stance clear: he believes that existing privacy messaging solutions are not enough and that more radical alternatives need support.

The market seems to have picked up on this signal as well. Session’s token SESH surged from less than $0.04 to around $0.40 after the news was announced, with a weekly increase of over 450%.

Let’s take a quick look at what these two apps are and why they are worth Vitalik’s bet.

Session: Using DePIN for Private Messaging

Session is a decentralized end-to-end encrypted messaging app that officially launched in 2020 and currently has nearly 1 million users.

It was originally developed by the Australian Oxen Privacy Tech Foundation. In 2024, due to tightened privacy legislation in Australia, the team moved its operations to Switzerland and established the Session Technology Foundation.

The core selling point of this app is “no phone number required.”

When registering, Session generates a 66-character random string as your Session ID and gives you a set of mnemonic words for account recovery. There is no phone number binding, no email verification, and no information that can be linked to your real identity.

Technically, Session uses an onion-routing-like architecture to ensure privacy.

Every message you send is encrypted in three layers and passes through three randomly selected nodes in sequence. Each node can only decrypt its own layer and cannot see the full path of the message. This means that no single node can know both the sender and receiver of a message at the same time.

These nodes are not servers operated by Session’s official team but come from the community. Currently, there are more than 1,500 Session Nodes distributed across over 50 countries worldwide. Anyone can run a node, provided they stake 25,000 SESH tokens.

In May 2025, Session completed a major upgrade, migrating from the original Oxen network to its own Session Network. The new network is based on proof-of-stake consensus, where node operators participate in network maintenance and receive rewards by staking SESH.

In terms of user experience, Session’s interface is not much different from mainstream messaging apps. It supports text, voice messages, images, and file transfers, as well as encrypted group chats with up to 100 people. Voice and video calls are still in the testing phase.

A clear drawback is notification delay. Because messages have to go through multiple hops, sometimes messages arrive a few seconds or even longer later than in centralized apps. Multi-device synchronization is also not very smooth, which is a common issue with decentralized architectures.

SimpleX: Extreme Privacy Without Even an ID

If Session’s selling point is “no phone number required,” SimpleX is even more radical:

It doesn’t even have user IDs.

Almost all messaging apps on the market, no matter how much they emphasize privacy, assign some kind of identifier to users. Telegram uses phone numbers, Signal uses phone numbers, Session uses randomly generated Session IDs.

Even if these identifiers are not linked to real identities, they still leave traces: if you chat with two people using the same account, those two people can theoretically confirm they are talking to the same person.

SimpleX’s approach is to completely eliminate this identifier. Every time you establish a connection with a new contact, the system generates a pair of one-time message queue addresses. The address you use to chat with A is completely different from the one you use to chat with B, with no shared metadata.

Even if someone monitors both conversations at the same time, they cannot prove they come from the same person.

Even if someone monitors both conversations at the same time, they cannot prove they come from the same person.

The registration experience for SimpleX is therefore unique. After opening the app, you only need to enter a display name—no phone number, no email, not even a password. This profile is stored entirely on your local device, and SimpleX’s servers have none of your account information.

The way to add contacts is also different. You need to generate a one-time invitation link or QR code and send it to the other party, who can only establish a connection by clicking it. There is no “search username to add friends” function, because there are no usernames to search for.

In terms of technical architecture, SimpleX uses its self-developed SimpleX Messaging Protocol. Messages are relayed through servers, but these servers only temporarily store encrypted messages, do not keep any user records, and do not communicate with each other. Messages are deleted after delivery. Servers cannot see who you are or who you are chatting with.

This design is very extreme, entirely focused on privacy protection.

By the way, the app is open source on Github, with more information available there.

SimpleX was founded by Evgeny Poberezkin in London in 2021. In 2022, it received pre-seed funding led by Village Global, and Jack Dorsey has publicly expressed support for the project. The app is now fully open source and has passed a security audit by Trail of Bits.

In terms of user experience, SimpleX’s interface is relatively simple. It supports text, voice messages, images, files, and self-destructing messages. Group chat functionality exists, but because there is no centralized member list management, the experience in large groups is not as good as traditional apps. Voice calls are available, but video calls still have some stability issues.

A notable limitation is: because there is no unified user ID, if you change devices or lose local data, you need to reconnect with each contact. There is no “log in to recover all chat records.”

This is also the price of extreme privacy design.

Comparison of Business Models: Token Incentives vs. Deliberate De-Financialization

Both apps are working on private messaging, but their business model choices are completely different.

Session follows a typical Web3 route, using tokens to align the interests of network participants. SESH is the native token of the Session Network, with three main uses:

• Running a node requires staking 25,000 SESH as collateral;
• Node operators earn SESH rewards by providing message routing and storage services;
• In the future, paid features such as Session Pro membership and Session Name Service will be settled in SESH.

The logic of this model is: node operators have economic incentives to maintain network stability, the staking mechanism increases the cost of malicious behavior, and token circulation provides a sustainable source of funding for the project. Currently, SESH has a circulating supply of about 79 million, a maximum supply of 240 million, and more than 62 million SESH are locked in the Staking Reward Pool as node reward reserves.

After Vitalik’s donation, SESH rose from less than $0.04 to over $0.20 within a few hours, with a market cap briefly exceeding $16 million. This surge is certainly partly due to hype, but it also shows that the market is pricing the “privacy infrastructure” narrative.

SimpleX’s choice is completely the opposite. Founder Evgeny Poberezkin has made it clear that he will not issue a tradable token, as he believes the speculative nature of tokens would cause the project to deviate from its original purpose.

SimpleX’s current funding comes from VC investment and user donations. The pre-seed round in 2022 raised about $370,000, and user donations have totaled over $25,000. The team plans to launch Community Vouchers in 2026 to achieve sustainable operations.

Community Vouchers are a type of restricted utility token, which can be understood as prepaid server usage coupons. Users purchase Vouchers to pay for the server costs of their communities, and the funds are distributed to server operators and the SimpleX network. The key difference is: these Vouchers are non-tradable, have no pre-mining, no public sale, and a fixed purchase price.

It seems that SimpleX has deliberately blocked any possibility of financial speculation.

Both approaches have their pros and cons. Session’s token model can quickly attract node operators and capital attention, but also exposes the project to token price volatility and regulatory risks. SimpleX’s de-financialized design maintains the project’s purity, but with limited funding sources, expansion will be slower.

This is not just a difference in business strategy, but also reflects different understandings of “how privacy should be funded.”

Common Challenges for Private Messaging

Vitalik did not only say good things in his donation tweet. He made it clear:

Neither of these apps is perfect. There is still a long way to go to achieve true user experience and security. The challenges he mentioned are actually structural issues for the entire private messaging sector.

The first is the cost of decentralization itself. Centralized apps deliver messages quickly, stably, and smoothly because all data passes through the same set of servers, allowing for extensive optimization. Once you go decentralized, messages have to hop between multiple independent nodes, and delays become inevitable.

The second is multi-device synchronization. With Telegram or WhatsApp, you log in on a new phone and your chat history is restored. But in a decentralized architecture, there is no central server storing your data. Multi-device synchronization relies on end-to-end key synchronization mechanisms, which are much more technically complex.

The third is Sybil attacks and DoS protection. Centralized platforms use phone number registration, which naturally creates a barrier to filter out spam accounts and malicious attacks. If you remove phone number binding, how do you prevent people from mass-creating fake accounts to harass users or attack the network?

If you want decentralization, you have to sacrifice some user experience; if you want permissionless registration, you need to find other ways to prevent abuse; if you want multi-device sync, you have to make trade-offs between privacy and convenience.

Vitalik’s decision to fund these two projects at this time is, to some extent, a statement: these problems are worth solving, and solving them requires funding and attention.

For ordinary users, it may still be too early to switch to Session or SimpleX now, as there are indeed shortcomings in user experience. But if you care about your digital privacy, it’s at least worth downloading and trying them out to see how far “real privacy” can go.

After all, when Vitalik is willing to put real money into something, it’s probably not just a geek’s self-indulgence.