First, we will start with the normal procedure which will occur on a daily recurring basis. This is a simple user-case situation where two individuals want to transact privately, as is their right. To do this, we need to a stealth address which makes it possible for the receiver to receive his funds from the paying person. Let’s call the payer Bob. For today’s text, we will cover the part on how to create a stealth address, and what it is made of, and what is it being used for.

How to generate a stealth addresses?

SHA256 workflow

First off you will need math, a lot of math. We basically need some crypto algorithms for this entire processes including SHA256, SECP256k1 (elliptic curve crypto with this equation y ² = x ³ + 7) and Base58 encoding.

The data structure of our stealth addresses:

// [version] [options] [scan_key] [N] ... [Nsigs] [prefix_length]

The overall structure of a normal stealth address is the following. It’s based on the version of the current stealth address, which simply specifies for which currency it could be used. If the version were to change, the blockchain would reject your address. The option is a simple unsigned integer, which can specify any options. You can a scan public key and multiple spend public keys (where N = number of keys; NSigs = all the spend keys) to send the funds to. The prefix length is by default zero.

Verge’s current version of the stealth address is 0x28.

Step-by-Step creation of a verge based stealth address

1. Generate two private random numbers with a lenght of 32 bytes (aka. secure random numbers) 2. One will be declared as spend secret and the other as scan secret 3. each, scan and spend secret, will be used to generate a public key by utilizing SECP256k1 (length should be 33 bytes). Make sure to not overflow the SECP256k1 algorithm. 4. Now putting everything together into a single buffer in the abovementioned order. 5. Generate a hashsum of the current address buffer by double hashing this buffer with SHA256 and append the first 4 bytes of the checksum to the address buffer. 6. finally base58 encode your address

If you have done everything right you address should start with smY.

Stealth addressing with JavaScript

After this procedure, we have assembled the basic requirements needed to create a stealth address and we have gathered all the inputs needed. Namely having two pairs of keys (public and private) representing the scan and spend key. Those are needed to verify the transaction and signing them in new blocks. We will go in depth about that one later. First, we will cover the basics of stealth addressing.

With that being said, let’s finally create an encoded address by having a look at the stealth address class:

Okay, that was a big chunk for a read-through, focus on the path along the encode() method, which combines all the important buffers to one simple address buffer.

In the end, we will be covered with a checksum which is based on the address buffer. This will then merge with that address buffer, and give the possibility to verify if the address has been manually modified or corruption due to network failures, etc.

… to be continued : )

All the details explained over are based on the original idea of this stealth addressing workflow:

// Copyright © 2014 The ShadowCoin developers

// Distributed under the MIT/X11 software license, see the accompanying