Stealth Address

A stealth address is a privacy technique in which a recipient publishes a single static address, yet every payment to it lands at a different, unlinkable one-time address on the blockchain. An outside observer scanning the chain cannot tell that the separate outputs all belong to the same person, which defeats the address-reuse and clustering heuristics that ordinary reused addresses leak. It is the conceptual ancestor of Bitcoin's modern reusable-address schemes.

How it works

The recipient publishes public key material (often a scan key and a spend key). To pay, the sender performs an Elliptic-Curve Diffie-Hellman (ECDH) calculation between their own key and the recipient's published key to derive a shared secret, then uses that secret to compute a fresh one-time output address. Only the recipient, holding the matching private keys, can detect and spend funds sent to these derived addresses — so the static address can be advertised publicly with no loss of on-chain privacy.

In Bitcoin and beyond

Stealth addresses were proposed for Bitcoin early on but never adopted at the protocol level; the practical descendants of the idea are BIP47 reusable payment codes (PayNyms) and Silent Payments (BIP352), which achieve the same goal with different trade-offs around notification and scanning. The technique is used natively in some privacy-focused chains, but on Bitcoin it lives on through those reusable-address standards.

For the working Bitcoin implementations of this concept, compare Silent Payments and BIP47; the shared-secret math is the same ECDH used in Nostr encrypted messaging.