StealthSwap is a privacy preserving payments protocol on Ethereum that launched a few weeks ago, however for a variety of reasons what it currently offers was misunderstood.
To understand the following, users must have some technical understanding of blockchains, ledgers, and the technology force driving these, since the backlash is often due to misconceptions of technical terms.
When published in 2009, the Bitcoin whitepaper made the claim that Bitcoin is effectively a pseudo-anonymous way to make payments. The term pseudo is used to insinuate form-like, meaning that while Bitcoin is not completely anonymous, it offers a layer of privacy when compared to brute identities used in fiat space payments.
Bitcoin fulfilled that to a certain degree, but given the intricacies of electronic cash and how fiat-space payments interacted with it, it soon became obvious that it was not sufficient. Needless to say, this is due to how AML/KYC regulations in fiat-space enforce certain laws that explicitly forbid any kind of anonymity or privacy.
The essence of decentralized ledgers is that of transparency. Unfortunately, to a certain degree that means nothing is essentially hidden unless of course you chose to implement configurations of confidentiality that can hide amounts. One such example is using cryptographic primitives such as Pedersen Commitments, which are homomorphic commitment schemes (preserve the structure of addition) that allow to check the validity of encrypted amounts without unveiling them.
Moving up the ladder, to reach anonymity we need to hide the identities of the parties involved. This of course isn’t simple; one reason is that proving ownership of funds without disclosing information is difficult, and secondly, the whole process of verifying the transfer requires to some degree knowledge.
But again, thanks to earlier results in zero-knowledge proof systems we now have ZCash, which is essentially built on the arithmetization of the verification process (ownership of funds, validity of transfer) and a SNARK (a bilinear-pairing based proof system in the case of ZCash) to provide the ultimate experience of an anonymous, confidential, private, decentralized ledger.
But in-between these, there are several “techniques” used for the purpose of providing privacy preserving payments that are also based on strong cryptographic primitives that give a certain degree of anonymity better than plain addresses.
The terms anonymity and confidentiality are frequently confused in human subjects research. The distinction between the two terms, however, is critical in the design of protocols that protect participant privacy and provide for adequate informed consent. — Human Subject Research Critiques (Evergreen University).
Essentially your meat-space identity is tied to the atoms that make you. There is no such way to dissociate the two. One such example is the plain KYC exchange verification process where you need to verify your identity through a meat-space agreed-upon document.
In this case, your addresses and transfers are all known and tied to you (the physical representation of you). When Alice has established an account on any crypto-to-fiat exchange, she must verify her identity. Doing so makes every deposit and withdrawal tied to Alice (the physical atoms of Alice again).
The blockchain is the piece of evidence that proves and ties the above.
Is all hope lost? No.
To finalize this short introduction let’s put forward the following clear definitions (confusion often arises from misused definitions )
- Anonymity: Defined as the individual right to keep your transacting information from being disclosed.
- Confidentiality: Defined as the individual right to keep your interaction details with another party from being disclosed.
- Privacy: Defined as the individual right to keep your identity from being disclosed.
StealthSwap is a privacy preserving payments protocol that essentially serves two purposes :
- Receive payments using a single identifier (ENS name) without the payments be linked to your identifier.
- Provide on the go privacy to different types of users within a single ecosystem.
Given our starting point (The Ethereum Blockchain) we had very limited degrees of freedom in designing StealthSwap, as we explained in our whitepaper.
A stealth address is a privacy-enhancing technology used to protect the privacy of people that receive cryptocurrency payments. Stealth addresses require the sender to form a random, one-time address for every transaction so that different payments cannot be traced to the same payee.
How are Stealth Addresses different from generating a new address ?
Stealth Addresses aren’t restricted by your online status, with StealthPay anyone can send a payment using your ENS identifier without interacting with you and it won’t be linked to you, there are also specific protocol restrictions within StealthSwap protecting you from several attacks as we disclosed in our paper.
But the payments appear on-chain
At this stage StealthSwap is based on on-chain contracts and traceability doesn’t mean your payment privacy isn’t secured.
So who is essentially the target audience of StealthSwap’s current implementation? Well there are several, let’s list a few examples :
- Services : If you are a developer, community manager, or charity you can use StealthSwap to keep all payments coming to you private i.e unlinked to your identity.
- Merchants : With StealthSwap merchants can use ENS names to receive payments, but keep them undisclosed to unauthorized parties.
- DeFi Participants : If your favorite DeFi platform integrates StealthSwap you can essentially receive your yield rewards and liquidity shares to different Stealth Addresses rather than a single-one, essentially eliminating any on-chain tracking to addresses tied to you.
Our vision is not complete but currently it gives you the ability to at least keep your receiving payments from prying eyes.
We aren’t stopping here of course, we are planning to introduce several protocol upgrades that will make it even more difficult to track on-chain payments.
One such upgrade is implementing Ring Signatures. Ring Signatures satisfy a certain characteristic of anonymity where an attack is not able to correctly identify the individual that produced the signature of a given transaction. This would eliminate the need to send directly to a stealth address, which helps to break the sending address and withdrawal address link.
The other upgrade being hashed-based withdrawals where, instead of sending funds to a stealth address thereby creating a direct link, funds are sent to the contract with a hash identifier of the address, such that only the owner of the stealth address can withdraw the funds without them being directly disclosed in the contract.
Of course, combining both upgrades will give users far greater privacy than what is currently offered, but we also glossed over several technical details that make this difficult to achieve such as gas expenditure and EVM pre-compiled opcodes … But the future is bright!
To keep one of our main goals of making privacy accessible by being inexpensive, we’re making it so users will be able to pick their level of privacy with each transaction. Since the two upgrades above would be costly to transact with regularity while using stealth addresses alone would be inexpensive, we’re making it so users will be able to pick their degree of privacy. Users will be able to choose their level of privacy based on how much they would be willing to spend on gas.
More details regarding StealthSwap v2 will be released in the future. We hope you are as excited as we are.
We hope this blog post has cleared up the confusion regarding what StealthSwap is accomplishing currently and what we’re doing to make it better in the future. If you still have any questions, then please join our Telegram.