Payment ID of NIT (Non-Interactive Transaction)

Development and Technical Discussion
#1

Background Introduction

“The Payment ID is usually used to identify transactions to merchants and exchanges: Given the intrinsic privacy features built into Monero, where a single public address is usually used for incoming transactions, the Payment ID is especially useful to tie incoming payments with user accounts.”

“Payment IDs are needed when sending to an exchange. It allows exchanges to confirm the transaction is yours, because exchange probably gets a lot of incoming transactions on the same address they won’t be able to differentiate otherwise without a payment ID.”

Integrated address is just your normal address with some extra data bundled with it (the 64-bit payment ID). While the resulting address looks different, the purpose is not to hide your actual address , but to pack it and the payment ID together to avoid errors and to communicate it easily. Anyone can open it and see the 2 pieces of information (that’s exactly what your sender’s wallet does when sending to it).”

References:

  1. https://www.getmonero.org/resources/moneropedia/paymentid.html
  2. https://monero.stackexchange.com/questions/4338/what-is-a-payment-id-and-why-is-it-used
  3. https://monero.stackexchange.com/questions/3179/what-is-an-integrated-address
  4. https://monero.stackexchange.com/questions/1910/how-do-payment-ids-work

MWC Payment ID Design

We can use the so-called “Integrated Address”, which adds extra 8 bytes data to a normal mwc address. This will affect the MWC Address design.

Where and How to Store the Payment ID in a MWC Coin

We can use the BulletProof message, which as 20-bytes capacity, to store this payment ID info. Originally, this “message” was used in the Interactive Transaction as the blinding secret key ID (and plus a few other info), but not used in NIT scheme.

3 Likes
Suem - Progress Update Thread (2021, Q1)
#2

Great proposition for the ease of verification between sender and receiver managing a lot of txs! I’m all for it.

2 Likes
#3

It is really great that we can write some info in the bulletproof. Probably we should add some search by that data into the explorer if that data readable by anybody.

Will payment ID provide tracking for transactions that was done from this address? Since the payment ID include stealth address, it can be used for user’s transaction tracking until user will change the address, right?
Will that information be readable by anybody, or by exchange only?

How long mwc-node keeping the bulletproof? Does it survive after the block compaction?

#4

I said “We can use the BulletProof message to store this payment ID info”, the “message” is only readable for the coin owner and creator, not public. It can not be used to track anything.

Since the payment ID include stealth address

No, it’s not a relationship of “include”, the payment ID is an extra 8-bytes data.

2 Likes
#5

The payment ID only make sense for UTXO. There’s no usage on the spent output/s. The bulletproof is attached with Output, when the Output is spent and pruned, the proof also pruned.

1 Like
#6

Thank you for clarification. I think it is a great feature. You can specify the sender without privacy impact.

1 Like
#7

A good question in Discord: https://discord.com/channels/539232227360243712/682037018217152613/813786352650289202

and answered.

C&P Here:

vek

@suem another question for the payment id, even when cut through occurred, the exchange can still accept the validity of the payment id thanks to the wallet database? and in case of them restoring the wallet with no database back-up, and they already spent the output they can’t verify the validity of it? I just want to know in case the output is spent and has been cut-thought, they can verify the validity of the payment id with the wallet db?

suem

Good question :thumbsup:
A little drawback of this non-interactive transaction scheme is the the cut-through in “same block”/“transaction pool” is forbidden, see here for detail: Non-Interactive Transaction and Stealth Address . This also helps to ensure payment id will never be lost before it’s spent. So, the answer is yes for your question “the exchange can still accept the validity of the payment id thanks to the wallet database”.

and in case of them restoring the wallet with no database back-up, and they already spent the output they can’t verify the validity of it? I just want to know in case the output is spent and has been cut-thought, they can verify the validity of the payment id with the wallet db?

I don’t think it’s case for the exchange to lose all wallet data and restore without any database backup. It’s the exchange’s important responsibility to maintain and back-up the wallet database, to avoid any lost transaction records.
So, with a well backup wallet database, even the output is spent (by exchange itself), the exchange can always accept the validity of the payment id.

1 Like