What Is a Stealth Address?
Stealth addresses are used in transactions done via cryptocurrencies on a blockchain network to obscure public access to the parties involved in the transactions. Stealth addresses operate by having the sender use a one-time address for every transaction, even if multiple transactions are done with the same recipient. As a result, stealth addresses are helpful with ensuring the privacy of the receivers of cryptocurrency payments and their financial details.
However, stealth addresses have faced scrutiny from regulators and tax authorities as non-public addresses can be used for illegal behavior, including money laundering, the drug trade, and funding terrorist activity.
- Stealth addresses are a technique for obscuring public blockchain transactions by generating one-time addresses for each transaction.
- Blockchain networks involve pseudonymous transactions, meaning once personal information is linked to a crypto key, transactions using that key can be traced on the blockchain.
- Stealth addresses have grown in popularity due, in part, to concerns about hackers gaining access to digital wallets and stealing cryptocurrency coins.
- Stealth addresses have faced scrutiny from regulators and tax authorities since they can be used for illegal behavior, including money laundering.
Understanding a Stealth Address
A blockchain network is a distributed ledger similar to a shared database that contains transactions, which are shared with all of the participants on the network. Many blockchains that operate today or public Ledger's in which transaction details are visible to the participants on the blockchain. However, parties involved are identified by their blockchain addresses which are the result of the public keys.
A standard transaction on a blockchain needs a public address belonging to the recipient, which is not a bug but a feature of blockchain. Transactions are pseudonymous, meaning a public address is linked to an individual, but that individual's identity is unknown to the participants or the public. By shielding the identity of participants on the network, it helps to prevent fraud and digital counterfeiting. However, the identity protection features of blockchain technology are not 100% foolproof, which has given rise to stealth addresses.
Risks to a Public Blockchain
The downside to a distributed ledger-based blockchain is that it's possible to determine an individual's identity behind their blockchain address by analyzing their transaction data and purchasing patterns. A public key might be tracked to a person's identity (through an IP address, for example), leading to all of the transactions that have used that key being tracked throughout the blockchain.
For example, if you wish to solicit charity funds, you may need to provide your destination public address to which cryptocurrency funds can be sent. As a result, this will reveal your destination address, which allows parties who have enough information to assign identities to those addresses to track them, including wherever the funds are spent later. The upside for a charity is total and forced transparency. However, not everyone may want their donations to a charity to become a doorway, allowing the tracing of their other, private transactions.
Bitcoin's blockchain, for example, uses a public ledger and the lack of transparency in Bitcoin's transactions can put individuals at risk if the ledger shows they have a large holding of coins, which can be an invitation to hacker thieves. It is also a tricky situation for merchants who accept cryptocurrency payments. If their public address remains fixed and known, everyone would know about their customers' possible identities and their subsequent transactions.
History of Stealth Addresses
Bitcoin and Ethereum are two of the most popular blockchain networks but they both use a public distributed ledger. Public blockchain networks have led to many participants questioning the security features surrounding the anonymity of the networks. Concerns have increased about hacking financial data and stealing cryptocurrency coins by tracking a person's identity through their transaction history, such as when they cash their digital coins. As a result, the need for privacy-enhancing technology embedded into blockchain networks has grown.
Stealth addresses were proposed by Peter Todd in 2014. The stealth address' mechanism uses a combination of various public and private keys that are dynamic and for one-time use only. Some stealth addresses are created using the elliptic-curve Diffie-Hellman protocol. However, there have been various protocols and types of stealth addresses created over the years, which have included features that protect an individual's privacy and the development of private cryptocurrencies.
The race is on for developers to create enhanced privacy features that completely hide a user's identity and the amount of money or crypto assets within their digital wallets. Stealth addresses protect the privacy of receivers of cryptocurrencies by requiring the sender to use a random, one-time address for every transaction. As a result, numerous transactions done with the same recipient are not able to be linked since each transaction has a one-time address. For example, Monero is a cryptocurrency that was developed specifically to ensure the privacy of its participants.
Concerns about Stealth Addresses
According to a report issued in 2020 by the U.S. Attorney General's Cyber Digital Task Force, cybercrime has an added layer of complexity when criminals use the blockchain ecosystem. "Crime has been expanding beyond national borders for years, but blockchain takes this globalization to another level." The report references how blockchain transactions can be processed in a matter of minutes, which most always transcend sovereign and territorial boundaries. Also, some crypto-asset exchanges operate outside the United States and its regulatory requirements.
The report went on to say that fighting financial crime has faced increased challenges, in part, due to decentralized platforms such as non-public or private blockchains including those with "anonymity-enhanced cryptocurrencies." As a result, this anonymity makes it easier to obscure financial transactions from "legitimate scrutiny."
Illicit Activity and Cryptocurrencies
The crimes that involve blockchain networks and cryptocurrencies are not necessarily new and may include the following:
- Money laundering, which involves acts to shield where money or income came from so as to avoid paying taxes or other legal requirements
- Buying and selling of drugs or weapons on the dark web
- Soliciting funds to support terrorist activity
The Cyber Digital Task Force found that criminals are increasingly leveraging cryptocurrency’s features to advance and conceal unlawful behavior.
Stealth Addresses and Illicit Behavior
Stealth addresses and private blockchains make it more challenging for officials to trace transactions involving illegal behavior. The U.S. Department of Justice mentions specific cryptocurrencies by name that offer "anonymity enhanced cryptocurrencies (AECs) or privacy coins," which include Monero and Zcash.
On August 13, 2020, the Department of Justice announced the dismantling of cyber campaigns used to finance terrorist activity involving the al-Qassam Brigades. According to the government’s complaint, the al-Qassam Brigades requested Bitcoin donations via social media and other websites in which they claimed the donations would be "untraceable and used to support violent causes." The group had posted videos on its website showing how to make "anonymous donations using unique Bitcoin addresses."
Future of Stealth Addresses
Stealth addresses offer enormous opportunities for protecting privacy involving financial transactions and data. As cybercrime increases, businesses and individuals will likely look for ways in which to protect themselves from having their data and financial account information exposed to fraudsters. However, considering the ability of stealth addresses to hide illegal activity, it's safe to say that there will be increased scrutiny in the coming years by regulatory agencies, tax authorities, and governments.
For example, both privacy coins and stealth addresses have been a method of tax avoidance leading the Internal Revenue Service (IRS) to take action. Operation Hidden Treasure is designed to crack down on tax evasion by cryptocurrency participants. The operation is expected to involve the IRS and the European Union Agency for Law Enforcement Cooperation (Europol).
Example of Stealth Addresses
For example, a user (let's call him Ken) on a stealth address-supported blockchain is holding five cryptocurrency tokens. Ken has complete control over the tokens as long as he holds them. If he wishes to send all of them to Paul, he will generate a transaction output, which will announce to the network that Ken is sending five tokens to Paul. As a result, Paul becomes the rightful owner of the five tokens.
Ken's wallet will use both Paul's public view key and his public spend key and club it with random strings of data that generate the one-time unique public key for Paul's output. While others on the network can see a transaction getting recorded, no one other than Ken and Paul will be aware that it took place between Ken and Paul.
Using his own wallet's private view key, Paul will be able to locate the transaction on the blockchain and retrieve it in his wallet. Using the one-time private key that corresponds to the one-time public key for the transaction, Paul will gain the right to spend the cryptocurrency. Nowhere in this process are sender's or receiver's wallet addresses made public.
As these randomly generated, one-time use addresses are created for each transaction on behalf of the recipient, stealth addresses add an additional layer of privacy. Monero, which is known for its privacy and anonymity, is using stealth addresses as the basis for its transaction.