I'm investigating (and doing security analysis on) #bitcoin whisper addresses. Every transaction goes to different address but unlike publishing your xpub, these addresses are not linkable to one another.

The drawback is that the sender needs to send the recipient a number. Without that number, the recipient will never be able to find nor access the money.

If other people were able to get ahold of this number, they would NOT be able to see any money movement; it has to be combined with the recipient's private key to be of any use.

The thing I need to go through in detail is the ECC part. I think it's solid, but my knowledge of ECC is very practical and less theoretical, so I want to review what the academic cryptographers have to say about these operations and their theoretical safety. I just want to make sure they are not any weird edge cases before I really start promoting whisper addresses.