I have a follow-up:
Why should Julie have used a separate address for each payment she received? Julie is raising funds to pay for the education of people who ask silly questions about Jack and Jill, and while she may post flyers around campus, each with a unique QR code, each of those addresses will, she hopes, wind up getting multiple donations/payments.
I would argue that Julie should have a QR code that results in a link to a web page instead of just encoding a bitcoin address in the code. The web page could provide more information about her fund raising purposes than a simple flyer, and could have a link or button that would generate a brand new unique address for every potential contributor.
In general it is better to think of a bitcoin address as an invoice number instead of an account number. At the technical level it operates much more like an invoice number. It is a unique number used to identify the purpose of a payment.
By using a new address for every transaction received:
- It is much easier to identify the purpose of each payment.
- It increases the privacy of everyone involved
- It slightly increases the security for the recipient
Examples...
It is much easier to identify the purpose of each payment:
- Julie decides that as part of her fund raising efforts, she is going to take orders for her homemade apple pie at 0.01 BTC each.
- Jason calls up Julie and tells her he'd like to buy 2 pies.
- Julie provides Jason with a bitcoin address: 1LN7KU6tKM48dSc8pAyn96agBr7Y63Zgfz
- Joe calls up Julie and tells her he'd like to buy 2 pies.
- Julie provides Joe with the same bitcoin address: 1LN7KU6tKM48dSc8pAyn96agBr7Y63Zgfz
- 20 minutes later, Julie receives a payment of 0.02 BTC to the address 1LN7KU6tKM48dSc8pAyn96agBr7Y63Zgfz
Who should she deliver the pies to?
Lets look at how that should have happened:
- Julie decides that as part of her fund raising efforts, she is going to take orders for her homemade apple pie at 0.01 BTC each.
- Jason calls up Julie and tells her he'd like to buy 2 pies.
- Julie informs Jason that the pies will be delivered as soon as a payment is received at bitcoin address: 1LN7KU6tKM48dSc8pAyn96agBr7Y63Zgfz
- Joe calls up Julie and tells her he'd like to buy 2 pies.
- Julie informs Joe that the pies will be delivered as soon as a payment is received at bitcoin address: 1KNufj65JUNnHpYwNsEj52wfyaMkyqugzK
- 20 minutes later, Julie receives a payment of 0.02 BTC to the address 1KNufj65JUNnHpYwNsEj52wfyaMkyqugzK
Julie delivers 2 pies to Joe.
It increases the privacy of everyone involved:
- Julie receives dozens of donations each at a unique address
- One of those payments is 0.21 BTC received with 1NoigAWxttwoK78L1BX1kdqdoCe9Tp2Rak.
- Another of those payments is 0.12 received with 18GJ9cd4SNLsVjabDV5vhDqDYsf7UGxxvQ
- Both senders used new addresses every time they received a transaction
Therefore, since Julie wasn't the one that originally sent those bitcoins to either of those donors, she has no way of knowing who the donations came from. The only people that know how the donors got those funds are the donors themselves, and whomever sent the funds to them. Those that sent the funds to the donors don't know anything about the donation addresses (since they aren't printed on flyers, and are unique to those donors), and therefore don't know that the funds were used to make donations to Julie. Additionally, neither donor knows anything about the other donor, nor do they know anything about the total funds raised by Julie so far.
- A short while later, Julie makes the 2 payments you described in your original post
- Jack and Jill each generate a unique address that they tell only to Julie
- Julie uses the 0.21 BTC received with 1NoigAWxttwoK78L1BX1kdqdoCe9Tp2Rak to make the 2 payments (with a 0.01 BTC transaction fee)
Jack sees that he has received 0.1 BTC, and that 0.1 BTC went to another unknown address. He doesn't know that other address is Jill's, and he has no way of knowing if that is a 0.1 BTC payment to someone else, or just 0.1 BTC change back to Julie. Jack has no way of knowing who donated those 0.21 BTC to Julie. Jack knows that Julie had at least 0.21 BTC, but doesn't know anything about any of the other addresses that Julie received donations at. He doesn't know if that was her last 0.21 BTC, or if she's sitting on 3,000,000 BTC in donations.
Jill sees that she has received 0.1 BTC, and that 0.1 BTC went to another unknown address. She doesn't know the other address is Jack's, and she has no way of knowing if that is a 0.1 BTC payment to someone else, or just 0.1 BTC change back to Julie. Jill has no way of knowing who donated those 0.21 BTC to Julie. Jill knows that Julie had at least 0.21 BTC, but doesn't know anything about any of the other addresses that Julie received donations at. She doesn't know if that was her last 0.21 BTC, or if she's sitting on 3,000,000 BTC in donations.
The first donor knows that Julie has now accessed his donation. He does not know if Julie is simply moving some of the bitcoins to cold storage, or if she has paid someone. He has no way to know who the bitcoins went to, if anyone.
The second donor doesn't know that Julie has paid anyone anything yet at all
It
slightly increases the security for the recipient:
When you receive a payment to an address that has never been used before, that payment is protected by 3 cryptographic algorithms (ECDSA, SHA256, and RIPEMD160). The ECDSA public key is not available to anyone yet.
As soon as you spend a payment that was received at an address, the ECDSA public key is available to the entire world. Any other payments that have ever been received at that address in the past, or ever will be received at that address in the future will forevermore only be protected by the ECDSA algorithm.
Additionally, there have been poorly written wallets in the past that generated the transactions in such a way that after funding two transactions, both with bitcoins that had been received at the same address, it became possible to calculate the private key. If there had never been more than 1 payment received at that address, then that bug wouldn't have resulted in the loss of any funds. Unfortunately, the poorly written wallets also tended to encourage users to repeatedly re-use the same address for receiving bitcoins.