Any major order change like shipping address should be signed by the Bitcoin address that was used to make the purchasse.

I was on an untrusted network when I made the purchasse and did not think that a VPN was necessary since the site has HTTPS. HTTPS is fine against network sniffing but not against interception of the unique order page link. I was suprised to see the amount of information that could be leaked and that support ticket are not forwarded to email by default. This page should at least be password protected.

I guess the actual system is more convenient for most users but I thought necessary to point that weakness. This is only constructive criticism and will not stop me from using your website again.