Skip to content

NEAR Privacy Analysis

Privacy threat model and mitigation strategies for NEAR Intents integration with SIP Protocol.

NEAR 1Click API provides intent-based cross-chain swaps but exposes several data points that compromise privacy. SIP Protocol’s stealth addresses and Pedersen commitments can shield recipient identity and amounts, but structural limitations remain at the intent broadcast level.

When a quote is requested via 1Click API, the following data is exposed to the solver network:

Data PointVisibilityPrivacy Impact
Source assetFullLinks to source chain identity
Destination assetFullReveals trading intent
Input amountFullExact value exposed
Output amount (min)FullReveals expected value
Refund addressFullLinks to source identity
Recipient addressFullWithout SIP: links to destination identity
Slippage toleranceFullMinor information leakage
DeadlineFullTiming information
Data PointSource ChainDestination Chain
Input amountVisible in deposit txN/A
Output amountN/AVisible in settlement tx
Deposit addressVisible (temporary)N/A
Recipient addressN/AVisible (one-time if stealth)
Verifier interactionN/AVisible on NEAR
  1. Timing Correlation: Quote request → Deposit → Settlement creates timing fingerprint
  2. Amount Correlation: Input/output amounts can be correlated even across chains
  3. Volume Analysis: Large or unusual amounts stand out
  4. Pair Analysis: Uncommon asset pairs reduce anonymity set

Adversary: Malicious or compromised solver Goal: Build profile of user trading activity Method: Log all quotes, correlate by refund address Data Obtained:

  • Full trading history by address
  • Asset preferences
  • Trading volume
  • Timing patterns

Risk Level: HIGH

Mitigation:

  • Use fresh addresses for refundTo (partial)
  • Cannot hide amounts or assets from solvers
  • SIP adds no protection at quote request level

Adversary: Blockchain analyst Goal: Link source and destination identities Method: Correlate input amounts, timing, and output amounts Data Obtained:

  • Link between source chain address and destination address
  • Transaction graph spanning multiple chains

Risk Level: HIGH (without SIP), MEDIUM (with SIP stealth addresses)

Mitigation:

  • Stealth Addresses: Destination is one-time, unlinkable
  • Timing Noise: Still vulnerable to timing correlation
  • Amount Correlation: Input amounts visible; output hidden only if destination supports shielded pools

Threat 3: Intent Broadcast Deanonymization

Section titled “Threat 3: Intent Broadcast Deanonymization”

Adversary: Network observer Goal: Identify who is swapping what Method: Monitor intent broadcast to solver network Data Obtained:

  • IP address (if not using Tor/VPN)
  • Full intent parameters
  • Correlation with subsequent on-chain activity

Risk Level: MEDIUM

Mitigation:

  • Use Tor/VPN for network privacy
  • Intent parameters still exposed to solver network

Adversary: On-chain analyst Goal: Link deposits to swaps Method: Track deposits to known 1Click deposit addresses Data Obtained:

  • Confirmation user is using 1Click
  • Input amounts and source addresses

Risk Level: LOW-MEDIUM

Mitigation:

  • Deposit addresses are per-quote (somewhat ephemeral)
  • Still links source address to swap activity
ModeSolver PrivacyOn-Chain SourceOn-Chain DestOverall
Vanilla 1ClickNoneVisibleVisiblePOOR
+ Stealth RecipientNoneVisibleUnlinkableFAIR
+ Shielded Output (Zcash)NoneVisibleHiddenGOOD
Full SIP (future)PartialCommitmentHiddenEXCELLENT

Implementation:

// Generate fresh stealth address for each swap
const { stealthAddress, ephemeralPublicKey } = generateStealthAddress(recipientMetaAddress)
// Use stealth address in 1Click quote
const quote = await oneClickAPI.quote({
recipient: stealthAddress,
recipientType: 'eth', // or destination chain
// ... other params
})

Privacy Gain: Destination address is one-time, cannot be linked to recipient’s public meta-address.

Limitation: Input side still visible; solver sees output address (just can’t link it).

When solvers support Pedersen commitments:

// Hide amount in commitment
const { commitment, blinding } = commit(outputAmount)
// Intent with hidden amount
const intent = {
destinationAsset: '...',
outputCommitment: commitment, // Instead of plaintext amount
proof: generateRangeProof(outputAmount, blinding),
}

Privacy Gain: Solvers verify amount is valid without knowing exact value.

Limitation: Requires solver protocol changes (not currently supported).

For regulated scenarios:

// Generate viewing key for intent
const viewingKey = generateViewingKey(derivationPath)
// Create intent with encrypted data
const encryptedData = encryptForViewing({
inputAmount,
outputAmount,
recipient,
}, viewingKey)
// Share viewing key with compliance officer
shareViewingKey(viewingKey, auditorPublicKey)

Privacy Gain: General public sees nothing; auditors see everything.

Concept: Combine multiple intents into a batch where individual mappings are hidden.

Implementation Considerations:

  • Requires coordination protocol
  • Introduces latency
  • Needs critical mass of users

Even with all mitigations, these risks remain:

  1. Solver Network: Solvers must see something to provide quotes
  2. Timing Patterns: Cross-chain timing correlation is fundamentally hard to prevent
  3. Volume Fingerprinting: Large swaps are identifiable regardless of address privacy
  4. Chain-Specific Leakage: Some chains have no shielded pools
Use CaseRecommended ModeResidual Risk
Personal privacyStealth addressesTiming correlation
Business transactionsCompliant mode + viewing keysAuditor has full visibility
High-value transfersWait for full SIP implementationCurrent: high exposure
Frequent tradingAccept limited privacyProfile buildable over time
  1. Always use stealth addresses for recipient
  2. Rotate refund addresses when possible
  3. Document privacy limitations clearly to users
  4. Log nothing on client side
  1. Implement timing randomization for quote requests
  2. Add decoy quote requests (if economically feasible)
  3. Support Tor integration for network privacy
  1. Propose commitment-based quotes to NEAR Intents team
  2. Implement batch aggregation if user base supports
  3. Integrate with Zcash shielded pools for destination

NEAR 1Click API provides significant privacy exposure at the intent broadcast level. SIP Protocol can effectively shield the destination side using stealth addresses, but input amounts and source identities remain visible. Full privacy requires protocol-level changes to support commitment-based intents.

Current Privacy Level: FAIR (with stealth addresses) Achievable Privacy Level: GOOD (with Zcash destination) Ideal Privacy Level: EXCELLENT (requires protocol evolution)