Curvy is a privacy infrastructure for EVM-compatible blockchains. The Curvy SDK is the developer surface for that protocol: it generates stealth meta-addresses, derives per-payment destinations, scans announcements, and signs from the resulting addresses, across every chain Curvy supports.
If you are integrating private payments into a wallet, payroll tool, merchant flow, agent platform, or treasury application, this is the layer you will spend the most time with. This post walks through what the SDK does, how to install it, and the four operations that cover almost every integration.
A working integration usually takes a developer between 30 minutes and half a day, depending on how much UI polish you want.
What the Curvy SDK does
The SDK is a TypeScript library with first-class support for Node.js and modern browser environments, plus a Rust crate for server and embedded use. It handles four things:
It generates and manages stealth meta-addresses on behalf of recipients.
It derives single-use stealth destinations from a meta-address on the sender side, so payments land at fresh addresses every time.
It scans Curvy’s on-chain announcement registry on the recipient side, so users find their incoming payments without revealing what they are scanning for.
It derives the per-address private key needed to spend from a received stealth address, on demand.
Everything else — submitting transactions, custody, UI — uses your existing tooling. The SDK is intentionally thin around the privacy primitive.
Install
npm install @0xcurvy/sdk
# or
pnpm add @0xcurvy/sdk
# or
yarn add @0xcurvy/sdk
The package is published from the github.com/0xCurvy/sdk repository. Releases are signed and changelogged, and the audit reports are linked from the README.
Initialize
import { Curvy } from ‘@0xcurvy/sdk’
const curvy = new Curvy({
chain: ‘ethereum’, // ‘ethereum’ | ‘base’ | ‘arbitrum’ | ‘polygon’ |
// ‘optimism’ | ‘bsc’ | ‘linea’ | ‘gnosis’
rpcUrl: process.env.RPC_URL,
})
The SDK reads chain-specific protocol addresses from a bundled registry. You can override them for testnets or local forks via the addresses option.
The four operations
1. Generate a meta-address
Recipients run this once. The result is a meta-address (publishable, the same way you would publish an ENS name) plus a spending key and viewing key (private, stored alongside any other key material).
const { metaAddress, spendingKey, viewingKey } = await curvy.generateMetaAddress()
A common pattern is to derive the spending key from an existing wallet so users do not have to manage another seed phrase. The SDK supports BIP-32-style derivation against any provider that exposes a signer.
2. Compute a stealth destination on the sender side
Senders take a recipient’s meta-address and produce a single-use destination plus an announcement.
const { stealthAddress, announcement } = await curvy.computeStealthAddress({
metaAddress: recipientMetaAddress,
})
The sender then submits a normal transfer to stealthAddress and posts announcement to the protocol so the recipient can find the payment. Both can happen in the same transaction.
3. Scan for incoming payments on the recipient side
Recipients run a scanner against Curvy’s announcement contract using their viewing key.
const incoming = await curvy.scan({
viewingKey,
fromBlock: lastScannedBlock,
})
for (const payment of incoming) {
// payment.stealthAddress, payment.token, payment.amount,
// payment.txHash, payment.announcement
}
Scanning is read-only. The viewing key never has to leave the scanner process, and it can be given to a hosted scanning service without exposing spending authority.
4. Spend from a received stealth address
When the recipient is ready to spend, the SDK derives the address-specific private key on demand:
const privateKey = curvy.derivePrivateKey({
spendingKey,
announcement: payment.announcement,
})
From here, sign and submit transactions with whatever library you already use — viem, ethers, web3.js, or a wallet abstraction layer like AA bundlers.
Patterns that come up
Wallet integration. A wallet team typically adds a “Receive privately” toggle that exposes the user’s meta-address as a payment endpoint, plus a background scanner that surfaces incoming stealth payments alongside normal balances. Users see one inbox; the SDK handles the privacy underneath.
Payroll and contributor payouts. Payroll tools generate per-contributor stealth payments from a meta-address the contributor publishes once. The contributor’s main wallet never appears on the payroll’s transaction history, which removes a category of leak we have seen burn teams.
Merchant checkouts. Merchants accept payment by displaying a meta-address rather than a static wallet. Each customer’s payment lands at a fresh address; refunds go back via the customer’s stealth meta-address if they share one.
Agent infrastructure. Agent platforms typically separate the scanner (viewing key only, runs in standard cloud infrastructure) from the signer (spending key, runs in an HSM or threshold-signing setup). The SDK supports this split natively. There is more on this pattern in the agent payments walkthrough.
Treasury and DAO operations. Treasuries pay vendors and contributors out of stealth addresses without publishing a quarterly compensation table to anyone with a block explorer. View keys can be shared with auditors for selective disclosure.
Compliance and selective disclosure
The Curvy SDK exposes the building blocks for compliance-friendly disclosure: proof of receipt to a specific counterparty, source-of-funds attestation, and view-key-scoped audit access. None of this is bolted on; it falls out of the underlying cryptography.
const proof = await curvy.proveReceipt({
spendingKey,
payment,
toCounterparty: counterpartyAddress,
})
The full reference is in the compliance toolkit docs. For teams whose legal counsel needs to evaluate the design, the threat model is documented end-to-end with explicit non-goals and disclosure paths.
Performance notes
Stealth-address derivation is cheap, sub-millisecond on commodity hardware. The bottleneck in any integration is scanning, because the recipient is reading every announcement on the chain since their last checkpoint and filtering with their viewing key.
The SDK ships with a default scanner that handles batching, range queries, and resumption against any standard RPC. For high-volume recipients (busy merchants, agent platforms, large payrolls) we publish a managed scanner endpoint that returns only matched announcements, which reduces RPC load to a single subscription.
Audits, gas profiles, and benchmark runs are published in the contracts repository.
Getting help
The fastest path to a working integration is the Curvy SDK quickstart, which has a runnable example end-to-end. Issues and feature requests go in github.com/0xCurvy. Integration support for production builds is available through curvy.box.
If your stack is not TypeScript, the Rust crate covers the same surface area. Other language bindings (Go, Python) are tracked on the SDK roadmap.
Frequently asked questions
What is the Curvy SDK?
The Curvy SDK is the developer library for integrating Curvy Protocol’s stealth-address private payments into an EVM application. It handles meta-address generation, sender-side derivation, scanning, and per-address key derivation.
Which languages does the Curvy SDK support?
TypeScript and JavaScript are first-class. A Rust crate is published for server and embedded use. Additional language bindings are on the roadmap.
Which chains does the Curvy SDK support?
Solana, Ethereum, Base, Arbitrum, Polygon, Optimism, BSC, Linea, and Gnosis at the moment. New chains are added on a rolling basis.
Is the Curvy SDK open source?
Yes. The SDK and the underlying contracts are open source under permissive licenses at github.com/0xCurvy.
Does the Curvy SDK require a token or staking?
No. There is no Curvy token. The SDK and protocol are usable on any supported chain with normal gas.
How is the Curvy SDK audited?
The contracts and SDK have been audited by independent firms. Reports are published in the contracts repository and the docs site.
Curvy is a privacy infrastructure for EVM-compatible blockchains. The SDK and protocol are open source at github.com/0xCurvy. Documentation is at docs.curvy.box.