Verify Callback Interface
The merchant will receive an order status callback from the platform within 30 minutes after initiating the transaction. Here are the returned fields. How to initiate a transaction:
Initial TransactionOrder Status:
🛠️Order StatusMerchant Callback Order
Callback Information: POST
Parameter | Remark | |
---|---|---|
outerOrderId | Merchant Transaction ID | |
orderId | EchoooPay Transaction ID | |
receiptAddress | Merchant wallet address | |
payCurrency | Order fiat currency | support tokens, example: usd |
payCurrencyAmount | Order fiat amount | |
payStatus | Payment Status | |
chainId | Payment network ID | chain ID, example:Ethereum |
payTokenCoingeckoId | Payment currency | |
payTokenAmount | Payment amount | |
incomeTokenAddress | Receive address | |
finishTime | Complete time | time stamp(ms), example:1706167219110 |
signature | Signature |
Process
platform maintains a pair of RSA key, the private key is managed by the platform and not disclosed, while the public key is publicly available.
Public Key:
The platform signs the callback request using the private key and writes the signature into the 'signature' field of the callback information. The merchant, on their own implemented callback interface, verifies the signature using the public key. Only if the signature is validated, the merchant processes the callback information; otherwise, it is discarded.
Signature and Verification Rules
In the callback parameter list, all parameters returned in the callback, excluding the 'signature' parameter, are the ones to be signed. Each value in the array is sorted alphabetically from 'a' to 'z'. In case of the same initial letter, the second letter is considered, and so on. After sorting, all array values are connected with 'key="value"' and "&" characters, forming the string to be verified. The signature algorithm is the same as the open interface authentication section.
Note:
Parameters with no values need not be included in the data to be signed.
When converting characters to byte streams during signature, the specified character set is UTF-8.
Example code to verify signature:
Last updated