In brief
- Stealth addresses provide more privacy for transactions on Ethereum.
- The system offers a method of privacy similar to generating a new address for each transaction but without the hassle of manually creating those addresses each time.
- A stealth address can be thought of as a wallet address that is cryptographically tied to the recipient's public address, but that is only revealed to the parties transacting.
Stealth addresses provide privacy for transactions on Ethereum. While it’s impossible to completely hide a blockchain transaction, stealth addresses can, at the very least, conceal the recipient's identity. And in doing so, offer an added layer of protection for anyone who doesn't want the transaction data overtly tied to them.
On a distributed ledger (a public record of transactions), anyone can view details of a transaction such as the date, the amount, and the wallets or the entities involved. They can search the specific transaction ID or hash on a block explorer, such as etherscan for Ethereum or Blockstream for Bitcoin.
That said, attempts to enhance privacy in the Ethereum ecosystem aren't without challenges both from a regulatory and technical standpoint. Case in point: the obstacles with Tornado Cash in 2019 (OFAC sanctions aside). Ethereum co-founder Vitalik Buterin noted that the virtual currency mixer is only able to hide ETH or major ERC-20s tokens. This leaves a gap for other widely-used assets native to the Ethereum protocol such as POAPs, NFTs, and ENS names. Hence the reason for stealth addresses.
Proposed by Buterin in a recent blog post, a "stealth address system" would offer enhanced privacy protections for users, regardless of how small the transaction size or the asset in question.
How do stealth addresses work?
Paraphrasing Buterin, this is how stealth addresses work:
Either the recipient (let’s call them “Bob”) or the sender (“Alice”) can generate a stealth address for the transaction. However, only the recipient, Bob, can control the transaction. Another way to think of a stealth address is as a wallet address that is cryptographically tied to Bob’s public address, but that is only revealed to the parties transacting.
To conceal their identity, Bob first needs to generate a secret “spending key,” which is then used to create a stealth "meta-address." The meta-address is then shared with the sender (Alice), who performs a computation to generate a stealth address that belongs to Bob.
Alice can then send any assets she wants to Bob. When Alice sends assets to the stealth address, she also publishes some extra cryptographic data on-chain (called an ephemeral pubkey) that helps Bob find the assets. Bob scans the chain for this cryptographic data; if he finds any, he uses his spending key to claim the assets.
Overall, this system offers a method of privacy similar to that of generating a new address for each transaction, but without the hassle of manually create those addresses each time. Along with sharing the meta-address with Alice, Bob can register it on ENS (Ethereum Name Service) as the stealth meta-address for something like bob.eth. In that scenario, and assuming Alice knows Bob owns bob.eth, Alice can then look up his stealth meta-address on ENS.
Challenges and limitations with stealth addresses
While the idea is still fairly embryonic, Buterin stated that the technology would be fairly easy to implement. But there are still several issues to solve; most notably, gas fees. As a newly-generated stealth address would contain no ETH, the owner of said address wouldn't be able to send any assets from it (to pay for gas fees) without first transferring ETH from another address. But by doing so, the transaction data would reflect on-chain data, thus defeating the purpose of it being anonymous.
Another long-term solution that Buterin proposed would be to use Zero-Knowledge Proofs, despite also being somewhat costly due to the extra gas required. Other potential pathways would be to use specialized transaction aggregators—something where users can pay for multiple transactions at once and then spend these prepaid transactions whenever necessary.
In his closing thoughts, Buterin stated that supporting stealth addresses would also require significant changes to the functionality of Ethereum-based wallets, and suggests that wallet developers should start working towards a multi-address model that is able to properly encrypt and decrypt transaction data along with create a new address for each application or new addresses for privacy-related reasons as well.
And while not perfect, stealth addresses are another tool to help increase the overall privacy in the Ethereum network and thus solve one of the bigger remaining challenges for the ecosystem to scale.