In January 2023, Ethereum co-founder Vitalik Buterin published a post proposing a stealth address protocol for Ethereum, acknowledging that "one of the largest remaining challenges in the Ethereum ecosystem is privacy." The post triggered significant coverage in crypto media, with many outlets treating stealth addresses as a novel privacy innovation. The framing overlooked an important context: Monero has implemented stealth addresses as a mandatory protocol feature since its launch in 2014, and so have several other privacy-focused cryptocurrencies. Buterin's contribution was proposing a way to bring this mechanism to a chain that was not originally designed for privacy.
This article explains how stealth addresses work in each system, compares what privacy each actually provides, and examines the fundamental architectural question: is opt-in privacy meaningfully different from default privacy?
How Ethereum's Stealth Address Standard Works
Buterin's 2023 post was followed by the formalization of ERC-5564, a stealth address standard that has seen increasing adoption in the Ethereum ecosystem since then. The mechanism works as follows: a recipient publishes a stealth meta-address (registered via the Ethereum Name Service or shared directly). When a sender wants to pay this recipient privately, they perform a cryptographic computation on the meta-address to generate a unique one-time stealth address. The payment goes to this stealth address. Along with the transfer, the sender publishes a small piece of cryptographic data (an ephemeral public key) that allows the recipient — and only the recipient — to identify the stealth address as belonging to them.
The recipient scans the blockchain for these ephemeral keys using their private view key, identifies payments addressed to them, and derives the private key needed to spend from the stealth address. Importantly, the scanning process can be delegated to a third party using only the view key, without exposing spending ability — a feature Monero has offered through its view key system since launch.
How Monero's Stealth Addresses Work
Monero's stealth address system is structurally similar but with one critical difference: it is not optional. Every Monero transaction automatically generates a unique one-time stealth address for the recipient. The sender derives this address from the recipient's public keys; only the recipient's private view key can identify it as belonging to them; and only the recipient's private spend key can authorize the outgoing transfer. No action is required from either party — the mechanism operates at the protocol level for 100% of transactions.
As described in the technical documentation in Mastering Monero: public Monero addresses encode two public keys (the public view key and public spend key) derived from the wallet's seed. When a sender pays to a Monero address, they combine these public keys with randomized data to produce a unique one-time stealth address. This address is what appears on the blockchain — with no connection visible to the originating wallet address or to any other transaction involving the same recipient.
The Critical Difference: Default vs Opt-In Privacy
The structural gap between Ethereum's stealth address implementation and Monero's is not primarily technical — it is about defaults. Ethereum's ERC-5564 standard requires both sender and recipient to actively choose to use stealth addresses. On the Ethereum network, the vast majority of transactions continue to use standard addresses where the recipient's entire balance history is publicly visible to any observer with their address.
This matters for a reason that cryptographers have long emphasized: an anonymity set of one provides no privacy. If only a small fraction of Ethereum transactions use stealth addresses, the act of using one is itself a signal that distinguishes those transactions from the norm. Privacy that requires opting in — and that only a minority of users actually exercise — provides much weaker guarantees than privacy that is enforced by default for every transaction in the network.
Monero's entire transaction set uses stealth addresses, ring signatures, and RingCT. Every user contributes to every other user's anonymity set simply by transacting normally.
What Each System Actually Protects
Ethereum stealth addresses (ERC-5564), when used: protect recipient identity. The sender's address and the transaction amount remain publicly visible on the Ethereum blockchain.
Monero stealth addresses, combined with ring signatures and RingCT: protect recipient identity, sender identity, and transaction amount — simultaneously and by default. No user action required.
This is not a criticism of Ethereum's direction — any movement toward privacy on a widely-used public blockchain is worthwhile. As noted by privacy advocates, crypto privacy is not a niche concern: it is a prerequisite for financial autonomy. The point is that Monero's decade-long head start in making privacy the default, not the exception, represents a fundamentally different design philosophy that ERC-5564, even at full adoption, does not replicate.
To transact with the full benefit of Monero's built-in privacy stack, XMRWallet provides a free, non-custodial, registration-free web wallet.
Frequently Asked Questions
What other blockchains use stealth addresses?
Beyond Monero and Ethereum (ERC-5564), stealth address implementations exist in Zcash (combined with zk-SNARKs), Verge, Navcoin, PIVX, and Dash. Each implementation differs in technical details and in whether stealth addresses are mandatory or optional. Monero is the only major blockchain where stealth addresses are both mandatory for all transactions and combined with sender and amount privacy at the protocol level.
Can the Ethereum foundation make privacy mandatory?
Mandatory privacy on Ethereum would require a hard fork changing how all transactions are processed — a far more disruptive change than adding an optional standard. Ethereum's development philosophy has generally favored application-layer optionality over protocol-layer enforcement. This is different from Monero's founding design decision to make privacy non-negotiable at the base layer.
