On November 29, 2025, ethereum.org published a comprehensive tutorial by security researcher Ori Pomerantz on using stealth addresses for private Ethereum transactions. The guide, which arrived at a time when Ethereum trades near $2,990 and privacy concerns are increasingly central to blockchain adoption, provides developers and advanced users with the tools to transfer assets without exposing the connection between sender and receiver on the public ledger.
The Objective
Stealth addresses enable recipients to receive cryptocurrency without revealing their public wallet address to blockchain observers. In standard Ethereum transactions, anyone can trace the flow of funds between addresses using block explorers like Etherscan. Stealth addresses solve this by generating unique, one-time receiving addresses for each transaction, making it computationally infeasible to link multiple payments to the same recipient.
The ERC-5564 standard formalizes this approach for Ethereum, providing a standardized interface for stealth address generation and announcement. When combined with tools like Umbra Cash, a stealth address protocol built on Ethereum, users can achieve meaningful transaction privacy without relying on mixing services or privacy coins that face increasing regulatory scrutiny.
Prerequisites
Before implementing stealth addresses, you need a solid understanding of elliptic curve cryptography, specifically the secp256k1 curve used by Ethereum. You should be comfortable with public-private key pair generation and the concept of shared secrets established through Diffie-Hellman key exchange. Familiarity with Solidity and Ethereum development tools like Foundry or Hardhat is also recommended.
The technical foundation relies on the recipient publishing a stealth meta-address, which encodes their public key information in a standardized format. Senders then use this meta-address along with their own ephemeral key pair to generate a unique stealth address for each transaction. The recipient can scan the blockchain for announcements and, using their private key, identify and access funds sent to their stealth addresses without revealing the connection between them.
Step-by-Step Walkthrough
The first step is generating the recipient’s stealth meta-address. This involves creating a dedicated key pair specifically for stealth address operations, separate from your primary Ethereum account. The meta-address format follows the ERC-5564 specification, encoding the viewing public key and spending public key in a way that senders can parse and use.
For the sender, the process begins by obtaining the recipient’s stealth meta-address. The sender generates an ephemeral key pair for this specific transaction, computes a shared secret using Elliptic Curve Diffie-Hellman between the ephemeral private key and the recipient’s viewing public key, and derives the stealth address from this shared secret. The sender then transfers funds to this stealth address and publishes an announcement on-chain, containing the ephemeral public key that the recipient needs to recover the funds.
The recipient scans the blockchain for new stealth address announcements. For each announcement, they attempt to derive the same shared secret using their viewing private key and the sender’s ephemeral public key. When the derived stealth address matches an address containing funds, the recipient knows that transaction was intended for them and can spend those funds using their spending private key. This entire process occurs without the recipient ever revealing their identity on-chain.
For developers building applications with stealth address functionality, the Umbra Cash protocol provides a production-ready implementation. It handles the cryptographic operations, announcement mechanisms, and address scanning in a user-friendly package. The protocol supports both ETH and ERC-20 token transfers, making it practical for a wide range of payment scenarios.
Troubleshooting
The most common issue developers encounter when implementing stealth addresses is key management complexity. Because the system requires separate viewing and spending keys, incorrect key derivation can result in permanently inaccessible funds. Always test thoroughly on Ethereum testnets before deploying to mainnet, and implement comprehensive error handling for key generation and address derivation steps.
Gas costs represent another consideration. Stealth address announcements require an on-chain transaction, adding to the cost of each payment. While the overhead is relatively modest compared to a standard transfer, it becomes significant for high-frequency payment scenarios. Batch announcement mechanisms and layer-2 solutions can help mitigate these costs for applications processing many stealth transactions.
Privacy guarantees also depend on proper implementation. If a user consolidates funds from multiple stealth addresses into a single wallet in a single transaction, the privacy benefits are partially defeated. Educational materials should emphasize that each stealth address withdrawal should ideally route through a separate path to maintain unlinkability.
Mastering the Skill
Advanced implementations can extend stealth addresses beyond simple transfers. Multi-signature stealth addresses combine the privacy benefits with shared custody requirements, useful for organizational treasury management. Time-locked stealth addresses add a delay before the recipient can access funds, providing a dispute resolution window. Integration with zero-knowledge proofs can further enhance privacy by hiding the announcement itself from casual observers while still allowing the intended recipient to identify their payments.
The ethereum.org tutorial by Pomerantz, published as part of the official Ethereum developer documentation, represents a significant step in making privacy tools accessible to the broader Ethereum community. As regulatory pressure on privacy-focused protocols continues to evolve, stealth addresses offer a pragmatic middle ground: they enhance transaction privacy without creating the anonymity sets that have drawn regulatory attention to privacy coins. With Ethereum’s robust smart contract ecosystem and growing institutional adoption, privacy-preserving payment infrastructure is becoming not just a technical curiosity but a practical necessity.
This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research and test thoroughly before implementing cryptographic systems.
ERC-5564 is a solid standard. the umbra cash implementation makes it practical for non-technical users too
secp256k1 + Diffie-Hellman shared secrets. the crypto is elegant. the real challenge is UX, most people wont bother with stealth addresses until its invisible
the secp256k1 shared secret approach is elegant but the UX for recipients scanning for stealth addresses still needs work. most wallets dont support it natively
Bogdan Ionescu UX is always the last mile. the secp256k1 math works but until wallets hide the complexity nobody outside cypherpunks will use it
this is what we need instead of mixers that get sanctioned. privacy built into the protocol layer
stealth addresses plus umbra cash is a real privacy stack that doesnt require mixing services. this is the compliance friendly path to on chain privacy
erc_5564_fan compliance friendly privacy is the only kind that survives regulatory scrutiny. umbra cash plus stealth addresses is the right approach
the Ori Pomerantz tutorials on ethereum.org are consistently excellent. clear, practical, technically rigorous