On January 20th, Ethereum's 'father' Vitalik Buterin revealed the "largest remaining challenge" for Ethereum, concerning the blockchain's privacy. According to Butrerin's blog post, entitled An incomplete guide to stealth addresses, the privacy issue is the last thing to be overcome, as all the information that goes onto public blockchain via a smart contract is public too.
To potentially anonymize peer-to-peer transactions of NFTs, cryptocurrency, and ENS names, Vitalik Buterin came up with the stealth addresses concept.
Although appeared back in 2014, the stealth address technology hasn't found much acclaim throughout the realm, even though Buterin himself described it as a 'low-tech approach' compared to other solutions for Ethereum privacy.
In his recent blog, Buterin reveals the mechanics of on-chain transactions carried out between a sender and recipient. This can be described as follows:
- Firstly, the user who needs to receive assets generates a 'spending key'
- The spending key is the basis for a stealth meta-address and can be registered on ENS, is passed to the sender
- The sender performs a cryptographic computation turning a meta-address into a stealth address, which is used for both to transfer and receive assets
- The sender can transfer assets to the receiver’s stealth address as well as publish a temporary key to confirm that the stealth address belongs to the receiver.
In other words, a new stealth address and temporary key supporting it will be generated for every single transaction. This makes each transaction cryptographically protected from public eyes, providing a secure, anonymous solution for transfers of assets.
Additionally, Vitalik Buterin noted that in parallel with a “key blinding mechanism,” a “Diffie-Hellman key exchange” will have to be implemented to guarantee that the link between the user's meta-address and the stealth address is visible publicly.
It's not the first time when the Ethereum co-founder turns to stealth addresses. Thus, in August 2022, he spoke of the tech for anonymously transferring ownership of ERC-721 tokens, better known as NFTs.
Currently, the Tornado Cash program, sanctioned by the U.S. Office of Foreign Asset Control (OFAC) is used to anonymize NFT transactions, but according to Buterin, it acts differently compared to stealth addresses.
”Tornado Cash can hide transfers of mainstream fungible assets such as ETH or major ERC20s, but it’s very weak at adding privacy to transfers of obscure ERC20s, and it cannot add privacy to NFT transfers at all,” Buterin said, offering another solution, “Basic stealth addresses can be implemented fairly quickly today, and could be a significant boost to practical user privacy on Ethereum.”
Finalizing his report on stealth addresses, Buterin names “longer-term usability concerns,” such as social recovery issues among the problems to be solved in the long run.
And while the whole stealth address ecosystem seems quite a way out for the Ethereum privacy issues, the technology itself, although explained in detail, seems to need some time to root in the minds of web3 enthusiasts. Let's wait and see!