privacy address
Show the wallet's derived Grumpkin private address. Beam derives this from the EVM key — there's no separate Grumpkin keystore.
Usage
$ beam --chain payy-testnet privacy address
Prints the active wallet's private address as a canonical 32-byte compact Grumpkin public-key string.
Derivation
Beam derives every wallet's privacy key from its EVM key using the canonical domain-separated rule:
keccak256("payy/grumpkin/v1" || evm_key_bytes)
reduced into the Grumpkin scalar field. The result is the wallet's Grumpkin private key. The on-chain note owner is Poseidon(pubkey_x, pubkey_y).
Beam does not store a separate Grumpkin private key. The same encrypted EVM keystore at ~/.beam/wallets.json is the source of truth.
Flags
--from <wallet|address|ens>— pick a different wallet for this command.--chain <name|id>— must be a privacy-capable chain.--format json— emit the address as a structured payload.
Notes
beam privacy addressuses the same password prompt and keystore integrity checks as other signing commands.- The private address is separate from your EVM address and the on-chain note owner hash. Commands that need a recipient for a private send accept the private-address wire form.
- Beam never treats an EVM address as a private-note owner. Private ownership is always derived from the decoded Grumpkin public key.