What is SPECTER?
Start here if you’re completely new.
Integration Quickstart
Validate the core loop with copy-paste commands.
API Reference
Use endpoint schemas for implementation details.
Beginner Questions
What problem does SPECTER solve?
What problem does SPECTER solve?
Every blockchain transaction is public. If someone sends you crypto, anyone watching the chain can trace that payment back to you, see your balance, and track your activity.SPECTER solves this by creating one-time stealth addresses for every payment. The sender creates a fresh address that only the recipient can discover — observers see the transaction, but can’t figure out who received the funds.
Do I need to understand cryptography to use SPECTER?
Do I need to understand cryptography to use SPECTER?
No. You can use the frontend app and the API without any crypto knowledge. The cryptography runs in the background — you interact with simple API calls like “generate keys” and “create stealth address.”If you’re curious, the What is SPECTER? page has expandable sections that explain the crypto in simple terms.
What should I open first if I'm completely new?
What should I open first if I'm completely new?
Follow this path:
- What is SPECTER? — understand the concept in 5 minutes
- Explore the product — see it work in the live app
- Integration quickstart — run the API loop yourself
Is this a wallet? A token? A blockchain?
Is this a wallet? A token? A blockchain?
None of those. SPECTER is a privacy protocol — a set of tools (API, frontend, CLI) that generate private receiving addresses. It works on top of existing blockchains (Ethereum, Sui). You use your own wallet to send and receive funds — SPECTER just makes the addresses private.
What does 'post-quantum' mean?
What does 'post-quantum' mean?
Current encryption (like the kind used in Bitcoin and Ethereum) could be broken by future quantum computers. SPECTER uses ML-KEM-768, the NIST-standardized (FIPS 203) post-quantum encryption standard specifically designed to resist quantum attacks. This means your privacy stays safe even in a post-quantum world.
Can I try it without installing anything?
Can I try it without installing anything?
Yes! Just click Launch app and explore the full flow in your browser. No local setup, no downloads, no wallet required for testing.
Integration Questions
Which API endpoints do I need at minimum?
Which API endpoints do I need at minimum?
The core integration loop uses exactly 4 endpoints:
That’s it. Everything else (ENS, SuiNS, IPFS, Yellow) is optional and builds on this core.
| Step | Endpoint | Purpose |
|---|---|---|
| 1 | POST /api/v1/keys/generate | Generate recipient keys |
| 2 | POST /api/v1/stealth/create | Create stealth payment |
| 3 | POST /api/v1/registry/announcements | Publish announcement |
| 4 | POST /api/v1/stealth/scan | Discover payments |
Is authentication built into the API?
Is authentication built into the API?
No. The SPECTER API is stateless and does not include authentication. Add auth and rate limiting at your API gateway, reverse proxy, or application layer based on your security requirements.
Why does the publish endpoint require tx_hash?
Why does the publish endpoint require tx_hash?
The
tx_hash field serves as a unique identifier for duplicate protection in the registry. In production, this would be the actual on-chain transaction hash. For testing, you can use any unique hex string.Why does scan return no discoveries sometimes?
Why does scan return no discoveries sometimes?
Common causes:
- Wrong keys — the viewing/spending keys don’t match what was used during creation
- Missing publish step — the announcement was never published to the registry
- Payload mismatch — the fields sent to scan don’t match what was published
- Registry reset — the in-memory registry resets when the server restarts
Can I use SPECTER with my existing backend?
Can I use SPECTER with my existing backend?
Yes. SPECTER’s API is a standard REST API — call it from any language or framework. Common integration patterns:
- Node.js/Python backend → Call SPECTER API via HTTP from your server
- Frontend dApp → Call SPECTER API directly or through your backend proxy
- Mobile app → Same as frontend, use HTTP requests
What's the difference between API and CLI integration?
What's the difference between API and CLI integration?
- API: Best for production apps. Your backend calls SPECTER endpoints programmatically.
- CLI: Best for local testing, demos, CI/CD pipelines, and support debugging.
Product & Frontend Questions
Can I explore SPECTER without any local setup?
Can I explore SPECTER without any local setup?
Yes! Use the Launch app button and follow the Explore product guide. The hosted frontend connects to the live backend — no installation required.
When should I use the CLI instead of the frontend?
When should I use the CLI instead of the frontend?
Use the CLI when you need:
- Scripted automation — reproducible test flows
- CI/CD integration — smoke tests in your pipeline
- Support playbooks — reproducing user issues locally
- Benchmarking — the CLI includes a
benchcommand for performance testing
When should I use the API directly?
When should I use the API directly?
Use the API when your backend needs to:
- Control payment workflows programmatically
- Handle multi-user scenarios (e.g., a wallet serving many recipients)
- Integrate with existing services deterministically
- Process payments without user interaction
Does the frontend work on mobile?
Does the frontend work on mobile?
The frontend is a standard web app and works in mobile browsers. It’s optimized for desktop but functional on mobile screens.
Security & Privacy Questions
Is my spending key ever sent to the server?
Is my spending key ever sent to the server?
The spending secret key is used locally during the scan operation. The API does receive it for the scan endpoint in the current implementation — in a production deployment, you would perform scanning client-side or in a trusted enclave.
Can someone link my stealth addresses to my identity?
Can someone link my stealth addresses to my identity?
Not without your viewing key. Each stealth address is cryptographically unique and unlinkable from the public meta-address. Only someone with your viewing secret key can determine which stealth addresses belong to you.
What happens if quantum computers arrive?
What happens if quantum computers arrive?
SPECTER uses ML-KEM-768, a NIST-standardized post-quantum algorithm. Even with a quantum computer, an attacker cannot break the encryption to link payments to your identity. This is unlike classical stealth address protocols that rely on elliptic curves.
Is the registry stored on-chain?
Is the registry stored on-chain?
Currently, the registry supports two modes:
- In-memory — for development and testing (resets on server restart)
- File-based — for persistent local storage
Chain & Compatibility Questions
Which blockchains does SPECTER support?
Which blockchains does SPECTER support?
Currently: Ethereum and Sui. The core cryptography is chain-agnostic — only name resolution (ENS vs SuiNS) and on-chain settlement differ between chains.
Is Solana support available?
Is Solana support available?
Solana is on the roadmap but not yet implemented. Current backend flow focuses on Ethereum and Sui.
Can I use SPECTER with ENS names?
Can I use SPECTER with ENS names?
Yes. SPECTER includes ENS resolution — senders can look up a recipient’s meta-address using their
.eth name instead of pasting a long key. See the ENS setup guide.Can I use SPECTER with Sui Name Service (SuiNS)?
Can I use SPECTER with Sui Name Service (SuiNS)?
Yes. Sui name resolution works the same way as ENS — look up meta-addresses by
.sui names. See the SuiNS setup guide.Current Scope Questions
Are roadmap features already implemented?
Are roadmap features already implemented?
No. The following are planned but not yet built:
- OAPA (One Address Per Application)
- PQ account abstraction wallet
- Privacy keystore
- Migration contracts
Are Yellow channels fully settled on-chain?
Are Yellow channels fully settled on-chain?
Not yet. The Yellow close flow currently returns placeholder transaction fields and depends on external Yellow Network processing. This is functional for testing the API contract.
Is the file-based registry production-ready?
Is the file-based registry production-ready?
The file-based registry is suitable for local development and testing. For production use, you’d want a database-backed registry with proper replication and access controls.