Vitalik Buterin Warns AI Tools Could Become Major Privacy Threat

Vitalik Buterin has outlined a local-first artificial intelligence setup, arguing that current AI tools create high privacy and security risks. His approach centers on lowering the demand on cloud-based systems while limiting exposure to external data access.

He described a shift in AI usage from simple chat-based interactions to autonomous agents capable of executing complex tasks. At the same time, he raised concerns that this evolution increases the likelihood of sensitive data exposure, system manipulation, and unauthorized actions.

Vitalik Buterin Highlights AI Privacy and Security Risks

Vitalik Buterin stated in a blog post that many AI tools rely on remote infrastructure that can access private user data. He identified risks associated with both LLMs and external services, including data leaks and unauthorized use of data. He also warned about jailbreak attacks, in which external inputs manipulate models into acting against the user’s interests.

Security researchers have already shown such vulnerabilities. In one case, an AI agent processed a malicious webpage that led to the execution of a shell script. That action allowed external control of the system. Additional findings showed that some tools enabled silent data exfiltration through hidden network requests. According to the cited research, roughly 15% of observed agent skills contained malicious instructions. 

He also pointed to growing concerns around hidden vulnerabilities in models. These features could be enabled by specific conditions and operate in the creator’s interest. He noted that most open-source algorithms are not fully open-source, which increases doubts about their internal behavior.

Local AI Systems Form the Core of Vitalik Buterin Strategy

Vitalik Buterin proposed a local-first system to address these risks. The configuration centers around on-device inference, local storage, and strict process sandboxing.

He experimented with various hardware configurations for local use. These included a laptop equipped with an NVIDIA 5090 graphics card, an AMD Ryzen AI Max Pro platform with 128 GB of unified memory, and DGX Spark hardware. The 5090 system showed approximately 90 tokens per second with the 35B model and Qwen3.5. The AMD system achieved approximately 51 tokens/sec, and DGX Spark achieved approximately 60 tokens/sec.

He observed that lower performance, below 50 tokens per second, decreases usability. According to these findings, he preferred high-performance laptops to special hardware configurations. He also highlighted software tools such as llama-server and llama-swap for local inference management. 

AI Agents and Crypto Adoption Trends Intersect

At the same time, the development of AI agents is accelerating. These systems can execute tasks over extended periods using multiple tools. OpenClaw, identified as a growing repository, has contributed to this shift toward autonomous agents.

However, this growth coincides with increasing security concerns. Some agents can modify system settings without user confirmation. Others can introduce new communication channels or alter system prompts. These capabilities expand potential attack vectors.

Despite these risks, AI agents may influence crypto adoption. Industry estimates indicate that the AI agents market could grow from about $8 billion in 2025 to over $48 billion by 2030. This represents an annual growth rate of more than 43%.