Privacy is the most important aspect of Chameleon. Two properties which a privacy chain must satisfy are as follows:
- Untraceability: for each incoming transaction all possible senders are equiprobable.
- Unlinkability: for any two outgoing transactions it is impossible to prove they were sent to the same person.
Currently, Chameleon only satisfies the untraceability property. The payment address is used directly to receive assets in each transaction. Therefore, anyone can monitor all incoming transactions belonging to a person.
One-time Address
To satisfy unlinkability property, the payment address must never be used directly. Instead, a unique one-time payment address (OTA) is used for each transaction output to be sent to a person.
Let’s consider a simple transaction payment from Alice to Carol.
- Alice wants to send a payment to Carol and Alice knows Carol’s payment address.
- Based on the payment address, Alice generates a unique one-time address for this transaction (a Diffie-Hellman-like exchange is applied to generate).
- Alice creates and sends a payment to this OTA.
- Carol checks every passing transaction with his private key and confirms which transaction send to him.
- Only Carol can recover the one-time private key to use this payment later.
Because the OTA is unique for each transaction, the unlinkability is satisfied for every private transaction in Chameleon Chain.