Vitalik Buterin posted a new idea named stealth addresses for the ERC721 standard that can result in private NFT transactions.
He tweeted about the idea:
Idea: stealth addresses for ERC721s.
A low-tech approach to add a significant amount of privacy to the NFT ecosystem.
So you would be able to eg. send an NFT to vitalik.eth without anyone except me (the new owner) being able to see who the new owner is.https://t.co/UdqK6NAYjn
— vitalik.eth (@VitalikButerin) August 8, 2022
This proposal is meant to reply to another proposal that has been posted on Ethresearcher. Basically, what the main idea says is that for every ERC-721 token to be stored on a Stealth Address, the address will be hashed, the token ID tid, and the secret address of the user will be encrypted. There is a Merkle tree in which stealthAddressBytes are inserted. On-chain maintenance of the Merkle tree is maintained through the root of the tree.
In order to store tokens, a Merkle tree leaf associated with a particular user is used to determine the address for storing the token. Consequently, in order to transfer a token, a user must provide proof that he or she is capable of creating a stealth address which is included in the Merkle tree before the token can be transferred. Additionally, they have the option of generating the Merkle tree once the respective leaf has been updated.
As Vitalik replies, he believes that we may be able to accomplish this with a much lighter-weight technology if we use regular stealth addresses in combination with our existing technology.
It is important to note that he says that a Merkle tree or ZK-SNARK-level privacy for ERC721 is not required. This is due to the fact that each ERC721 is unique, so it is not possible to create an “anonymity set” for each ERC721.
It would be better to hide just the link to the sender’s and recipient’s public identity rather than the highly visible link. In this case, the ERC721 can be sent to the address “vitalik.eth”. Thereafter, vitalik.eth can see the contents of the ERC721 as well, but no one else can see this – they just see that someone sent an ERC721 to vitalik.eth; however, they cannot see that it was from vitalik.eth.
The challenge that still remains is figuring out how to pay for the service. In Vitalik’s view, the best thing you can do is to send along enough ETH as an extra payment to pay the fees five to fifty times if you send someone an ERC721, etc.
It is possible to force some ETH into an ERC721 if there is not enough ETH to keep the chain going in the event you get one without enough ETH. In spite of this, perhaps there can be a better generic solution that incorporates specialized searchers or block builders in some way.
We can observe that NFT transactions that are private can be seen if and when the proposed idea becomes accepted and deployed. Consequently, it is possible for only the new owner of the NFT to be able to see who the previous owner was in relation to the transactions.