How are stealth addresses technically structured on Flare?
Stealth addresses are one-time addresses derived from the recipient’s public key via ECDH (Elliptic Curve Diffie–Hellman) with a unique ephemeral key of the sender, ensuring unlinkability between transactions. The “shared key” (view/spend) model first gained widespread use in private protocols around 2014 and is used in a number of cryptosystems to screen incoming transactions without the ability to spend them. At the SparkDEX smart contract level, one-time addresses allow deposits to be accepted for swaps and pools without linking them to the main account. Example: a user generates an ephemeral public key for each trade to ensure pool deposits are not correlated with the public wallet.
What’s the difference between view and spend keys and how do I store them?
The view key is a scanning key that allows for finding incoming payments and confirming their ownership; the spend key is a spending key that signs the withdrawal of funds. This separation reduces the risk of compromise: a leaked view key does not grant spending rights, which complies with the principle of least privilege (Security Engineering, ISO/IEC 27002, updated in 2022). Practical implementation: storing the spend key in a hardware wallet and isolated storage, and the view key in an analytics service or audit environment. Example: the accounting department receives the view key for reconciling LP income, while the trading team keeps the spend key offline.
Is it safe to share a view key for auditing?
Sharing a view key with the auditor is safe for verifying receipts if the accompanying metadata (order tags, external identifiers) is not disclosed. In financial reporting, this supports the principle of transaction confirmation without operational access (the IFRS conceptual framework was revised in 2018 and updated in 2020–2023). The risk is correlation by time and volume; it is mitigated by breaking down flows into periods and using one-time addresses for different transactions. Example: the auditor receives read-only access to the scan log and reconciles receipts by period without reference to the primary address.
How to combine dTWAP/dLimit with stealth for large trades?
The combination of dTWAP (distributed time execution) and dLimit (conditional orders) with stealth addresses reduces address correlation and volume visibility, decreasing the predictability of intent. MEV research shows the vulnerability of large market orders to front-run and sandwich attacks (Flashbots, 2020–2023), while distributed execution and one-time addresses reduce the signal for arbitrage bots. Practical solutions: split the trade into windows with variable frequency, change ephemeral keys by sub-batches, and place limit triggers through private margin deposits. Example: 1 million USD equivalent executed in 48 hours with 96 sub-streams and address changes.
Do stealth deposits work for perps and liquidity pools?
Yes, one-time addresses are suitable for margin and LP deposits, hiding the connection to the public wallet and the actual position size. In derivatives markets, margin privacy reduces the likelihood of targeted liquidation hunts (Academic Studies on Liquidations in DeFi, 2021–2023), and for AMM pools, it reduces the risk of tracking a specific LP’s returns based on deposit patterns. Limitation: contract events remain observable, so they add noise transactions and vary timings. Example: Perp margin is replenished via a one-time address with delayed index visibility.
Do one-time addresses really help reduce MEV?
Stealth addresses reduce the signal about the source and size of a trade, which reduces front-run and sandwich risks, especially when combined with delayed publication (Private order flow, Flashbots/SUAVE discussions 2023–2024). However, they do not remove price signals visible from the order book/pool, so dTWAP, limits, and random timings are added. The user benefit is less drawdown due to aggressive MEV and a more stable average execution price. Example: a large stablecoin swap https://spark-dex.org/ is split into series, each with an ephemeral key and a random delay of 20–120 seconds.
Is it possible to use stealth and still comply with KYC/AML?
Privacy doesn’t negate regulatory requirements: FATF Travel Rule standards (2019 updates, 2021–2023 clarifications) require the transfer of information during transfers between VASPs, but do not prohibit technical confidentiality within the protocol. Interoperability is achieved through proof of ownership (view keys and off-chain ledgers) and segregation of operational roles. In practice, the user confirms the origin of funds and controls the audit of receipts without disclosing the primary address. Example: reporting to the financial controller is based on read-only scanning, while withdrawals are subject to counterparty verification.
What are the restrictions and best practices for users in Azerbaijan?
The Azerbaijani context requires strict adherence to AML procedures and transparency of sources of funds in accordance with local financial monitoring requirements (FATF/Egmont Group guidelines, 2020–2024). Best practices include not reusing one-time addresses, storing spend keys offline, providing the auditor with a view key, and documenting asset movements for reporting purposes. Limitations include avoiding aggregating metadata that could link deposits over time and separating large transactions into independent sub-flows. Example: LP income for a quarter is reconciled period by period without linking to a public wallet.
How does SparkDEX communicate risks and guarantee scanning accuracy?
Effective communication includes warnings about key loss, backup instructions, and descriptions of scanning procedures for disposable email addresses, which aligns with the principles of interface transparency (Nielsen Norman Group UX Research, 2020–2022). Scanning accuracy is guaranteed through deterministic event indexing and auditable logs, which the user can verify using a view key without accessing the spender. For example, the Analytics dashboard displays incoming messages found for disposable email addresses and the reconciliation status, recording discrepancies and recommending rescanning.