How-To:Handle Deposits

From Nxt Wiki
Jump to: navigation, search
This page contains changes which are not marked for translation.

Developers have provided some insights into good methods for implementing features in your software. This tip was created by Come-from-Beyond.

For more information on the API calls referenced here, check our high-level API documentation.

1 One way to handle deposits

  1. Generate a string of 50+ chars. This is your master passphrase. It must be very strong. For this example, let's assume it's "secret".
  2. When a user wants to deposit coins, you generate a unique ID. You can use a userID if it's not necessary to create a new address for each deposit.
  3. Use "secret"+ID to generate a passphrase for the deposit account. For example: "secret8475347836".
  4. Use this API call to create an account number: http://localhost:7876/nxt?requestType=getAccountId&secretPhrase=secret8475347836. This call will return the corresponding account number.
  5. Check to see if the generated account number is a collision with an existing account by issuing this API call: http://localhost:7876/nxt?requestType=getAccountPublicKey&account=6975576163363041725.
    • If the account already exists but no outgoing transactions have been made, this query will return {}
    • If the account exists AND outgoing transactions have been made, the query will return the public key for the account, e.g. {"publicKey":"5aa041670bc0b45c283c988b7f2f17735209cbabde5d5ce8a849b0d63a3a4422"}
    • If the account does not yet exist, this call will return: {"errorCode":5,"errorDescription":"Unknown account"}
  6. If the previous step reveals that a public key already exists for the account number, an account collision has occurred, and you should generate a new "secret" and a new account number.
  7. Store the generated password and account number securely, and associate them with the site user's local userID. Depending on the type of service you are building, you may also need give the account number to user to allow them to deposit funds.
  8. Periodically check to see if the address has any incoming transactions: use http://localhost:7876/nxt?requestType=getBlockchainTransactions&account=6975576163363041725&executedOnly=true&timestamp=0
    • the timestamp parameter indicates "seconds since the genesis block", so a value of 0 will show you all transactions for the associated account.
    • the executedOnly parameter will exclude phased transactions that have not yet been executed.
  9. When you get enough confirmations (10 confirmations are recommended, but you can use whatever value lets you sleep at night), you can increase the user's balance in your software.

2 Some very important things