Stealth Addresses
Stealth addresses are a privacy technique that allows a sender to create a unique one-time address for each payment, preventing observers from linking transactions to the recipient's identity.
The Problem
On public blockchains like Solana, all transactions are visible. If you share your wallet address to receive payments, anyone can:
- See your entire transaction history
- Track all payments sent to you
- Link your identity to your on-chain activity
- See your total balance
The Solution
Stealth addresses solve this by generating a new, unique address for each payment. These addresses are:
- Unlinkable — Observers cannot connect them to your public identity
- One-time — Each address is used only once
- Spendable — Only the intended recipient can access the funds
How It Works
Cryptographic Flow
Receiver generates two keypairs:
spending_key— Used to spend fundsviewing_key— Used to detect payments
Sender creates payment:
- Generate ephemeral keypair
(r, R) - Compute shared secret:
S = r * viewing_pubkey - Derive stealth address from
hash(S) + spending_pubkey - Send funds to stealth address
- Publish
R(ephemeral pubkey)
Receiver scans announcements:
- For each ephemeral pubkey
R - Compute:
S = viewing_key * R - Derive expected stealth address
- Check if address has funds
Receiver claims funds:
- Derive spending key for this address
- Sign transaction to move funds
ECDH Key Exchange
Onyx SDK uses Elliptic Curve Diffie-Hellman (ECDH) to create shared secrets between sender and receiver without revealing them to observers:
# Sender computes:
shared_secret = ephemeral_private * viewing_pubkey
# Receiver computes:
shared_secret = viewing_private * ephemeral_pubkey
# Both get the same result!
Privacy Guarantees
Protected
- • Receiver identity
- • Link between payments
- • Total received amount
Visible
- • Individual payment amounts
- • Transaction timing
- • Sender identity (unless they also use privacy)