Vitalik donated 256 ETH to 2 chat apps you've never heard of, what exactly is he betting on?

Written by: David, Deep Tide TechFlow

The most direct way to support something you truly believe in is to give it money.

On November 26, Vitalik Buterin donated 128 ETH each to two privacy communication applications, Session and SimpleX, totaling approximately $760,000.

He wrote in a tweet: Encrypted communication is crucial for protecting digital privacy, and the next key step is to achieve permissionless account creation and metadata privacy.

760,000 USD is not a small amount, but what is even more intriguing are these two money-receiving applications.

Session and SimpleX have almost no recognition outside the crypto community. Why did Vitalik choose to invest in them instead of more established privacy communication tools?

The donation amount itself is also quite interesting.

128 is not a convenient number for humans, but in binary, it is 2 raised to the power of 7. Some community members interpret this as a statement from Vitalik, indicating that this is a structural privacy investment, not just a casual tip.

Just one day before the donation, the EU Council reached an agreement on the “Chat Control” proposal. This proposal requires communication platforms to scan users' private messages, which privacy advocates view as a direct threat to end-to-end encryption.

Vitalik chose to make his donation public at this time, which makes his stance quite clear: he believes that the existing privacy communication solutions are insufficient and that more radical alternatives need support.

The market also seems to understand this signal. The token SESH of Session surged from less than $0.04 to around $0.40 after the news was announced, with an increase of over 450% in a week.

Let's quickly take a look at what these two applications are and why they are worth Vitalik's bet.

Session, using DePIN for privacy communication

Session is a decentralized end-to-end encrypted communication app that officially launched in 2020, and currently has nearly 1 million users.

It was originally developed by the Oxen Privacy Tech Foundation in Australia, and in 2024, due to tightening privacy legislation in Australia, the team relocated the operating entity to Switzerland and established the Session Technology Foundation.

The core selling point of this app is “no phone number required.”

During registration, the Session will generate a 66-character random string as your Session ID, and provide you with a set of mnemonic phrases for account recovery. There is no phone number binding, no email verification, and no information that can be linked to your real identity.

Technically, Session adopts an architecture similar to onion routing to ensure privacy.

Each message you send will be encrypted in three layers, passing through three randomly selected nodes in succession. Each node can only decrypt its own layer and cannot see the complete path of the message. This means that no single node can simultaneously know the sender and the receiver of the message.

These nodes are not servers operated by Session officially, but are from the community. Currently, there are over 1500 Session Nodes distributed across more than 50 countries, and anyone can run a node, provided they stake 25,000 SESH tokens.

In May 2025, Session completed an important upgrade, migrating from the previously relied Oxen network to its own Session Network. The new network is based on proof-of-stake consensus, where node operators participate in network maintenance by staking SESH and earn rewards.

In practical experience, the interface of Session is not much different from mainstream communication applications. It supports text, voice messages, image and file transfers, and also supports encrypted group chats of up to 100 people. Voice and video calls are currently still in the testing phase.

A noticeable drawback is the notification delay. Due to the messages needing to go through multiple hops for routing, sometimes the message arrival can be several seconds or even longer than centralized applications. Multi-device synchronization is also not smooth enough, which is a common issue in decentralized architectures.

SimpleX, an extreme privacy solution that doesn't even require an ID.

If Session's selling point is “no need for a phone number”, SimpleX is even more radical:

It doesn't even have a user ID.

Almost all communication applications on the market, no matter how much they emphasize privacy, will assign some kind of identifier to users. Telegram uses phone numbers, Signal uses phone numbers, and Session uses randomly generated Session IDs.

These identifiers can leave traces even if not linked to real identities: if you chat with two people using the same account, in theory, those two people can confirm that they are communicating with the same person.

SimpleX's approach is to completely eliminate this identifier. Each time you establish a connection with a new contact, the system generates a pair of one-time message queue addresses. The address you use to chat with A is completely different from the address you use to chat with B, with no shared metadata.

Even if someone is monitoring both conversations at the same time, they cannot prove that they come from the same person.

Even if someone is monitoring both conversations at the same time, they cannot prove that they come from the same person.

The experience of registering for SimpleX is therefore unique. After opening the app, you only need to enter a display name, no phone number is required, no email is needed, and you don't even have to create a password. This profile is completely stored on your local device, and there is no account information of yours on SimpleX's servers.

The method of adding contacts is also different. You need to generate a one-time invitation link or QR code and send it to the other party. They can only establish a connection after clicking it. There is no “search username to add friends” feature because there are simply no usernames to search for.

In terms of technical architecture, SimpleX uses its own developed SimpleX Messaging Protocol. Messages are transmitted through relay servers, but these servers only temporarily store encrypted messages and do not keep any user records or communicate with each other. Once the message is delivered, it is deleted. The servers cannot see who you are or who you are chatting with.

This design is extreme, fully considering privacy protection.

By the way, this application has been open-sourced on GitHub, and here is more information.

SimpleX was founded by Evgeny Poberezkin in 2021 in London. In 2022, it secured seed funding in a pre-round led by Village Global, with Jack Dorsey publicly expressing his support for the project. The application is fully open-source and has passed a security audit by Trail of Bits.

In practice, SimpleX has a relatively simple interface that supports text, voice messages, images, files, and self-destructing messages. Group chat functionality is available, but because there is no centralized member list management, the experience for large groups is not as good as traditional applications. Voice calls are available, but there are still some stability issues with video calls.

A notable limitation is that without a unified user ID, if you change devices or lose local data, you need to reconnect with each contact. There is no such thing as “logging in to recover all chat history.”

This is also the price of extreme privacy design.

Comparison of 2 application business models: Token Incentives vs Deliberate De-financialization

Both applications are engaged in privacy communication, but their business model choices are completely different.

Session follows a typical Web3 approach, binding the interests of network participants together with tokens. SESH is the native token of the Session Network, with three main uses:

Running a node requires staking 25,000 SESH as collateral;

Node operators earn SESH rewards by providing message routing and storage services.

In the future, there will also be paid features such as Session Pro membership and Session Name Service settled with SESH.

The logic of this model is that node operators have economic incentives to maintain network stability, the staking mechanism increases the cost of malicious behavior, and the circulation of tokens provides a sustainable source of funding for the project. Currently, the circulation of SESH is approximately 79 million, with a maximum supply of 240 million, and more than 62 million SESH are locked in the Staking Reward Pool as reserves for node rewards.

After Vitalik's donation, SESH surged from less than $0.04 to over $0.20 in a few hours, with its market cap temporarily exceeding $16 million. This dramatic increase certainly has an element of riding the hype, but it also indicates that the market is pricing in the narrative of “privacy infrastructure.”

The choice of SimpleX is completely the opposite. Founder Evgeny Poberezkin has explicitly stated that he will not issue tradable tokens because he believes that the speculative nature of tokens would divert the project from its original intent.

SimpleX's current funding sources are VC financing and user donations. The seed pre-round financing in 2022 was approximately $370,000, and user donations have totaled over $25,000. The team plans to launch Community Vouchers in 2026 to achieve sustainable operations.

Community Vouchers are a type of restricted utility token, which can be understood as prepaid server usage vouchers. Users purchase Vouchers to pay for the server costs of their community, and the funds are distributed to the server operators and the SimpleX network. The key distinction is that these Vouchers are not tradable, have no pre-mining, no public sale, and the price is fixed at the time of purchase.

It seems that SimpleX has deliberately blocked the possibility of financial speculation.

Both routes have their pros and cons. The token model of Session can quickly attract the attention of node operators and capital, but it also exposes the project to price fluctuations and regulatory risks. SimpleX's de-financialization design maintains the project's purity, but funding sources are limited, which may slow the pace of expansion.

This is not just a divergence in business strategy, but also reflects different understandings of “how privacy should be funded.”

Common challenges of privacy communication

Vitalik did not only say good things in the donation tweet. He explicitly pointed out:

Both of these applications are not perfect, and there is still a long way to go to achieve a true user experience and security. The several challenges he mentioned are actually structural issues in the entire privacy communication sector.

The first cost is the decentralization itself. Centralized applications have fast, stable, and smooth messaging experiences because all data goes through the same set of servers, allowing for significant optimization. Once it moves towards decentralization, messages have to jump between multiple independent nodes, and latency becomes inevitable.

The second is multi-device synchronization. With Telegram or WhatsApp, if you log in to your account on a different phone, your chat history comes back. However, under a decentralized architecture, there is no central server to store your data, and multi-device synchronization relies on an end-to-end key synchronization mechanism, which is much more complex to implement.

The third is Sybil attack and DoS protection. Centralized platforms use mobile phone registration, which naturally creates a barrier to filter out spam accounts and malicious attacks. If the mobile phone binding is removed, how can we prevent someone from creating fake accounts in bulk to harass users or attack the network?

To achieve decentralization, some experience must be sacrificed; for permissionless registration, alternative methods to prevent abuse must be found; for multi-device synchronization, a trade-off between privacy and convenience must be made.

Vitalik chose to fund these two projects at this time, in some way indicating that these issues are worth addressing, and that solving them requires funding and attention.

For ordinary users, switching to Session or SimpleX might still be too early, as there are indeed shortcomings in the experience. However, if you care about your digital privacy, it is at least worth downloading to try it out and understand to what extent “true privacy” can be achieved.

After all, when Vitalik is willing to put his real money on the line for something, it is highly likely that this matter is not just a geek's self-indulgence.