Buterin’s Private AI System Shows New Approach to Crypto Security – Here Is What to Know

• Vitalik Buterin built a fully local AI setup focused on privacy, avoiding reliance on cloud-based systems
• His system restricts AI actions, requiring human approval for messages and crypto transactions
• The approach reflects his broader security philosophy, aiming to prevent risks from malicious or overpowered AI

Vitalik Buterin is taking a pretty different approach to AI than most people right now… quieter, more controlled, and definitely more private. In a recent blog post, the Ethereum co-founder walked through his personal AI setup, describing it as fully local, tightly secured, and designed with one core idea in mind — don’t trust anything blindly, not even your own AI.

Instead of relying on cloud-based systems, Buterin runs everything on his own hardware. No external dependencies unless absolutely necessary. And more importantly, his AI isn’t allowed to act freely. It can read, analyze, assist… but when it comes to sending messages or moving funds, it stops. A human still has to approve it. As he put it, “the new two-factor authentication is the human and the LLM.” Simple idea, but actually pretty powerful.

A Fully Local, High-Performance Setup

On the technical side, his setup is surprisingly practical, not overly complicated. Buterin runs an open-source model — Qwen3.5 with 35 billion parameters — locally through a llama-server environment. After testing a few options, he settled on a laptop powered by an Nvidia 5090 GPU, which can process around 90 tokens per second.

That’s fast enough to feel responsive, which matters more than people think. If AI feels slow, you stop using it. But here, it’s usable… smooth enough for daily interaction, without needing to send data anywhere else.

He’s also gone a step further by storing a full offline dump of Wikipedia and technical docs directly on his machine. That way, the AI doesn’t need to constantly query external search engines — which he considers a privacy risk. It’s a bit old-school in a way, but very intentional.

AI With Limits, Not Full Control

Where things get really interesting is how he connects AI to his crypto and communication tools. Buterin built (and open-sourced) a messaging system that lets his AI read incoming Signal messages and emails freely. So it stays informed, can summarize, assist, all of that.

But outbound actions? That’s locked down. The AI can’t send messages to anyone else unless a human manually approves it first. No exceptions.

He’s applying the same logic to crypto. Any AI-connected wallet system, he suggests, should have strict limits — small automated transactions capped at around $100 per day, and anything beyond that requiring human confirmation. It’s not about stopping automation entirely, just… keeping it on a leash.

Extending Crypto Security Principles to AI

If this sounds familiar, it’s because it mirrors how Buterin already handles his crypto. He keeps around 90% of his funds in a multisig wallet, where control is distributed across multiple trusted parties. No single point of failure, no single person with full access.

Now he’s extending that same philosophy to AI. Decentralize control. Add friction where it matters. Assume something could go wrong, and design around it.

And honestly, there’s a reason for that mindset.

A Growing Concern Around AI Risks

At the start of his post, Buterin pointed to research showing that a noticeable portion of AI tools — around 15% in one fast-growing repository — contained malicious or hidden behaviors. Some were even quietly extracting user data without any clear warning.

That’s the part that worries him most. Not just obvious risks, but subtle ones… the kind you don’t notice until it’s too late.

He’s been vocal about this before, but here it feels more personal. The concern is that while encryption and local-first software have improved privacy over the years, AI could undo that progress if people start feeding everything into centralized systems without thinking twice.

A Different Direction for AI

So this setup isn’t just about convenience — it’s more like a statement. Buterin is showing that you can use powerful AI tools without giving up control, without handing over your data, and without letting automation run unchecked.

It’s not the easiest path, maybe not the most scalable either. But it’s deliberate. Careful.

And in a space moving as fast as AI, that kind of caution might end up being… necessary.

Disclaimer: BlockNews provides independent reporting on crypto, blockchain, and digital finance. All content is for informational purposes only and does not constitute financial advice. Readers should do their own research before making investment decisions. Some articles may use AI tools to assist in drafting, but every piece is reviewed and edited by our editorial team of experienced crypto writers and analysts before publication.