IPN (Instant Payment Notification)
Payment notification
The payment process and confirmation of transaction may take from several minutes to several hours. Our service will notify you about confirmation by sending a POST request with data to the status URL you specified. The notification will occur after the transaction: appears on the network in mempool (only for outcoming = 0 confirmation), included to block (1st confirmation) and after its 12th confirmation.
Data structure
Data in JSON format:
{
etherapi.net: version
type: message type = (in-payment / track-tracking / out-sending)
date: date and time in UNIX format
from: address-sender
to: address-receiver
token: token = (only for token transaction, ERC20 token ID)
amount: amount
fee: fee (only for confirmed transaction)
txid: transaction txid (hash)
confirmations: number of confirmations = (0 - pending / 1 / 12)
tag: tag
sign: signature
sign2: signature version 2
}
Signature verification
To verify the signature, you must calculate a hash from the received data and compare it with the value in the sign or sign2 field.
A hash is a (40-character hexadecimal number) result of the sha1 function from the string received by connecting through the colon (:) the values of the type, date, from, to, [token,] amount, txid, confirmations, tag and API key.
Result
The service expects a text response from the IPN handler.
This text can be seen in the office on the "Notifications" tab.
Example
PHP IPN Handler Code Example:
...
if (!$_POST)
$_POST = @json_decode(file_get_contents('php://input'), true);
if (!$_POST['etherapi.net'])
return;
$tosign = array(
$_POST['type'],
$_POST['date'],
$_POST['from'],
$_POST['to'],
$_POST['token'],
$_POST['amount'],
$_POST['txid'],
$_POST['confirmations'],
$_POST['tag'],
$cfg['apikey'] // API access key
);
$sign2 = sha1(implode(':', $tosign)); // sign v2 always includes token
if (empty($_POST['token']))
unset($tosign[4]); // exclude from old sign for non-token transaction
$sign = sha1(implode(':', $tosign));
if ($sign !== $_POST['sign']) // or if ($sign2 !== $_POST['sign2'])
die('Sign wrong'); // this answer will be visible in the dashboard
echo('OK');
...
Signature version 2 always includes the $_POST['token'] even if it is empty or not set. You can use ANY of these signatures.
Notifications come from IP = 88.99.198.205