SPECTER

Onchain payments today are fully transparent. Every transfer exposes both the sender and recipient, making wallets easy to track and link to real identities. Most stealth address protocols rely on ECDH (elliptic curve Diffie-Hellman). When quantum computers become practical, ECDH breaks. Any payment made today could be deanonymized in the future.

SPECTER uses ML-KEM-768 (NIST FIPS 203), a post quantum key encapsulation standard, instead of ECDH. Payments stay private today and remain private even against adversaries with quantum computers. Send to anyone using just their ENS (.eth) or SuiNS (.sui) name. SPECTER generates a fresh, one-time stealth address for every payment. The recipient is the only one who can discover and spend from it. To the rest of the world, it looks like funds went to a random address with no connection to anyone.

SPECTER also integrates with Yellow Network to enable private trading through off-chain state channel settlement, combining stealth addresses with high-performance order execution.

Usage flow Recipients run a one-time setup: generate ML-KEM-768 keys, upload their meta-address to IPFS, and link it to their ENS or SuiNS name. Senders resolve the recipient’s name, get a one-time stealth address, and send funds to it. An announcement is published so the recipient can discover the payment. Recipients scan announcements with their viewing key; view tags filter out most irrelevant entries before decapsulation. For any match, they derive the stealth private key and import it into their wallet to spend.

How it’s built SPECTER is a monorepo with a Rust backend and a React frontend. All cryptography lives in Rust for memory safety and constant-time behavior: key generation, ML-KEM-768 encapsulation (pqcrypto-kyber), SHAKE256 key derivation, and stealth address derivation are in shared crates used by both the Axum REST API and the CLI. Pinata is used for IPFS (meta-addresses are stored there; ENS and SuiNS point to IPFS CIDs). alloy handles ENS resolution, and MystenSui handles SuiNS. The frontend uses Dynamic Labs for EVM wallets and dapp-kit for Sui. It only handles UI and wallet flows; all crypto runs on the server, and secret keys are zeroized on drop. For private trading, SPECTER integrates with Yellow Network and its Nitrolite SDK for on-chain channel creation and EIP-712 auth. Channels are opened to stealth addresses so counterparties stay unlinkable.

One more Implementation detail View tags are a 1-byte filter on each announcement, so recipients skip about 99.6% of entries before decapsulation. That keeps scanning very fast (about 1–2 seconds for 100k announcements). The same secp256k1 seed derives both Ethereum and Sui addresses so imported keys work in either wallet.

SPECTER vs Umbra Vs FluidKey

SPECTER builds on the idea of stealth addresses already used by protocols like Umbra and Fluidkey, but removes their biggest constraints. Unlike existing solutions that rely on classical ECDH cryptography, SPECTER uses post quantum–secure ML-KEM-768, making it resistant to future quantum attacks. It also goes beyond EVM chains by supporting Sui natively (already live), delivers much faster wallet scanning via efficient view tags, and avoids onchain registries by storing meta-addresses on IPFS. In short, SPECTER offers stronger security, better performance, and true multi-chain (including non-EVM) support compared to today’s stealth address protocols.

Tech Stack

Backend (Rust)

The protocol handles key generation, encapsulation, stealth address derivation, and scanning. These are security-critical operations where memory safety, constant-time execution, and performance are essential. Rust enforces these guarantees at compile time, with secret keys zeroized on drop. A single shared implementation is used across both the API server and CLI, ensuring there is only one surface to audit.

• Axum – REST API server
• pqcrypto-kyber – ML-KEM-768 key encapsulation
• sha3 – SHAKE256 hashing and view-tag computation
• k256 – secp256k1 Ethereum address derivation from stealth keys
• blake2 – BLAKE2b-256 hashing for Sui address generation
• zeroize + subtle – secure memory clearing and constant-time comparisons
• alloy – Ethereum and ENS interactions
• @mysten/sui – Sui and SuiNS interactions
• IPFS (Pinata) – storage and retrieval of meta-addresses; name services resolve to an IPFS CID to keep on-chain storage minimal
• dashmap – lock-free concurrent caching

Frontend (React + Vite)

Wallet interactions, name resolution, and transaction signing require a rich client. All cryptographic operations are delegated to the backend over HTTP.

• React + Vite + TypeScript – frontend framework and build tooling
• TailwindCSS + Radix UI – styling and accessible component primitives
• Dynamic Labs – EVM wallet connections (MetaMask, WalletConnect, etc.)
• @mysten/dapp-kit – Sui wallet connection
• viem – Ethereum transaction building and verification
• Framer Motion + GSAP – animations
• react-hook-form + Zod – form handling and schema validation