Mirror/stealth
1
0
Fork 0
mirror of https://github.com/LORDBABUINO/stealth.git synced 2026-04-28 16:40:00 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
48de6af723dc3b03c8cbdcfacdcfcfafff019943
stealth/slides/slides.md
Breno Brito 48de6af723 Add Slidev pitch presentation
2026-02-27 02:06:31 -03:00

3.1 KiB
Raw Blame History

theme, title, titleTemplate, class, fonts, lineNumbers, drawings, transition, mdc
theme title titleTemplate class fonts lineNumbers drawings transition mdc
default Stealth — Bitcoin Wallet Privacy Analyzer %s | Stealth stealth-theme
sans mono
Inter JetBrains Mono
false
persist
false
slide true

STEALTH

Bitcoin Wallet Privacy Analyzer

A privacy audit tool that surfaces vulnerabilities at the UTXO level.

The Problem

Bitcoin privacy is fragile

  • Chain analysis firms track wallets
  • Common heuristics link addresses
  • Users rarely know their exposure
  • One bad UTXO can taint the rest

Today's tools

  • Complex, require expertise
  • No UTXO-level visibility
  • Hard to understand risk before spending

What Stealth Does

Input

  • Paste wallet descriptor
  • Supports wpkh, pkh, sh(wpkh), tr, multisig

Output

  • Every UTXO listed
  • Privacy flaws per UTXO
  • Severity badges (high / medium / low)
# One click
wpkh([xpub...]/0/*) → Analyze

→ Full report with actionable insights

Vulnerabilities Detected

Vulnerability What it means
Address Reuse Same address received >1 payment — links tx history, exposes balance
Dust Spend UTXO from dust attack — when spent, links previously unconnected addresses
UTXO Consolidation Multiple inputs merged — strong signal all belong to same wallet
CIOH Common Input Ownership Heuristic — chain analysis firms use this to cluster addresses

How It Works

1. Parse

  • Extract addresses from descriptor
  • Support all common formats

2. Fetch

  • On-chain history per address
  • Uses Bitcoin node / API

3. Analyze

  • Apply privacy heuristics
  • Flag each UTXO with findings

Architecture

stealth/
├── frontend/   # React + Vite — input, loading, report
└── backend/    # Java/Quarkus — descriptor parsing, chain data, analysis
  • Read-only — no keys, no storage, no transmission of descriptors
  • Self-hostable — point at your own node for max privacy

Demo Flow

  1. Input screen — paste descriptor, click Analyze
  2. Loading — fetches and analyzes
  3. Report — summary bar (total / vulnerable / clean) + UTXO cards
  4. Each card: address, amount, badges, expandable details

Why It Matters

  • Users — understand exposure before consolidating or spending
  • Wallets — integrate as pre-spend check
  • Researchers — study privacy heuristics at scale
  • Privacy-first — no cloud, no logs, no tracking

Thank You

STEALTH

Bitcoin Wallet Privacy Analyzer

Appendix — Supported Descriptors

  • wpkh(...) — native SegWit
  • pkh(...) — legacy
  • sh(wpkh(...)) — nested SegWit
  • tr(...) — Taproot
  • Multisig variants

All analysis uses publicly available on-chain data.

Reference in New Issue View Git Blame Copy Permalink