Quote from: Burning Babylon on June 27, 2013, 08:35 pmQuoteIf you don't save the address from the verification letter, then this is useless. And you shouldn't be doing that.Well it would technically work if all customers were honest and used the same address at all times, but I suppose that is a bit optimistic thinking. I suppose the best solution to this would be to attach the customer address in encrypted form using a separate PGP key just for the sake of the Verification Letters. Since it's only valid for one month it would be like a product with an expiration date and thus not technically fall under the definition of "saving the address".I dont think that this verification letter is a good idea, but you could store a hash of the shipping address and if you ship the real product, you could just check the hash of the shipping address with the hash of the verification letter address. So you dont have to store any addresses.