The Ethereum Foundation announced the full implementation of the 128-bit security standard in 2026, aligning with regulations and attracting institutional funds. (Previous summary: Synthetix returns to the Ethereum mainnet after three years: all DEXs will come back) (Background information: Vitalik Buterin: “Simplifying” the Ethereum protocol so that everyone can understand it! This is essential for promoting decentralization.)

Table of Contents

• Three-stage milestones and technical specifications
  • Milestone 1: Integration of soundcalc
  • Milestone Two: Glamsterdam
  • Milestone Three: H-star
• Regulatory incentives drive institutional layout

The Ethereum Foundation recently announced that in 2026, it will shift the priority of the mainnet and zkEVM development from “speed” to “security,” with the goal of completing the 128-bit provable security standard (128-bit provable security) by the end of the year.

The foundation admits that the current zkEVM still relies on unverified mathematical assumptions, posing risks such as forged transactions, state tampering, and minting out of thin air. To reduce the attack surface, a unified security audit will be launched in early 2026; by mid-year, it is expected to control the proof size to 300 KB through the WHIR protocol, aiming to reach the 100-bit threshold first; ultimately combining the May Glamsterdam upgrade and the year-end Hegota upgrade to fully achieve the 128-bit standard.

Three-Stage Milestones and Technical Specifications

Milestone One: soundcalc Integration

Deadline: End of February 2026

To consistently measure security, we have developed soundcalc: a tool for estimating the security of zkVM based on the latest cryptographic security boundaries and the parameters of the proof system. This is a “continuously evolving” tool, and we will keep integrating the latest research findings and known attacks.

Before this deadline, participating zkEVM teams need to fully integrate their proof system components and all circuits into soundcalc. This will establish a common benchmark for subsequent security assessments.

Milestone Two: Glamsterdam

Deadline: End of May 2026

• Proven security reaches 100-bit (estimated by soundcalc)

• Final proof size ≤ 600 KiB

• Provide a concise description of the recursive structure and a conceptual explanation of its soundness.

Milestone Three: H-star

Deadline: End of 2026

• Proven security reached 128-bit (estimated by soundcalc)

• Final proof size ≤ 300 KiB

• Provide a formal security proof for the soundness of the recursive architecture

Regulatory dividends drive institutional layout

In the short term, the developer community will inevitably invest more resources into proving security, and the pace of expansion may slow down. However, high-value applications and institutional funds prioritize risk management, and the 128-bit threshold is expected to become a stepping stone for L1/L2 ecosystems to attract large capital. The EF emphasized in a statement:

“The only way to attract high-value applications is through attack resistance.”

Ethereum is laying the groundwork for the global digital financial infrastructure of the next decade. After all, speed can attract the spotlight, but impeccable security is the guarantee of long-term trust.