Posted on

Bitcoin Static Donation Addresses Suck

Are you doing some form of work online or fundraising and accepting Bitcoin? Great choice. However, be wary of this very common, but bad practice.

Have you seen Bitcoin donation addresses listed as a single address? I certainly have, from Twitch streamers, to YouTubers, to organisations, and even many bitcoiners. You should know, this is not the recommended practice!

Why are Bitcoin Static Donation Addresses Bad?

By publishing your donation address, you are:

  1. Linking a bitcoin address to your real world identity
  2. Inducing address reuse – a very bad practice for bitcoin privacy

Note that once you have posted an address publicly, it will forever be linked to you. The internet is forever, remember? There are all manner of people who can be hoovering up this information, and tagging it to build future profiling data on who is using what address. This could include blockchain surveillance companies (who might sell this data), or it could include ‘white hat’ privacy activists tagging addresses over at OXT.me. For example, see OXT – Latest Annotations:

Entities and addresses can be clustered based on publicly available information

Once they figure out one of your addresses, it is much easier for an outside observer/attacker to try and ‘cluster your addresses’ and figure out what else you are doing. Depending on how you use those donated funds, an outside attacker might be able to figure out your bitcoin balance or future transactions. Check out my podcast interview SLP130 with ErgoBTC here.

You’re not just harming your own privacy

Remember, when you use a static donation address, it doesn’t only harm your privacy, it harms the privacy of other people who also donate to your publicly listed address.

What is a better practice?

You should use bitcoin software that generates a new address for each donor to pay into. This helps preserve your own privacy, and the privacy of your donors!

What should people use instead?

Here are two better practices:

  1. Use Samourai Wallet PayNyms (less set up time for you, but a little harder for the donor)
  2. BTCPayServer (a little more set up time for you, but easier for donors)

Samourai Wallet PayNym

Samourai Wallet is my favourite bitcoin wallet for Android phones. This wallet includes a feature known as PayNyms (based on BIP47 Reusable Payment Codes), which allows you to publicly post your PayNym without doxing your bitcoin addresses.

For example, here is my PayNym Bot: +latecredit1C6 and PMT code: PM8TJMtnfHWe78GUEiCSkrp96Tfw1ZwtxQtJmR9euXqtJg1rF9mBuCUjuc36XUWNwx4xCeDum57zRj2jF826VWRcxNoNBLaybGPJMkCcoJEeTktHydgs

Publicly shareable BIP47 Payment Code

Any Samourai Wallet user (or other wallets supporting BIP47), can scan this, and the wallet sends a one time transaction to set it up. From then on, new addresses will be generated between the two users for sending bitcoin. Note that these addresses are not publicly shared to the world at large, they are known only to the two parties transacting.

BTCPayServer for donations

I’m a big fan of BTCPayServer, a bitcoin technology stack that can be very easily deployed as your own full node and payment processor. There are a range of ways to deploy, but for simplicity let’s talk about the LunaNode web deployment method, and using a hardware wallet. This will cost about $8 USD/month to operate.

First, create an account on LunaNode, and fund it either with fiat money or with Bitcoin. Create a LunaNode API key, and use the one page wizard to set up your BTCPay instance.

Once set up, you can register an account on your own BTCPayServer instance, and create a new ‘store’.

If you don’t have a bitcoin hardware wallet, my favourite is the Coldcard (use code: LIVERA) in the CoinKite store for a discount. Other reputable bitcoin hardware wallets include Ledger and Trezor. When you initialise the hardware wallet, you will have the ability to extract out the extended public key (aka xPub / yPub / zPub). You can then paste this into your BTCPayServer Store configuration in the “Wallet” section under Derivation Scheme.

BTCPayServer will then use this xPub to generate a new address for every incoming bitcoin payment/donation. So while your BTCPayServer instance can keep track of your balance and transactions, the private keys for this still ‘live’ on your hardware wallet.

On that store, you can configure a donation button using the PointOfSale app in the settings.

You can configure a POS app embed and configure things like the title and image etc. Then down the bottom you can find an iframe embed code, and you can embed this on your site.

Note I’ve only written a rough guide above, for proper documentation, go to the official documentation page at docs.btcpayserver.org. Also, once you’re more advanced and ready to experiment with lightning, you may also enable bitcoin via lightning network.

Hopefully now you have a better idea of how to set up and take donations in a more privacy conscious way, and you’re avoiding the problem of address re use.

If you want guidance on running your bitcoin node, join a Ministry of Nodes Webinar here.

For example, this is what my donation page iframe embed looks like: