https://github.com/ngmachado/stealth-payment-cli
anonymous and secure transactions using stealth addresses on EVM
https://github.com/ngmachado/stealth-payment-cli
Last synced: about 1 month ago
JSON representation
anonymous and secure transactions using stealth addresses on EVM
- Host: GitHub
- URL: https://github.com/ngmachado/stealth-payment-cli
- Owner: ngmachado
- License: mit
- Created: 2025-02-12T16:32:34.000Z (3 months ago)
- Default Branch: main
- Last Pushed: 2025-02-21T22:01:45.000Z (3 months ago)
- Last Synced: 2025-04-12T23:54:26.865Z (about 1 month ago)
- Language: TypeScript
- Homepage:
- Size: 72.3 KB
- Stars: 3
- Watchers: 1
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# π‘οΈ Stealth Payment System CLI
## π Overview
The **Stealth Payment System CLI** provides a secure and private escrow mechanism for **Ethereum (ETH) transactions**. The system allows **senders to deposit ETH** into a smart contract without directly linking it to the receiver. **Zero-Knowledge Proofs (ZK-SNARKs)** ensure **privacy and security**, preventing double-spending and making transactions unlinkable.
## β¨ Key Features
- **π Stealth Addresses** β Unique, per-transaction addresses hide recipient identity.
- **π‘οΈ Zero-Knowledge Proofs** β Uses zk-SNARKs for secure and anonymous fund claims.
- **π° Anonymous Payments** β No direct on-chain link between sender and receiver.
- **β‘ CLI Interface** β Lightweight command-line interface for seamless interaction.
---
## ποΈ System Architecture
### πΉ **Smart Contracts**
- **Carrier Contract** β Registers recipient public keys.
- **Escrow Contract** β Manages deposits and claims using commitments and ZK-SNARK proofs.
### πΉ **Cryptographic Components**
- **Commitment** β A cryptographic hash that binds the deposit to a **shared secret** without revealing it.
- **Shared Secret** β Derived using **Elliptic Curve Diffie-Hellman (ECDH)** between sender and receiver.
- **Nullifier** β A unique value ensuring **each deposit can only be claimed once**.
- **ZK-SNARK Proof** β Receiver proves knowledge of the **shared secret** without revealing it.
---
## π Privacy & Security Features
β **No Link Between Sender & Receiver**
β **Prevents Double-Spending with Nullifiers**
β **Each Transaction Uses a Unique Ephemeral Key**
β **Zero-Knowledge Proofs Ensure Private Fund Claims**
---
## π **Deposit Process**
1οΈβ£ **Retrieve Receiver's Public Key**
- The sender fetches the recipientβs registered public key (`pub_r`) from the Carrier Contract.
2οΈβ£ **Generate Ephemeral Key Pair**
- The sender creates an ephemeral key pair:
```math
eph\_pub = eph\_priv \times G
```
- This ensures that each deposit is uniquely linked to the sender.
3οΈβ£ **Compute Shared Secret (ECDH)**
- The sender computes the shared secret:
```math
shared = eph\_priv \times pub_r
```
- The receiver **can later compute the same shared secret** using their private key.
4οΈβ£ **Compute Hashed Secret**
- The sender hashes the shared secret:
```math
hashedSecret = poseidon.hash(sharedSecretX)
```
5οΈβ£ **Compute Stealth Public Key**
- The stealth public key is computed as:
```math
pub\_once = hash(shared) \times G + pub_r
```
- This ensures only the receiver can derive the corresponding private key.
6οΈβ£ **Compute Commitment & Deposit Transaction**
- The **commitment** is stored in the Escrow Contract:
```math
commitment = poseidon.hash(hashedSecret)
```
- The sender deposits funds by calling:
```sh
bun cli.ts deposit -r -a
```
---
## π **Claim Process**
1οΈβ£ **Receiver Identifies the Deposit**
- Uses their private key to **compute the same shared secret**.
2οΈβ£ **Compute Hashed Secret & Commitment**
- Ensures that the computed **commitment matches** the one stored on-chain.
3οΈβ£ **Compute Nullifier**
- To prevent double-spending:
```math
depositNullifier = poseidon.hash([computedCommitment, safeSharedSecret])
```
4οΈβ£ **Generate ZK-SNARK Proof**
- Proves knowledge of the **shared secret** without revealing it.
5οΈβ£ **Submit Claim Transaction**
- The receiver submits:
```sh
bun cli.ts claim
```
---
## π Prerequisites
β
**[Bun](https://bun.sh/) installed**
β
**Node.js v18+**
β
**Ethereum-compatible wallet with ETH for gas**
β
**Access to an Ethereum RPC endpoint**
β
**[snarkjs](https://github.com/iden3/snarkjs) for zk-SNARK proof generation**
---
## π Installation
```sh
# Clone the repository
git clone https://github.com/ngmachado/stealth-payment-cli
cd stealth-payment-cli
# Install dependencies
bun install
# Add execution permission (optional)
chmod +x cli.ts
```
---
## π» CLI Usage Guide
### πΉ 1οΈβ£ Setup & Wallet Configuration
```sh
bun cli.ts setup
```
π **Inputs required:**
- Encryption password (secure storage)
- Private key (for signing transactions)
- Ethereum RPC URL
---
### πΉ 2οΈβ£ Register Public Key
```sh
bun cli.ts register
```
π‘ Registers your **public key** on-chain (required for receiving funds).
---
### πΉ 3οΈβ£ Deposit ETH to a Stealth Address
```sh
bun cli.ts deposit -r -a
```
Example:
```sh
bun cli.ts deposit -r 0x1234...5678 -a 0.5
```
---
### πΉ 4οΈβ£ Scan for Incoming Deposits
```sh
bun cli.ts scan
```
---
## β οΈ Security Considerations
β **Keep private keys secure & never share them**
β **Use a strong encryption password during setup**
β **Consider using a private RPC endpoint to prevent metadata leakage**
β **This is experimental software β use at your own risk**
---
## π Privacy Enhancements
β **Zero-knowledge proofs** ensure claim privacy
β **Ephemeral keys** prevent on-chain linking
β **Stealth addresses** mask recipient identity
β **ECDH key exchange** secures communication
---
## π License
This project is licensed under the **MIT License**.
---
## β οΈ Disclaimer
π¨ This is **experimental software** provided **as-is** without any warranty.
π¨ **This codebase has NOT been audited** β use at your own risk!
---
### **π Useful Resources**
- [Bun Documentation](https://bun.sh/docs)
- [snarkjs Library](https://github.com/iden3/snarkjs)
---
π₯ **Stealth Payment System - Privacy-Preserving Crypto Payments** π₯