Skip to main content
Low-level stealth address functions for Nervos CKB using secp256k1. Import from @wraith-protocol/sdk/chains/ckb. Most developers should use the Agent Client instead. These primitives are for power users building custom stealth address integrations on CKB.

The Cell Model

CKB is fundamentally different from account-based chains like EVM or Solana. CKB uses a UTXO-based Cell model where all state is stored in Cells. A Cell has four fields:

Cells Are Announcements

On EVM chains, stealth address announcements are separate events emitted by an Announcer contract. On CKB, the Cell itself is the announcement. There is no separate announcer. The stealth lock script args contain both the ephemeral public key and the stealth address hash:
This is 53 bytes total. The announcement data is embedded directly in the Cell’s lock script — no separate transaction or event needed.

Scanning = Querying Live Cells

Instead of querying a subgraph or parsing event logs, scanning on CKB means querying all live Cells that use the stealth-lock code hash. CKB’s built-in indexer RPC (get_cells) supports filtering by lock script code hash, so only stealth Cells are returned.

Spending = Consuming Cells

To withdraw from a stealth address, you consume the stealth Cell and create a new Cell at the destination. The stealth lock script verifies the secp256k1 signature against the pubkey hash in the args.

Installation

No additional peer dependencies required. CKB RPC calls use native fetch. Address hashing uses @noble/hashes (blake2b), which is already a direct dependency.

Import

Types

Key Differences from EVM

CKB uses the same secp256k1 curve as EVM but different hash functions and a completely different state model.

Constants


Functions

deriveStealthKeys(signature)

Derive spending and viewing key pairs from a 65-byte ECDSA signature. Identical to the EVM module.
Algorithm: Same as EVM — split signature r/s, keccak256 each to get spending and viewing keys.

generateStealthAddress(spendingPubKey, viewingPubKey, ephemeralKey?)

Generate a one-time stealth address with lock script args for CKB.
Algorithm:
  1. Generate random ephemeral key pair (r, R = r * G)
  2. Compute ECDH shared secret S = r * viewingPubKey (compressed)
  3. hashedSecret = SHA-256(S)not keccak256 like EVM
  4. stealthPubKey = spendingPubKey + hashedSecret * G
  5. stealthPubKeyHash = blake160(stealthPubKey) — blake2b with “ckb-default-hash”, first 20 bytes
  6. lockArgs = ephemeralPubKey || stealthPubKeyHash

blake160(data)

CKB’s address hashing function. blake2b with "ckb-default-hash" personalization, truncated to 20 bytes.
The personalization string is critical — without it, hashes won’t match CKB’s on-chain verification.

checkStealthCell(cell, viewingKey, spendingPubKey)

Check if a stealth Cell belongs to you.
Algorithm:
  1. Extract ephemeralPubKey = cell.lockArgs[0:33]
  2. Compute ECDH shared secret S = viewingKey * ephemeralPubKey
  3. hashedSecret = SHA-256(S)
  4. expectedPubKey = spendingPubKey + hashedSecret * G
  5. expectedHash = blake160(expectedPubKey)
  6. Compare expectedHash with cell.lockArgs[33:53]
No view tag optimization — every Cell is fully checked. This is acceptable because CKB’s get_cells RPC already filters to only stealth-lock Cells.

scanStealthCells(cells, viewingKey, spendingPubKey, spendingKey)

Scan an array of stealth Cells and return the ones that belong to you.

deriveStealthPrivateKey(spendingKey, ephemeralPubKey, viewingKey)

Compute the private key that controls a specific stealth Cell.
Algorithm:
  1. S = viewingKey * ephemeralPubKey (shared secret)
  2. hashedSecret = SHA-256(S)not keccak256
  3. stealthPrivateKey = (spendingKey + hashedSecret) mod n

encodeStealthMetaAddress(spendingPubKey, viewingPubKey)

Encode two public keys into a CKB stealth meta-address string.
Format: st:ckb:{spendingPubKeyHex}{viewingPubKeyHex} — 132 hex chars (two 33-byte compressed secp256k1 keys), same structure as EVM.

decodeStealthMetaAddress(metaAddress)

Decode a CKB meta-address back into its component public keys.

End-to-End Flow


Names

.wraith name registration on CKB uses the Cell model. Each name is a live Cell whose type script identifies the name and whose data holds the stealth meta-address. Ownership is proven by the Cell’s lock script — whoever can spend the Cell owns the name. This is fundamentally different from EVM and Solana, where ownership is proven by a signature from the spending key.

hashName(name)

Compute the blake2b hash of a name string. The result is used as the type script args to identify the name Cell.

buildRegisterName({ name, spendingPubKey, viewingPubKey })

Build the type script and Cell data for creating a .wraith name Cell. Returns the type script object and the 66-byte data payload.
The type script returned uses the wraith-names-type code hash from the deployment config. The args field is hashName(name).

buildResolveName({ name })

Build the type script for querying a name Cell. Use this with the CKB get_cells RPC to find the Cell that holds a name’s meta-address.

metaAddressFromNameData(data)

Parse the 66-byte Cell data from a name Cell into its component public keys.
The data format is spendingPubKey (33 bytes) || viewingPubKey (33 bytes) = 66 bytes total.

Registering a Name

Ownership is determined by the Cell’s lock script. Whoever can spend the Cell controls the name. To transfer a name, consume the Cell and create a new one with a different lock script. No signature verification against the spending key is needed — the lock script handles authorization.

Resolving a Name

CKB Names vs Other Chains

CKB-Specific Considerations

  • Minimum capacity: A stealth-lock Cell requires at least 61 CKB due to the 53-byte args. Senders must send at least this amount.
  • No view tags: Every Cell must be fully checked. CKB’s get_cells RPC already filters by lock script code hash, so only stealth Cells are examined.
  • blake2b personalization: CKB uses "ckb-default-hash" as the blake2b personalization parameter. This must be included or hashes won’t match on-chain verification.
  • UTXO spending: Withdrawing means consuming the Cell and creating a new one at the destination. The transaction fee is deducted from the Cell’s capacity.
  • Name ownership: On CKB, name ownership is proven by the Cell’s lock script, not by a signature from the spending key like on EVM. Whoever can spend the name Cell controls the name.

Chain Deployments

getDeployment(chain)

Supported Networks

Fetching Stealth Cells

fetchStealthCells(chain?)

Fetches all live stealth Cells from CKB using the get_cells RPC method, filtered by the stealth-lock code hash. Handles pagination automatically.
This replaces the subgraph/event-based scanning used on other chains. CKB’s native indexer makes this efficient without external infrastructure.