Vitalik Buterin, co-founder of Ethereum, has proposed a solution to address the issue of privacy on Ethereum, which he deems as the “largest remaining challenge” on the network.
In a post, Buterin recognized that by default, all information on a public blockchain is publicly available. He presented the idea of “stealth addresses” as a potential solution to anonymize peer-to-peer transactions, NFT transfers, and ENS registrations, thereby safeguarding users’ privacy.
Buterin also described a way for two parties to conduct on-chain transactions anonymously. To start, the recipient generates and keeps a “spending key”, which is used to create a stealth meta-address. This meta-address, which can be registered with ENS, is shared with the sender. The sender performs a cryptographic computation on the meta-address, which generates a stealth address that belongs to the receiver. The sender then transfers assets to the receiver’s stealth address and publishes a temporary key to confirm that the stealth address belongs to the receiver. As a result, a new stealth address is created for each new transaction.
Buterin also mentioned that to make sure the connection between the stealth address and the user’s meta-address is not visible publicly, a “Diffie-Hellman key exchange” and a “key blinding mechanism” would need to be implemented.
He also pointed out that ZK-SNARKs, a cryptographic-proof technology with built-in privacy features, could be used to transfer funds to pay transaction fees. However, he also emphasized that this could cause additional problems, specifically in terms of high gas costs for a single transfer.
As a matter of fact, stealth addresses have been proposed as a way to improve privacy on-chain for several years, and few solutions have been brought to market. This isn’t the first time Buterin has discussed the concept for Ethereum.
In August, he referred to stealth addresses as a “low-tech approach” for anonymously transferring ownership of ERC-721 tokens or NFTs. Buterin explained that the stealth address concept he proposed offers privacy differently from Tornado Cash, which is now sanctioned by the U.S. Office of Foreign Asset Control (OFAC).
He said, “Tornado Cash can hide transfers of mainstream fungible assets such as ETH or major ERC20s, but it’s very weak at adding privacy to transfers of obscure ERC20s, and it cannot add privacy to NFT transfers at all.”
Buterin provided some suggestions for web3 projects that are developing a solution for privacy.
He said, “Basic stealth addresses can be implemented fairly quickly today, and could be a significant boost to practical user privacy on Ethereum.”
He also added that stealth addresses require some work on the wallet side to support them, and suggested that wallets should start moving towards a more natively multi-address model, not only for privacy-related reasons but also for other reasons.
However, he acknowledged that stealth addresses may introduce some longer-term usability concerns, such as social recovery issues, but he is confident that these problems can be addressed in the future.
He stated, “In the longer term, these problems can be solved, but the stealth address ecosystem of the long term is looking like one that would really heavily depend on zero-knowledge proofs.”