One-Time Pseudonym

Each transaction uses a fresh, unique address, severing the on-chain link between a user's different actions. This prevents transaction graph analysis, where adversaries connect addresses by analyzing payment flows. For example, sending funds to an exchange and later receiving funds from a DeFi protocol would appear as unrelated events.

Receivers generate a unique, one-time deposit address for each payer using cryptographic techniques like Diffie-Hellman key exchange. The payer sends funds to this stealth address, which only the intended receiver can spend from using their private view key and spend key. This is a core mechanism in protocols like Monero and Zcash's shielded transactions.

By breaking the transparent history trail of coins, one-time pseudonyms improve fungibility—the property where each unit of a currency is interchangeable. Without them, coins can be tainted by association with prior illicit activity, potentially leading to censorship by exchanges or protocols. This makes all coins equal and private in practice.

Protects the privacy of both parties in a transaction.

• Sender Privacy: The sender's main wallet address is not revealed on-chain.
• Receiver Privacy: The receiver's main balance and transaction history remain hidden, as funds are sent to a new, unlinked address. This dual protection is superior to simple address reuse.

Relies on advanced cryptography rather than obfuscation. Common implementations use:

• Elliptic Curve Cryptography (ECC) for key generation.
• Zero-Knowledge Proofs (e.g., zk-SNARKs in Zcash) to prove transaction validity without revealing addresses or amounts.
• Ring Signatures (e.g., in Monero) to hide the true signer among a group.

Unlike privacy mixers or CoinJoin, which batch and shuffle transactions, one-time pseudonyms provide privacy at the protocol level for individual transactions.

• Advantage: No need to coordinate with other users or trust a mixing service.
• Trade-off: Can require more complex wallet software and generate larger transaction sizes, potentially increasing fees.

Monero employs ring signatures to create one-time pseudonyms. A transaction is signed by a group (the ring), making it computationally infeasible to determine which member's key was the true spender. Combined with stealth addresses, this breaks the link between transactions on the ledger.

This Ethereum mixer used zero-knowledge proofs to allow users to deposit and withdraw funds to a new, unlinked address. The protocol generated a zk-SNARK proof that the user had made a deposit without revealing which one, creating a one-time pseudonym for the withdrawal.

In blockchain-based voting systems, a voter can be issued a one-time pseudonym (a blind token) to submit a ballot. This ensures:

• Anonymity: Votes cannot be linked to voter identities.
• Uniqueness: Each pseudonym can only be used once.
• Verifiability: The tally can be publicly audited without compromising privacy.

A user can generate a unique pairwise pseudonymous identifier for each service they interact with (e.g., a DeFi protocol, a social dApp). This prevents service providers from colluding to build a composite profile of the user's activity across different platforms.

Protocols like Mimblewimble (used by Grin and Beam) aggregate transactions and use Pedersen Commitments to hide amounts. Senders and receivers interact to create a one-time transaction kernel that validates the transfer without revealing the specific input-output links, enhancing fungibility.

The primary use case is to break the on-chain link between a user's persistent address and their individual actions. For a single payment or vote, a one-time pseudonym is generated, making it impossible for observers to connect that specific transaction to the user's main wallet or other transactions they have made.

These pseudonyms are often generated and verified using zero-knowledge proofs (ZKPs). A user proves they own a valid credential or sufficient funds in a private "master" account without revealing it, authorizing a transaction to be signed by a fresh, one-time address. This is a core mechanism in zk-SNARKs-based privacy protocols like Zcash's shielded transactions.

It is critical to distinguish this from a persistent pseudonym (e.g., an ENS name or a long-term wallet address).

• One-Time: Ephemeral, used once, prevents activity correlation.
• Persistent: Reusable, builds reputation, but creates a permanent activity trail. This distinction is fundamental for analyzing privacy guarantees.

Ideal for private voting in DAOs or on-chain governance. Each voter can cast a ballot using a unique pseudonym, proving their right to vote without revealing how any specific individual voted. This prevents coercion and vote-buying while maintaining the integrity of the vote count.

Protocols like ERC-5564 (Stealth Addresses) automate the creation of one-time pseudonyms for payments. A sender can generate a unique stealth address for a recipient, which only the recipient can discover and control using their private key. All funds sent to that user land at different, unlinkable addresses.

While powerful for privacy, one-time pseudonyms have trade-offs:

• No Built-in Reputation: Each interaction is from a "new" entity.
• Complex Key Management: Requires systems to manage many private keys for discovery.
• Regulatory Scrutiny: Can conflict with Travel Rule or AML requirements that demand transaction counterparty identification.

A one-time pseudonym functions as a fresh, unlinkable address for each action. Unlike a persistent public key, it prevents transaction graph analysis by breaking the chain of identifiable on-chain activity. This is a fundamental tool for achieving unlinkability, a key property in privacy-preserving systems.

Stealth addresses are a primary implementation. The sender generates a unique, one-time receiving address for the beneficiary using their public key and a random nonce. Only the intended recipient, using their private view key, can detect and spend from this address. This prevents third parties from linking multiple payments to the same recipient.

While enhancing privacy, one-time pseudonyms create management overhead. Users must securely track numerous keys or rely on a deterministic wallet to regenerate them. Loss of the master key or view key can result in permanent loss of access to funds sent to all derived one-time addresses.

One-time pseudonyms protect on-chain linkage but do not conceal transaction metadata visible to nodes and network observers. This includes:

• Transaction amount and fee
• Timestamp and block inclusion
• Interaction with known smart contracts (e.g., a specific DEX or mixer)
• Network-level IP data if not using Tor or a VPN.

For robust privacy, one-time pseudonyms are combined with other protocols:

• Confidential Transactions: Hide transaction amounts.
• zk-SNARKs/zk-STARKs: Prove validity without revealing details.
• CoinJoin/Mixers: Obscure the trail of funds through pooling.
• Decoy Selection: As used in Monero's RingCT, to hide the true input among decoys.

From a regulatory standpoint, one-time pseudonyms and the privacy they enable present challenges for Travel Rule compliance and anti-money laundering (AML) efforts. Protocols like zk-proofs of compliance are emerging to allow users to prove legitimacy (e.g., sanctions list non-inclusion) without revealing their entire transaction history.