Coin Control and Websites

How did Satoshi stay a mystery while transacting on the very public bitcoin blockchain? He took his own advice. He practiced coin control. Nowadays, it’s a long lost art. It’s like a hospital full of patients yelling for new antibiotics and not washing their hands after taking a dump.

Last time, I gave the three rules of coin control. This time, I’ll deal with a problem that arises thereof. You’re not supposed to reuse addresses, but, then, how do you put an address on a website? Edit it every few days?

Overview

We are, in truth, spoilt for choice. There is no excuse for plonking a single bitcoin address on your website. Which way you choose hangs on the amount of upkeep you are happy doing, and whether you need to care for your interlocutor’s privacy.

I will deal with four ways to get bitcoin at a new address every time from people visiting your website.1

  1. Paynyms
  2. Silent Payments
  3. BTCPay Server
  4. Bitcoin in the mail

The topic can turn into a big geek-out. I will make it more earthy by using two examples throughout: Andrew, a blogger; and Seina, a dissident journalist.

A 2x2 table with pictures in the first column and descriptions of those pictures in the second column. In the upper left, we see a smiling, 20-something man picking herbs in a sparse, sunny forest. He has short light brown hair and stubble. The description states: Andrew has a blog which teaches people about foraging: notawildcarrot.blog. He accepts crypto donations on the blog. Andrew is not tech-savvy. I will call his interlocutors 'anon donors'. In the lower left, we see a smiling, 30-something woman, with short, dyed-red hair, big black earrings, typing at a laptop in a small, shoddy office. She wears a tight blue polo shirt. In the background, hanging on the wall, is a big red and white Basque flag with 'Askatasuna orain!' on it. The description states: Seina is a journalist and writer for Askatasuna Orain!, a radical Basque-Independence magazine. She is on a governmental watchlist. She gets regular payments from a few 'covert benefactors'. They, too, might be at risk if found out. Seina is tech-savvy.
Andrew (top) has a blog about foraging and gets anonymous donations. Seina (bottom) writes for a pro Basque-Independence magazine and has covert benefactors. Both need to publish a bitcoin address on a website.

1. Paynyms

Overview

A Paynym looks like this:

+victoriouspermission97

(If that looks familiar, it's mine.)

That username takes the place of all your recieving bitcoin addresses. It’s simple. It hides a lot of complexity. It lets the person sending you bitcoin make a secret set of addresses. Only he or she and you know that these addresses are yours.

There are about one million bitcoin transactions per week. Let’s say a handful of those are from your donors. With Paynyms, it’s not even a needle in the haystack. This is a strand of hay in a haystack.

Hassle?

Yes and no.

Overall: no, using Paynyms is a breeze. Setting up a Paynym is a hassle nevertheless. You need to use specialized software. You need a Dojo server and a Paynym-compatible client, e.g. Ashigaru. If you can’t run your own Dojo server, don’t worry; there are free, legit, public ones at dojobay.pw.

“Hey Andrew! Here’s my advice on Paynyms...”

On the left side is a close up of Andrew looking mildly surprised. On the right side, it states: Good choice. Paynyms make it easy for anon donors. You just publish your paynym once, and then people use that forever. There's no ongoing upkeep, so you'll like that.

Hey Seina! Here's my advice on Paynyms..."

On the left side is a close up of Seina looking worried. On the right side, it states: There is a risk to your covert benefactors. If they use an old, well-known bitcoin address, then they might be doxed. A good app blocks this. I would be safe rather than sorry and give paynyms a miss.

Paynym Takeaway:

2. Silent Payments

Overview

Silent Payments are like monero (XMR) for bitcoin (BTC). It works much the same.

Everything begins with a long string of alphanumeric text. You have a unique one. You put it on your website. Something like this:

sp1qqweplq6ylpfrzuq6hfznzmv28djsraupudz0s0dclyt8erh70pgwxqkz2ydatksrdzf770umsntsmcjp4kcz7jqu03jeszh0gdmpjzmrf5u4zh0c

This works magic. Like Gandalf, it’s never far away, in the background, ready to help. I mean that this address is all that’s needed to calculate all the secret addresses.

Silent Payments do need specialized software, but not much. “No server required” as they say.3 All one needs is a client app which handles Silent Payments. In my opinion, Cake Wallet is the best.

Hassle?

Setting it up is easier than Paynyms. One just turns on Silent Payments in the app. After that, unlike for Paynyms, Silent Payments becomes a bigger hassle. The Silent Payments protocol means that any transaction might be to you; there’s no foreknowing. The blockchain must be scanned for clues in every transaction. It slows down the app. This is true for both payor and payee.

Hey Andrew! Here is my advice on Silent Payments...

On the left side is a close up of Andrew looking thoughtfully serious. On the right side, it states: This is a a cool option, but is not quite right for you. It could piss off some of your anon donors. If they feel coerced into turning on Silent Payments, and notice the slow-down, and the need to sync before paying, they might feel resentful.

Hey Seina! Here is my advice on Silent Payments...

On the left side is a close up of Seina looking like she is listening closely. On the right side, it states: Silent Payments are perfect for you. Your covert benefactors are protected. It's really simple for them to get the 'magic' address from your website. Meanwhile, you don't need to worry about setting up servers.

Silent Payments Takeaway:

BTCPay Server

Overview

BTCPay Server is a program which works a lot like Stripe or Square; it processes payments. It hands out new addresses automatically.

Of all the solutions I mention, BTCPay Server is the most popular.

One runs it on a home server, or a VPS.4 One may even pay for it as a service, but then one doesn’t control one’s bitcoin. I don’t like to recommend a solution without self-custody, unless the alternative is a descent into inflationary fiat hell.

Hassle?

Quite a lot. The easiest way is a Start 9 home server. That still ropes in a fair amount of time and effort. You could pay someone to help, or try the public forum.

The bigger problem is the ongoing upkeep. Shit happens; you’ll need to be open to the likelihood of hours spent fixing a problem or hundreds of dollars in I.T. support.

Hey Andrew! Here's my advice about BTCPay Servers

On the left side is a close up of Andrew doing an amused face palm. On the right side, it states: Clearly, you don't want the hassle of running your own server. You could go for a 3rd party software-as-a-service. I doubt it's worth it.

Hey Seina! Here's my advice about BTCPay Servers

On the left side is a close up of Seina On the right side, it states: More trouble than it's worth for you. First, if you host your own server, then it can be nimmed by the powers-that-be. Second, it does not guarantee sender-privacy. This is more a solution for merchants expecting a lot of transactions.

BTCPay Server Takeaway:

Bitcoin in the mail

Overview

People forget about this one. You can safely send bitcoin in the mail!

Normally, the way crypto works is that you hand over your bitcoin address to the payor. Crypto in the mail works differently. You don’t give the payor your address. The payor at first pays him- or herself in the comfort of his or her own home. He or she does so with a new crypto address; a QR code printed on paper. Then, this QR code, preloaded with bitcoin (BTC) is sent in the mail.

I said ‘safely’. How safe is snail mail? Turns out, very. You can password-protect the paper wallet. This password-protection is called ‘BIP38 Encryption’. Look for a tick box saying that.5

Bitcoin paper wallets look nice by the way.

Example of bitcoin (BTC) paper wallets.

I do a simplified version at my website here, but it’s for litecoin (LTC).

Hassle?

Getting a P.O. Box.

Hey Andrew! Here's my advice on bitcoin in the mail..."

On the left side is a close up of Andrew looking mildly surprised. On the right side, it states: Be careful. You will need a P.O. box. A P.O. box is often linked to a home address. You don't want to open that can of worms. If you are willing to use a bit of cunning and can get a P.O. box unlinked to your home address, then absolutely it is a good idea.

Hey Seina! Here's my advice on bitcoin in the mail...

On the left side is a close up of Seina looking happily curious. Do it! You already have a P.O. box for your magazine. People can send anonymously and even protect the paper bitcoin with a password, so that, if stolen en route, the paper bitcoin is useless. This old-school tech might be the best of all!

Bitcoin in the Mail Takeaway:

Other Options

Javascript/ Python

You can code your way out of this problem. A.I. will help. Your webpage can insert new bitcoin addresses every week.

Bitcoin over Lightning (BTC-LN)

In my opinion, everyone taking in donations should offer BTC-LN. I didn’t make it one of the options herein, because bitcoin over Lightning is in a different field; it’s not to do with addresses and coin control. It does protect sender-privacy.

Final Thoughts

I would offer BTC-LN, and then two of the options mentioned. Give people the choice.

Next time, I’ll add another option; a neat, D.I.Y. trick: OpenAlias with automated addresses.

  1. This would also work for a social media profile. Some of the ways just work; others would need a hyperlink to a webpage. If you don’t have your own website, you could use a free, public one, like neocities.org or carrd.co. (Return)
  2. Maybe by the time you read this all Paynym apps will block sloppy reuse of a well-used bitcoin address for the sender’s initial transaction. I believe that this risk will be almost zero in the future. (Return)
  3. Source   (Return)
  4. Virtual Private Server. A server in a data centre somewhere which you manage yourself. To save money, it is just one piece of software sharing the same hardware with others. In other words, for one rack-mounted server, there might be 10 virtual servers hired by different people. (Return)
  5. Given enough time, e.g. weeks, the password can be brute-force guessed. Use a strong password of at least 12 characters with multiple numbers and at least one symbol, e.g. swap out each letter ‘a’ for ‘@’. (Return)

Back to the index of blog posts

Tags