The post office would have to be in on it, and getting them to do anything with new tech is impossible. I thought of this, but sha256 cant be decrypted meaning that they would need a db with the address of orders next to the encrypted code which they would be able to validate appropriately without your knowledge.