You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm investigating this, but any help is appreciated.
as soon as we confirm we received bitcoins from a sponsor, we keep a 3% fee send the rest to the programmer, using the bitcoin RPC
API.
Sending through the API returns a transaction hash that we store in our
database.
Later we receive a HTTP notification with the transaction details.
If that notification contains a transaction hash that doesn't match
anything on the database, freedomsponsors.org sends me an email that
basically says: "HEADS UP: Blockchain is telling me there is an outgoing
transaction that I don't know about".
Today, I got two of those emails. Boy did that freak me out.
I thought someone had broken into our account and started stealing coins.
Only later I could investigate and understand what happened (phew):
The transactions created by freedomsponsors.org (those hashes were returned
by the RPC API call)
hash = b4b02450faecfe399340f4442eb3c9526ee78e7c0048e055988ce001bb5cfe70
amount = 0.03130000
from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
hash = 18311e095c3d8426025ab87fae87e988e1fbad09ba01db32586d066fc28ba87d
amount = 0.01570000
from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
Those transaction hashes cannot be found in the blockchain anymore
Instead, there are similar outgoing transactions in my wallet, but with
different hashes:
hash = 74709ada277d65cbc8f507e41ca5955cd70456d8248cf0f25cd82ddc28217bac
amount = 0.0313
from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
hash = a76f239a327e8b61f7c3f942d52066696c58ad13fb19e4ec7f523a342a12db59
amount = 0.01569999
from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
So... what I take from this is that I can't trust transaction hashes
anymore, is that it?
Instead should I verify transactions based on "from" and "to"?
Or is there any more reliable way of telling whether money I sent has
reached the wallet on the other side?
The text was updated successfully, but these errors were encountered:
I'm investigating this, but any help is appreciated.
as soon as we confirm we received bitcoins from a sponsor, we keep a 3% fee send the rest to the programmer, using the bitcoin RPC
API.
Sending through the API returns a transaction hash that we store in our
database.
Later we receive a HTTP notification with the transaction details.
If that notification contains a transaction hash that doesn't match
anything on the database, freedomsponsors.org sends me an email that
basically says: "HEADS UP: Blockchain is telling me there is an outgoing
transaction that I don't know about".
Related code:
https://github.com/freedomsponsors/www.freedomsponsors.org/blob/master/djangoproject/core/services/bitcoin_frespo_services.py
Today, I got two of those emails. Boy did that freak me out.
I thought someone had broken into our account and started stealing coins.
Only later I could investigate and understand what happened (phew):
The transactions created by freedomsponsors.org (those hashes were returned
by the RPC API call)
hash = b4b02450faecfe399340f4442eb3c9526ee78e7c0048e055988ce001bb5cfe70
amount = 0.03130000
from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
hash = 18311e095c3d8426025ab87fae87e988e1fbad09ba01db32586d066fc28ba87d
amount = 0.01570000
from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
Those transaction hashes cannot be found in the blockchain anymore
Instead, there are similar outgoing transactions in my wallet, but with
different hashes:
hash = 74709ada277d65cbc8f507e41ca5955cd70456d8248cf0f25cd82ddc28217bac
amount = 0.0313
from = 1NBf55HCN4e4VALVktfxBmqsAuakUtheSg
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
hash = a76f239a327e8b61f7c3f942d52066696c58ad13fb19e4ec7f523a342a12db59
amount = 0.01569999
from = 14LkZoYgcheQCkj1mk6oEKqDsxcKHNAT7q
to = 1LSrAt3Ee1BZrRM2YLxrPaBxSTEqcr8SxW
So... what I take from this is that I can't trust transaction hashes
anymore, is that it?
Instead should I verify transactions based on "from" and "to"?
Or is there any more reliable way of telling whether money I sent has
reached the wallet on the other side?
The text was updated successfully, but these errors were encountered: