I have been thinking about Diem/Move, and have been reading on how to really track a transaction (not in forensics way, but in e-commerce way). Let me explain a bit here.
Let's say Bob is a guy who sells products, and Alice is a customer of Bob. Bob has built an online platform where he can accept payments in Libra.
In Libra docs here, it says a transaction consists of,
Alice's account address
Bob's account address and the amount of payment
Gas price
Maximum gas amount
Expiration time, and
Sequence number
This is all good, but my question is this:
Bob won't have Alice's address stored when Alice makes a payment (especially if Alice is a new customer). Conversely, a third person (Jenna) could be making a purchase (with the same SKU) at the same time as Alice. If a Libra transaction only consist of sender's account address, How does Bob track that his transaction with Alice, and the subsequent payment he received from Alice, is actually Alice's (and not Jenna's)? Note that he won't have these account addresses on file, especially if both are new customers.
A simple way would be to assign a transaction ID as some sort of metadata when Bob requests that each of them pay him, so Bob can track against that transaction ID. But is this even possible?
I'm sure this exists in some form or another, since we have Bitcoin payment systems.
I'm Bob so I feel qualified to answer this.
Bob generates his master merchant wallet. From this prrivate key he can generate many other wallets, all accessible from that same private key. For each new customer (Alice, Jenna) he will generate one of these new wallets (trivial to do, with a nearly infinite amount of wallets that Bob can create from just his one private key). With a newly generated wallet, he will share the wallet address with one customer and take note that he sent Alice the address for wallet 1A and wallet address 1B to Jenna. Then, using a blockchain explorer he can know that when 1A receives funds, that it was in fact Alice who paid him.
You may have seen in some brick and mortar locations when they have to the option for customers to pay with cryptocurrency, that the customer scans the merchants QR code (public facing wallet address) and sends to it. Each time a customer sends to the merchant address, the merchant should be generating a new wallet to display to the next customer for reasons of both privacy and tracking which customer's have paid what.
Related
My naive understanding behind how currency trading works on Exchanges like Binance and Coinbase is each users are provided with unique address and when the respective currencies trade happens on exchanges like Binance or Coinbase, both the parties accounts get's updated live on blockchain.
To elaborate more, In case of ETH/BTC trading, let's say, Mr Foo wants to trade his ETH with Mr Bar's BTC on Binance exchange. Binance will provide both of them with unique address respectively to their currency. So when the ETH/BTC trade take place, Mr Foo will receive the BTC on his newly generated unique BTC address and Mr Foo's ETH account will be deducted . On the other side, Mr Bar's BTC account will be deducted and Ether account is updated with newly received ether.
I'm really confuse regarding whether these currency trading on exchanges execute live on Blockchain? Recently during Bitcoin and Ethereum network congestion, I did BTC/ETH trading on HITBTC, the process happened instantaneously, but I've to wait for hours during withdrawal process. Also Hitbtc seems to be using same Ethereum account (0x65e2c5175e2e618f48e70343b14c31b280e42d90) to transfer fund during withdraw request for multiple users. It seems that these exchanges are using the same address for serving multiple users.
Could somebody explain how users accounts are updated during currency trading on exchanges like Coinbase and Binance? Does trading immediately happens live on blockchain? Or Exchanges only shows the users with fake trading balances until it's withdrawn? Do the Exchanges use same address to accept deposits from multiple users?
Thank you for your time.
Check out this thread for a brief explanation of Coinbase's order management.
Answer on the reddit thread, supposedly from a coinbase insider.
In addition, my comment above was just based on intuition and my general knowledge of the way brokers work.
Brokers
Brokers tend to match orders first since they are in the business of exchanging, not investing. Meaning they make their most consistent revenue from fees generated by facilitating customer orders, not by investing in the securities or assets that they help to buy/sell.
Sometimes in order to fulfill an order the broker will go long or short a particular asset class, in this case bitcoin or ethereum, etc. If this happens the broker is exposed to fluctuations in the price of that asset against the asset they are trying to grow (cash).
Now, since Coinbase is heavily involved in crypto it might be part of their strategy to hold Bitcoin or Ethereum inventory, but I would doubt it would figure much since that would undermine public trust in their institution as an impartial exchange. No one really likes to hear their broker bet against them, it tends to engender resentment.
Technicals
Coinbase is setup as a software wallet, meaning you have an account, with the private keys stored on their server. So it is possible for them to facilitate some of the trading between bitcoin accounts without ever having to match orders with an account holder outside their system.
Meaning, they can collect/match/fill the orders in batches and then submit those batches to bitcoin miners. This would allow them to quickly "fulfill" your order, and then send you verification once it has been posted to the blockchain.
Further Reading
Although it is not specifically geared towards crypto exchanges there is an excellent book on the subject of how markets actually function.
Market Microstructure in Practice
I am building and app which will offer payment in bitcoins. I know that when I send bitcoin from one address to another it can be tracked by blockain API to verify the transaction. After receiving some assets I want to send some assets back. The customer will have an input field where he will paste his deposit wallet address. I am subscribed to blockchain API to track received assets to my bitcoin address. How can I verify that the payment was made by certain customer? Checking his address doesn't seem to solve the problem because if customer uses wallets like Coinbase, Bitstamp etc. transaction is made from multiple addresses.
A few helpers here:
What you need to do is to generate a new address and give it to your customer. This way you can uniquely identify him
Wait for confirmation before making the decision. Just because you see a transaction, does not mean you have the money. You need to wait for a few blocks and several (>6) confirmations
I need opinion on cheapest credit card processing api, any one aware of. Also I would like to know if any service is available which let me accept credit card on form and transfer it to multiple customers’ accounts. I mean after charging my fees I send the remaining transaction to customer account.
I would check out Stripe Connect API to fit your needs. It is fully PCI compliant and you can allow users to make transactions with each other. You can even take an application fee per charge without without having to collect any full payments yourself. Which basically means (for example), UserA can pay UserB $20 directly, and you can charge a $1 fee for that transaction. You collect the $1 and UserB gets his $19.
Of course, though, they do charge a modest 2.9% + 30 cents per transaction. But in my past experiences, Stripe Connect has been my favorite and easiest to implement.
Paypal offers an identity verification feature where a cell phone is checked against a given billing address.
I would like to have a similar verification system in my website. What do I need to do to get this type of validation in place?
Cell phones numbers aren't intrinsically linked to mailing addresses; the association is stored by the company that does the billing.
So if you want to verify the phone against the cell provider's billing address, then you would have to get that information from the cell provider. If you want to verify it against the billing address of the credit card the phone company uses, then you'd have to ask the credit card company (once you have the card number from the phone company).
As a rule, companies don't make address information available for you to query. The exception is credit card companies, which will do address verification as an anti-fraud measure. This verification happens through your merchant account through which you process card transactions, and may be subject to certain conditions worth paying attention to.
Balanced payments documentation is unclear about debits and credits. You have merchants, customers and accounts. It now says accounts are deprecated and to use customer. Can someone shed light on any corrections I have in my workflow:
Form with CC fields tokenizes card.
Create customer for buyer and add card.
Debit buyers card.
Create another Customer object.
Add a bank account to the Second customer object.
Credit Second Customer object
Do I need the merchant fields on the second customer object (dob, postal code, etc)?
Do I need to do underwriting to second customer object?
Your workflow is correct.
The Customer resource abstracts away from you the pain the Account resource had when dealing with underwriting a merchant. Underwriting is required as part of the KYC (Know Your Customer) operation requirements Balanced needs to follow. Each Customer has an attribute named is_identity_verified where you can know if the Customer's identity was verified. Ideally you want to make sure the identity is verified for each Customer to which you will be crediting. While you can still perform credits (I believe up to a certain limit) to Customers whose identity is not verified, you run the risk of increased fraud and there may eventually be consequences to your marketplace.
Also, feel free to stop by #balanced on IRC. You'll probably get much faster answers to your questions there directly from developers.