Vitalik Buterin, the co-founder of Ethereum, recently published an article discussing the addition of privacy to the Ethereum network through what is referred to as a Stealth Address. In his article, Buterin explains how a stealth address works and its potential to increase privacy for users on the Ethereum network. In this article, I explain how Stealth Addresses work in a basic manner using an example: Alice wants to send Bob 1.2 ETH.  

Why Are Stealth Addresses Needed?

The idea that public blockchains such as Ethereum and Bitcoin are private is a common misunderstanding; to be clear, public blockchains are not private. Public blockchains offer some form of privacy through pseudonymity in the form of wallet addresses. But you can think of the wallet address as a username; once someone pinpoints your username, they can see everything you’ve ever done with it.

Every interaction that a wallet address makes on-chain, including transactions, interactions with decentralized applications, purchases of NFTs, etc. are recorded and stored in a public manner that anyone with an Internet connection can view. Websites like Etherscan make viewing this information convenient. Applications like Dune Analytics make analyzing that information easy.

Without privacy protection, this information can quickly and easily be exploited without consent. An analogy would be your bank account. With existing online banking, your activity isn’t seen by anyone, even if they know the username you used to log in. With public blockchains, once someone knew your username (in this case, wallet address), they could see all of the subscriptions you have; they could see every time you make a purchase, where you made the purchase, and use that information to locate you, blackmail you, or exploit you in other ways. On-chain privacy solutions are quickly becoming a solution to protect web3 users worldwide. Recently, Vitalik Buterin has given this topic deeper thought and proposed his solution for the Ethereum ecosystem through what he refers to as Stealth Addresses.

Generating Keys to Create the Stealth Address

A Stealth Address must be generated by two participants: the person attempting to receive cryptocurrency privately (we’ll refer to this person as Bob) and the person attempting to send cryptocurrency privately (we’ll refer to this person as Alice). Bob generates

To derive a Stealth Meta-Address unique to Bob and Alice, Alice will also need to generate some keys on her side. Alice generates two keys:

The Ephemeral Public Key is generated from the Ephemeral Private Key, and it is like an Ethereum address being created through secret seed phrases. The Ephemeral Public Key is published to a public ledger that anyone can view. Ephemeral Keypairs (the private and public ephemeral key combinations) are only used once, so Alice would need to generate a new Ephemeral keypair if she wanted to transact with someone else like Charlie privately.

To summarize up to this point:

So both Bob and Alice have their unique private key and public key. As a next step to generate the final Stealth Address, Bob and Alice share their public keys. Bob gives Alice his Stealth Meta-Address (public), which anyone can see. Alice combines Bob’s Stealth Meta-Address with the Ephemeral Private Key she created. That combination creates the Stealth Address. Alice can send 1.2 ETH to the new Stealth Address.

Accessing the Stealth Address

On Bob’s side, he must locate the Stealth Address that Alice generated and sent 1.2 ETH to. To do this, he must somehow recreate what Alice did (remember, Alice combined Bob’s Stealth Meta-Address with her Ephemeral Private Key). But there’s a problem: Bob doesn’t know Alice’s Ephemeral Private Key.

Using the cryptographic concept of Shared Secrets, Bob has another option: he can create the same Stealth Address (and control the cryptocurrency inside the stealth address with his Spending Key) using a different private/public key combination. Alice used Bob’s public address (the Stealth Meta-Address, which they both can see) with her private address (the Ephemeral Private Key, which only she can see). Bob can use his private address (the Spending Key, which only he can see) with Alice’s public address (the Ephemeral Public Key, which they both can see).

To find Alice’s Ephemeral Public Key, Bob goes through a list of all the existing Ephemeral Public Keys. For each Ephemeral Public Key he sees, he combines it with his Spending Key, and a resulting Stealth Address is created. Bob then checks the Stealth Address’s contents (the cryptocurrency that is available in the Stealth Address). In most cases, the Stealth Address generated with random Ephemeral Public Keys and Bob’s Spending Key should contain 0 ETH. But once Bob tries to combine his spending key with Alice’s Ephemeral Public Key, he should see that the resulting Stealth Address contains 1.2 ETH.

In practice, Bob doesn’t manually go through all existing Ephemeral Public Keys to find the right one. It’s done automatically by a computer, which takes much less time than a human to sort through and try all the combinations.

In conclusion, the proposal Vitalik Buterin published is a practical solution that can work on the Ethereum network to increase privacy for its users. Other projects like Manta Network use a zkAddress system + UTXOs to enable on-chain privacy. The stealth address system proposed by Buterin is a unique and promising solution for privacy on the Ethereum network. More importantly, it is a step in the right direction that leaders like Vitalik Buterin are thinking about innovation around on-chain privacy.

P.S. — the image of Bob and Alice are non-existent people, generated by This Person Does Not Exist.

https://kennymuli.medium.com/what-is-a-stealth-address-53eeb71b4295