In a blog post on Jan. 20, Buterin acknowledged the need to come up with a privacy solution because by default, all information that goes onto a “public blockchain” is public too.
He then arrived at the concept of “stealth addresses” — which he said can potentially anonymize peer-to-peer transactions, nonfungible token (NFT) transfers, and Ethereum Name Service (ENS) registrations, protecting users.
An incomplete guide to stealth addresses:https://t.co/21Q18BrD30
In the blog post, Buterin explained how on-chain transactions can be carried out between two parties with anonymity.
Firstly, a user looking to receive assets will generate and keep a “spending key” which is then used to generate a stealth meta-address.
This address — which can be registered on ENS — is then passed onto the sender who can perform a cryptographic computation on the meta-address to generate a stealth address, which belongs to the receiver.
The sender can then transfer assets to the receiver’s stealth address in addition to publishing a temporary key to confirm that the stealth address belongs to the receiver.
The effect of this is that a new stealth address is generated for each new transaction.
Buterin noted that a “Diffie-Hellman key exchange” in addition to a “key blinding mechanism” would need to be implemented to ensure that the link between the stealth address and the user’s meta-address can’t be seen publicly.
However Buterin emphasized that this may lead to problems of its own — at least for the short term — stating “this costs a lot of gas, an extra hundreds of thousands of gas just for a single transfer.”
Stealth addresses have long been touted as a solution to address on-chain privacy issues, which have been worked on since as early as 2014. However very few solutions have been brought to market thus far.
It also isn’t the first time Buterin has discussed the concept of stealth addresses in Ethereum.
In August 2022, he dubbed stealth addresses as a “low-tech approach” to anonymously transfer ownership of ERC-721 tokens — otherwise known as NFTs.
”Tornado Cash can hide transfers of mainstream fungible assets such as ETH or major ERC20s […] but it’s very weak at adding privacy to transfers of obscure ERC20s, and it cannot add privacy to NFT transfers at all.”
Buterin offered some advice to Web3 projects that are developing a solution:
“Basic stealth addresses can be implemented fairly quickly today, and could be a significant boost to practical user privacy on Ethereum.”
“They do require some work on the wallet side to support them. That said, it is my view that wallets should start moving toward a more natively multi-address model […] for other privacy-related reasons as well,” he adde
Buterin suggested that stealth addresses may introduce “longer-term usability concerns,” such as social recovery issues. However, he is confident the problems can be properly addressed over the long-term:
“In the longer term, these problems can be solved, but the stealth address ecosystem of the long term is looking like one that would really heavily depend on zero-knowledge proofs,” he explained.