The exchange will control the private key to all of the coins (be it bitcoin, or some other altcoin) on deposit at the exchange along with having ownership of fiat on deposit and they will make an entry in their database once a trade takes place.
Exchanges will generate deposit addresses for each customer for each coin.
Thx for reply.
So I heard that exchange give specific coin's (Lets say, just Bitcoin) addresses to users. And one private key control them all.
Not quite.
Each address has its own private key. There's also cases where different addresses can be accessed by the same private key (ie. you can derive a P2SH SegWit address and a legacy address from the same private key) but that's a different matter.
I think the "one private key" you heard about refers to the wallet seed. That is, when using a deterministic wallet or address generation algorithm, you can deterministically -- as opposed to randomly -- derive multiple private keys and their respective addresses from a single private key or passphrase (ie. the wallet seed). If you ever used Electrum, Mycelium, Trezor or any of those wallets -- that's the seed words you get for backing up when setting up a new wallet. Non-deterministic wallets -- such as Bitcoin Core, for the longest time -- generate their private keys / addresses at random, making it necessary to back up to the collection of private keys instead of just a single wallet seed / master key.
Some general info on deterministic wallets:
https://en.bitcoin.it/wiki/Deterministic_walletBIP-0044: Multi-Account Hierarchy for Deterministic Wallets:
https://github.com/bitcoin/bips/blob/master/bip-0044.mediawikiBIP-0039: Mnemonic code for generating deterministic keys:
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawikiMost wallets nowadays are hierarchical deterministic wallets (HD wallets); that is: Using a single wallet seed you can not only derive a list of addresses, but a whole tree of addresses. This is usually reflected in the form of accounts, effectively sub-wallets. It would make sense for an exchange to provide each user with an address branch of their own, I'm not sure if that's really the case in practice though.
But when I just test with -qt wallet program, after I click [Request payment], it generates new address, 3 times, made 3 addresses,
then I typed [dumpprivkey <address>] at console for each addresses above, it shows different private key per each address.
Why?
See above.
So then this means, wallet program is bunch of private keys gatherings, exchange run its bitcoin daemon, then this daemon has all the access the generated addresses given to users? Confused.
A wallet, in its simplest form, is a collection of private keys. Depending on the wallet software those may be stored in a wallet file or generated on the fly (ie. only the wallet seed is stored and private keys / addresses are derived as requested). Assuming a full node, this wallet software also checks for incoming and outgoing transactions.
The Bitcoin daemon is a headless wallet, that is: Instead of a GUI for users to click on, it provides an interface for other software to talk with.
Note that running the Bitcoin daemon on the same machine that hosts your web server is both the simplest and most insecure way to set up your infrastructure. At least assuming you use the Bitcoin daemon for generating addresses as well and not just watching the network.
