Ethereum has spent years preaching self-custody while quietly allowing a different reality to become normal. For most users, wallets still feel like the gateway to a trustless network, yet much of the day-to-day experience depends on centralized infrastructure doing the heavy lifting behind the scenes. That gap is now being called out directly, with 2026 positioned as the turning point where wallets stop asking users to “trust” and start proving what they show.

The argument is simple but uncomfortable: the base layer remained designed for neutrality, but the defaults drifted toward convenience. Wallets outsourced verification, decentralized apps ballooned into server-heavy stacks, and block building became concentrated among a small group of sophisticated actors. The protocol held up, but the user experience began to resemble the same internet it was supposed to improve.

The hidden dependency: RPC providers run the experience

Most Ethereum wallets rely on remote procedure call providers for critical information, including balances, transaction status, and smart contract state. That makes the wallet feel fast and lightweight, but it also introduces a quiet trust assumption: if the endpoint lies, filters data, or goes down, the user loses clarity and control at the worst time.

This is not about blaming any single provider. It is about acknowledging a structural issue. If millions of users share the same handful of data pipes, the network remains decentralized in theory, while access becomes dependent on centralized chokepoints in practice.

Helios turns untrusted data into verified wallet answers

One fix gaining real momentum is a verified-RPC approach built on light client tech. Helios, a light client developed by a16z crypto, is designed to take responses from an untrusted RPC and convert them into locally verifiable results. It syncs in roughly 2 seconds, runs a local JSON-RPC server, and supports Ethereum plus OP Stack networks like Optimism and Base.

The trade-off is honesty. Helios still relies on weak subjectivity checkpoints for bootstrapping and may lean on upstream execution endpoints for certain data paths, meaning it reduces trust rather than eliminating it completely. Even so, the shift is meaningful because it changes the default posture from blind trust to local verification, which is a huge difference in real-world wallet safety.

Privacy is not just about private payments anymore

Private transfers do not mean much if every balance check and every app interaction leaks metadata. Ethereum’s privacy roadmap increasingly focuses on “private reads,” where users can query the network without revealing what they are looking at. This is where Private Information Retrieval (PIR) and Oblivious RAM (ORAM) come in, aiming to hide access patterns from infrastructure providers that can otherwise monetize them.

The work is not being sold as finished. The current language frames PIR and ORAM as research and early engineering, with serious trade-offs around computation and bandwidth that still need to be solved before it becomes mainstream. Still, the direction is clear: privacy has to cover the entire user journey, not just the payment screen.

Censorship resistance gets a structural upgrade with FOCIL

Another pressure point is transaction inclusion as builder centralization has made censorship resistance feel more like a social promise than a guarantee, because a small set of builders dominates block production. Fork-choice-enforced inclusion lists, known as FOCIL and formalized as EIP-7805, attempt to restore enforceable inclusion by requiring builders to include specific batches of transactions or face penalties at the consensus level.

This matters more as private transaction flows and account abstraction grow, since those flows can be easier to censor if inclusion remains reliant on builder cooperation rather than protocol structure.

Running a node should feel normal again

Ethereum’s state growth has made node operation harder and more expensive over time, pushing more users and apps toward third-party reliance. Block-level access lists, tracked as EIP-7928, are part of the effort to make syncing faster and execution more parallelizable by recording what state was touched in a block, enabling more efficient validation and updates.

It is not glamorous work, but it is the kind of “plumbing” that tends to decide whether a network remains open to everyday participants or becomes a system run by specialists.

The delivery layer: a wallet blueprint built for adoption

A major reason this narrative feels different is that it includes an explicit delivery vehicle. Kohaku is presented as a set of primitives and an SDK meant to help wallets adopt stronger privacy and security defaults, plus a power-user reference wallet that demonstrates how those features work in practice. The roadmap includes running Helios in a browser extension, private send and receive flows, IP leakage reduction, and longer-term movement toward native account abstraction.

Kohaku is not pitched as a mainstream consumer product. It is meant to make the trust-minimized path easy to ship, so other wallets can copy the parts that matter and gradually raise the baseline for the entire ecosystem.

Conclusion

Ethereum’s 2026 wallet push is not a marketing refresh, and it is not a new token narrative dressed up as innovation. It is closer to a course correction, aimed at making self-custody feel real again for normal users who just want their wallet to be accurate, private, and dependable. If verified RPC becomes standard, private reads mature beyond prototypes, and censorship resistance moves from etiquette to enforcement, Ethereum’s “trustless” promise starts showing up where it matters most: on the screen in a user’s hand.

Frequently Asked Questions

What is a “trust me” wallet?
It is a wallet that appears self-custodial but still depends on centralized services, especially RPC providers, for key information.

How does Helios change wallet security?
It verifies cryptographic proofs locally so the wallet can trust its own verification, not a remote server’s word.

Is Ethereum privacy solved in 2026?
No. The roadmap shows real progress, but PIR and ORAM are still early and come with major engineering challenges.

What is FOCIL trying to prevent?
It aims to reduce censorship risk by enforcing transaction inclusion structurally, even if block building stays concentrated.

Why should node improvements matter to regular users?
Cheaper, faster nodes reduce reliance on centralized infrastructure and make the network harder to control through chokepoints.

Glossary of Key Terms

RPC (Remote Procedure Call)
A service wallets use to query blockchain data like balances, transaction status, and smart contract state.

Light Client
A lightweight verifier that checks chain data without downloading the entire blockchain.

Helios
A light client that helps wallets verify RPC data locally, reducing blind trust in remote providers.

PIR (Private Information Retrieval)
A cryptographic method that lets users request data from a server without revealing which data was requested.

ORAM (Oblivious RAM)
A technique that hides access patterns, helping prevent metadata leakage during read operations.

FOCIL (Fork-Choice-Enforced Inclusion Lists)
A proposed mechanism to enforce transaction inclusion and strengthen censorship resistance at the protocol level.