We May Soon Need to Rethink Our NFT Privacy — Stealth Addresses Explained
Vitalik Buterin shares thoughts on how this can be accomplished through a “low-tech approach.”
A tweet posted by Buterin on Monday, August 8, proposed “stealth addresses” as a potential solution to incorporating what he describes as a “low-tech approach” to adding a significant layer of privacy features into everyday NFT transactions.
Idea: stealth addresses for ERC721s.
A low-tech approach to add a significant amount of privacy to the NFT ecosystem.
So you would be able to eg. send an NFT to vitalik.eth without anyone except me (the new owner) being able to see who the new owner is.https://t.co/UdqK6NAYjn
— vitalik.eth (@VitalikButerin) August 8, 2022
Currently, several iterations of stealth addresses exist, such as Basic Stealth Address Protocol (BSAP), which was created in 2011 by a Bitcoin Forum member named “ByteCoin.”
BSAP, however, had one major vulnerability — its key system allowed for the sender to change their mind and reclaim tokens should the receiver not use them in a timely manner. Consequently, this led to the creation of more complex iterations of these protocols including Improved Stealth Address Protocol (ISAP) and Dual-Key Stealth Address Protocol (DKSAP).
At their core, these protocols have one thing in common — temporary private keys that allow for both the sender and receiver to maintain increased privacy and anonymity.
What Buterin proposes, that differs from these other protocols, is that only the sender and receiver would know the other’s address, whereas anyone else looking on-chain would see a stealth address.
“One remaining challenge is figuring out how to pay fees. The best I can come up with is, if you send someone an ERC721 [NFT] also send along enough ETH to pay fees 5-50 times to send it further,” wrote Buterin, explaining that “if you get an ERC721 without enough ETH, then you can tornado some ETH in to keep the transfer chain going,” to which he added there may be an even better solution still — which would be necessary considering Tornado Cash is now sanctioned by the U.S.
While a number of comments underneath the proposed idea were in support, several pointed out that this may cause legal issues in certain countries where regulators require transparency. Others, argued that removing transparency might be damaging as it has become an identifying characteristic of blockchain technology.
As for now, Buterin’s idea of creating a type of stealth address mechanism will simply remain an idea…until it’s not.