The address reuse problem
Say you're a freelancer and you tweet your ETH address so clients can pay you. Seems harmless, right?
Now anyone can see every payment you've received to that address. They can see your balance. When you spend, they can trace where your money goes. Your entire financial life is on display.
"Just use a new address for each payment," people say. But that means you need to be online to generate and share a fresh address every time. That doesn't scale.
Stealth addresses fix this. You publish one address, but every payment goes to a different, unlinkable destination that only you can access.
The problem in practice
Say Alice publishes her Ethereum address for donations:
- All donations are publicly linked to her
- Everyone can see her total balance
- Her spending patterns are visible
- Every transaction can be traced
Using fresh addresses for each payment means Alice needs to be online to hand them out. Not practical.
How stealth addresses work (without the heavy math)
Think of it like a PO Box that magically generates a new physical mailbox for every letter, but only you have the master key to open them all.
You publish a "stealth meta-address." When someone wants to pay you, their wallet does some cryptographic magic to derive a brand new address just for that payment. They send money there and publish a small hint alongside the transaction.
Your wallet scans the blockchain, sees that hint, and uses your private key to figure out: "Hey, that random-looking address is actually mine!" Now you can spend from it.
The sender doesn't need to talk to you. You don't need to be online. And nobody watching the blockchain can connect all these addresses to the same person.
The technical version (for the curious)
You have two key pairs:
- A spend key to actually move funds
- A view key to detect incoming payments
When Bob pays you, he generates a random number, mixes it with your public view key, and derives a one-time address. He sends money there and publishes his random number.
Your wallet scans for these announcements, tries to derive what the address should be, and checks for matches. When it finds one, you've got money.
The sender's random number is thrown away after the transaction. Even if someone compromises your view key later, they can only spot future payments, not trace old ones back to senders.
The gas problem
Here's an annoying gotcha: the new stealth address starts with zero ETH. How do you pay gas to move your tokens?
If you send ETH there first, you've just linked yourself to it. That defeats the whole purpose.
We solve this with account abstraction (ERC-4337). A relayer pays the gas upfront and gets reimbursed from the transfer itself. Nobody ever sends ETH directly to the stealth address.
What stealth addresses don't hide
By default, they only protect the recipient. They don't hide:
- The amount (still visible on-chain)
- The sender (their address is public)
- Timing (it's on the blockchain)
That's why we combine stealth addresses with encrypted amounts. Hidden recipient plus hidden amount equals actual privacy.
Where this matters
Payroll: Your employer pays to your stealth address. Coworkers can't see your salary.
Donations: Nonprofits receive funds without donors being publicly identified. Matters a lot for sensitive causes.
Business payments: Suppliers and customers don't build up a public record of your relationships.
DAO contributions: Support a DAO treasury without broadcasting your involvement.
How NixProtocol does it
We build on EIP-5564 (the Ethereum stealth address standard) and add the pieces that make it actually usable:
- Encrypted amounts so it's not just the recipient that's hidden
- Optional auditor access when you need compliance
- Optimized scanning so you're not waiting forever
- Built-in account abstraction for the gas problem
You get stealth addresses that work in practice, not just in theory.