ERGO
Privacy & Sigma Protocols
Intermediate
2-4 hours

Privacy-Friendly One-Time Receive Pattern

Generate one-time addresses/boxes for better transaction graph privacy

GitHub

문제

Reusing addresses links all your transactions together, reducing privacy. Anyone can see your full transaction history.

솔루션

Generate unique one-time addresses for each receive. Using Diffie-Hellman key exchange, sender creates a box only the receiver can spend, without revealing the receiver's main address.

작동 방식

  1. 1Receiver publishes a public key (or derives from main address)
  2. 2Sender generates ephemeral keypair for this transaction
  3. 3Sender computes shared secret via ECDH
  4. 4Sender creates box spendable by derived one-time key
  5. 5Receiver scans blockchain for boxes they can spend
  6. 6Receiver derives private key from shared secret to spend

코드 예제

These snippets are educational references. Before using them with real funds, pin the exact SDK/compiler versions, validate register encodings, add collection-size guards before indexing arrays, publish test vectors, and keep production deployment behind an explicit review/audit gate.

{
  // One-time receive box
  // R4: Ephemeral public key (sender's temporary key)
  // R5: Encrypted memo (optional)

  // The box is spendable by the one-time key derived from:
  // oneTimePrivKey = receiverPrivKey * hash(sharedSecret)
  // sharedSecret = ECDH(ephemeralPriv, receiverPub)
  //              = ECDH(receiverPriv, ephemeralPub)

  val ephemeralPubKey = SELF.R4[GroupElement].get

  // The proposition is a standard proveDlog
  // but the public key is the one-time derived key
  // Receiver computes: oneTimePub = receiverPub * hash(sharedSecret)

  proveDlog(oneTimePubKey)
}

One-time receive box. The spending key is derived from shared secret, only computable by the intended receiver.

사용 사례

  • Private donations
  • Salary payments
  • Merchant payments
  • Anonymous tips
  • Privacy-preserving invoices

보안 고려사항

  • !Store receiver private key securely
  • !Scan regularly for incoming payments
  • !Consider timing attacks when spending
  • !Use with mixing for enhanced privacy
  • !Ephemeral keys must be truly random

실제 구현 사례

ErgoMixer

Privacy-focused wallet features

리소스

Privacy on ErgoStealth AddressesErgoMixer
수수료 고려사항

Standard transaction fees. Scanning requires indexing or full node access.

관련 패턴

Sigma OR Access Control (Either-Or Spend)Babel Fee Box Pattern (Token-Based Fee Conversion)

다음은 무엇인가요?

모든 패턴 보기

18개 패턴 이용 가능

플레이북 탐색

단계별 가이드

빌더 리소스

전체 개발 도구

ErgoScript 실력을 향상시키세요

새로운 패턴, 튜토리얼, 개발자 리소스 알림을 받으세요.

Follow for daily updates