Anonymity Analysis of the Umbra Stealth Address Scheme on Ethereum

TL;DR

This paper evaluates the privacy guarantees of the Umbra stealth address scheme on Ethereum and its scalability solutions, revealing that a significant portion of transactions can be deanonymized using simple heuristics.

Contribution

It provides the first comprehensive analysis of Umbra's recipient anonymity across multiple Ethereum layer-2 solutions and proposes countermeasures to improve privacy.

Findings

Nearly half of Umbra transactions on Ethereum mainnet are deanonymized.

Significant deanonymability on Polygon, Arbitrum, and Optimism networks.

Countermeasures can effectively mitigate deanonymization risks.

Abstract

Stealth addresses are a privacy-enhancing technology that provides recipient anonymity on blockchains. In this work, we investigate the recipient anonymity and unlinkability guarantees of Umbra, the most widely used implementation of the stealth address scheme on Ethereum, and its three off-chain scalability solutions, e.g., Arbitrum, Optimism, and Polygon. We define and evaluate four heuristics to uncover the real recipients of stealth payments. We find that for the majority of Umbra payments, it is straightforward to establish the recipient, hence nullifying the benefits of using Umbra. Specifically, we find the real recipient of $48.5\%$, $25.8\%$, $65.7\%$, and $52.6\%$ of all Umbra transactions on the Ethereum main net, Polygon, Arbitrum, and Optimism networks, respectively. Finally, we suggest easily implementable countermeasures to evade our deanonymization and linking attacks.