Stealth addresses are a privacy-enhancing technology that provides recipient anonymity on blockchains. In this work, we investigate the recipient anonymity and unlinkability guarantees of Umbra, the most widely used implementation of the stealth address scheme on Ethereum, and its three off-chain scalability solutions, e.g., Arbitrum, Optimism, and Polygon. We define and evaluate four heuristics to uncover the real recipients of stealth payments. We find that for the majority of Umbra payments, it is straightforward to establish the recipient, hence nullifying the benefits of using Umbra. Specifically, we find the real recipient of $48.5\%$, $25.8\%$, $65.7\%$, and $52.6\%$ of all Umbra transactions on the Ethereum main net, Polygon, Arbitrum, and Optimism networks, respectively. Finally, we suggest easily implementable countermeasures to evade our deanonymization and linking attacks.

翻译：隐身地址是一种在区块链上提供接收方匿名性的隐私增强技术。本研究针对以太坊上最广泛使用的隐身地址方案实现——Umbra，及其三种链下可扩展性解决方案（如Arbitrum、Optimism和Polygon），探究其接收方匿名性与不可链接性保障。我们定义并评估了四种启发式方法，以揭示隐身支付的真实接收方。研究发现，对于大多数Umbra支付而言，确定接收方是直接的，从而抵消了使用Umbra的隐私优势。具体而言，在以太坊主网、Polygon、Arbitrum和Optimism网络上，我们分别确定了所有Umbra交易中48.5%、25.8%、65.7%和52.6%的真实接收方。最后，我们提出了易于实施的对策，以规避我们的去匿名化与链接攻击。