How can I detect which customer has made a payment using only one receiving address?

0

How can I detect which customer has made a payment using only one receiving address?

Can I embed a unique special message in the QR code (like a nonce) which I'll match against my database? Does it make any sense or is it too problematic (bitcoin client not embedding the message, unable to read the transaction message from the blockchain, etc..etc..)

If that's not an option, does it make any sense to embed a unique code on the least significant satoshis? (let's say the last 3 satoshis if I expect on average less than 1000 transactions occurring at the same time)

Gianluca Ghettini

Posted 2016-08-06T18:36:44.027

Reputation: 292

I assume you're asking how to detect which customer has made a payment? – Nick ODell – 2016-08-06T18:59:00.833

yes exactly, how to detect which customer. I edited the title – Gianluca Ghettini – 2016-08-06T18:59:50.243

2If you're going as far as wanting to change the QR code for each customer, why can't you just give each customer a unique address? That's the only guaranteed way. – Pieter Wuille – 2016-08-06T19:15:48.407

I don't have an instance of bitcoind available. maybe a pool of many addresses could be a viable solution – Gianluca Ghettini – 2016-08-06T19:18:13.933

Is there a specific reason why you can't give out more than one address? – Murch – 2016-08-06T19:18:30.143

I can't create new addresses on the fly – Gianluca Ghettini – 2016-08-06T19:19:00.473

So, perhaps your actual question is "How do I create new addresses on the fly but keep my private keys safe?"? :) Otherwise, if you say no more than 1000 transactions occurring at the same time, you might be able to solve it by having several thousand in the backlog. – Murch – 2016-08-06T19:21:00.437

I assumed I can't create new addresses while not storing the private key on the website. I'm talking about a php webapp – Gianluca Ghettini – 2016-08-06T19:22:51.477

That assumption is not correct. ;) There are ways to derive any number of public keys from a master public-key. The php library that UTF-8 suggests below can do that. – Murch – 2016-08-06T21:40:54.890

Answers

3

You said you can't create new addresses on the fly but you also said you're using PHP. It's really easy to do it, just take a look at bitwasp/bitcoin-lib and give out a new address for every purchase. You can also create a functional mapping between a purchase id in your database and a bitcoin address really easily so you don't have to store the address used for each purchase.

Using the least significant digits of a transaction is a really bad idea. Not only because that'll cause a lot of trouble if people don't pay but also because you can't be sure that the wallets of all your customers support sending a very precise amount of BTC. Furthermore you'd have to discourage people from simply rounding up because they're too lazy to type in the exact value (if they have to type that in).

UTF-8

Posted 2016-08-06T18:36:44.027

Reputation: 3 046

brilliant! so I can create a bitcoin payment processor using php and a cron job (no bitcoind daemon required). I always forgot that an address is not a public key – Gianluca Ghettini – 2016-08-06T22:10:52.370

so basically given a generic transaction id I can deterministically derive the corresponding address (for a specific public key) – Gianluca Ghettini – 2016-08-06T22:15:10.633