Stealth addresses are a privacy-enhancing technology that provides recipient anonymity on blockchains. In this work, we investigate the recipient anonymity and unlinkability guarantees of Umbra, the most widely used implementation of the stealth address scheme on Ethereum, and its three off-chain scalability solutions, e.g., Arbitrum, Optimism, and Polygon. We define and evaluate four heuristics to uncover the real recipients of stealth payments. We find that for the majority of Umbra payments, it is straightforward to establish the recipient, hence nullifying the benefits of using Umbra. Specifically, we find the real recipient of $48.5\%$, $25.8\%$, $65.7\%$, and $52.6\%$ of all Umbra transactions on the Ethereum main net, Polygon, Arbitrum, and Optimism networks, respectively. Finally, we suggest easily implementable countermeasures to evade our deanonymization and linking attacks.

翻译：隐身地址是一种增强隐私的技术，可为区块链上的接收者提供匿名性。本文研究了Umbra（以太坊上最广泛使用的隐身地址方案实现）及其三个链下扩容解决方案（如Arbitrum、Optimism和Polygon）的接收者匿名性与不可关联性保证。我们定义并评估了四种启发式方法，以揭示隐身支付的真实接收者。研究发现，对于大多数Umbra支付而言，确定接收者是直接可行的，从而抵消了使用Umbra的隐私优势。具体而言，我们在以太坊主网、Polygon、Arbitrum和Optimism网络上，分别识别出了48.5%、25.8%、65.7%和52.6%的Umbra交易的真实接收者。最后，我们提出了易于实施的对抗措施，以规避我们的去匿名化和链接攻击。