IPN (Instant Payment Notification)

Payment notification

The payment process and confirmation of transaction may take from several minutes to several hours. Our service will notify you about confirmation by sending a POST request with data to the status URL you specified. The notification will occur after the transaction: appears on the network in mempool (only for outcoming = 0 confirmation), included to block (1st confirmation) and after its 12th confirmation.

Data structure

Data in JSON format:
{
   etherapi.net: version
   type: message type = (in-payment / track-tracking / out-sending)
   date: date and time in UNIX format
   from: address-sender
   to: address-receiver
   token: token = (only for token transaction, ERC20 token ID)
   amount: amount
   fee: fee (only for confirmed transaction)
   txid: transaction txid (hash)
   confirmations: number of confirmations = (0 - pending / 1 / 12)
   tag: tag
   sign: signature
   sign2: signature version 2
}


Signature verification

To verify the signature, you must calculate a hash from the received data and compare it with the value in the sign or sign2 field.
A hash is a (40-character hexadecimal number) result of the sha1 function from the string received by connecting through the colon (:) the values ​​of the type, date, from, to, [token,] amount, txid, confirmations, tag and API key.

Result

The service expects a text response from the IPN handler.
This text can be seen in the office on the "Notifications" tab.

Example

PHP IPN Handler Code Example:
...
if (!$_POST)
   $_POST = @json_decode(file_get_contents('php://input'), true);
if (!$_POST['etherapi.net'])
   return;
$tosign = array(
   $_POST['type'],
   $_POST['date'],
   $_POST['from'],
   $_POST['to'],
   $_POST['token'],
   $_POST['amount'],
   $_POST['txid'],
   $_POST['confirmations'],
   $_POST['tag'],
   $cfg['apikey'] // API access key
);
$sign2 = sha1(implode(':', $tosign)); // sign v2 always includes token
if (empty($_POST['token']))
   unset($tosign[4]); // exclude from old sign for non-token transaction
$sign = sha1(implode(':', $tosign));
if ($sign !== $_POST['sign']) // or if ($sign2 !== $_POST['sign2'])
   die('Sign wrong'); // this answer will be visible in the dashboard
echo('OK');
...

Signature version 2 always includes the $_POST['token'] even if it is empty or not set. You can use ANY of these signatures.
Notifications come from IP = 88.99.198.205