Clone wiki

Infinity-Economics / Handle Deposits

XIN Exchange Handle deposits
Infinity Foundation July, 2017, v1


1. Handle deposits and create new user accounts in 7 simple steps using the XIN API.

Mainnet: 23457
Testnet: 9876

Production: localhost (your local node)

1. Generate a string of 50+ chars. This is your master passphrase. It must be very strong. For this example, let’s assume it’s “secret”.
2. When a user wants to deposit token, you generate a unique ID. You can use a userID returned by your database for instance or any other unique identifier.

3. Use “secret”+userID to generate a passphrase for the deposit account. For example: “secret1234567890”.

4. Use this API call to create an account number: This call will return the account number/details.

“accountRS”: “XIN-SNR5-7KB3-M3HU-B6C3Y”,
“publicKey”: “a5ef64367c284087fc3209b7932201e30d5d36e03b2a9b2c94d87a9aa86f7368”,
“requestProcessingTime”: 1,
“account”: “11458639784060932835” }

5. Check to see if the generated account number is a collision with an existing account by issuing this call:

5.1 If the account does not exist yet, this call will return: {} This means the account has no outbound transaction and the publicKey isn’t known by the chain.

5.2 If the account exists AND outbound transactions have been made, the query will return the public key for the account like: {“publicKey”:“a5ef64367c284087fc3209b7932201e30d5d36e03b2a9b2c94d87a9aa86f7368”}

5.3 While the call 'getAccountPublicKey’ is checking for a known publicKey it is recommended to make a second call to be sure this account hasn’t either an inbound transaction:

This returns: { “errorDescription”: “Unknown account”, “accountRS”: “XIN-SNR5-7KB3-M3HU-B6C3Y”, “errorCode”: 5, “account”: “11458639784060932835” } “Unknown account” shows that this account hasn’t had any inbound transactions too. In this case the account is fully validated and ready to used as a clean, new deposit account. Or you will get a response with a balance. In this case the account is a used account and has had at least one inbound transaction. { “forgedBalanceTQT”: “0”, “balanceTQT”: “100000000”, “accountRS”: “XIN-SNR5-7KB3-M3HU-B6C3Y”, “unconfirmedBalanceTQT”: “100000000”, “requestProcessingTime”: 0, “account”: “11458639784060932835” }

6. If the previous step reveals that a public key already exists or a balance is shown for the account number, an account collision has occurred, and you should generate a new “secret” and a new account number.

7. Store the generated password and account number securely into your database and hash/salt it. Associate the new account with the site user’s local userID. Depending on the type of service you are building, you may also need to give the account number to the user to allow them to deposit funds.


Periodically check the account for any or new incoming transactions:×tamp=0

The timestamp parameter indicates “seconds since the genesis block”, so a value of 0 will show you
all transactions for the associated account. The executedOnly parameter will exclude phased
transactions that have not yet been executed. When you get enough confirmations, you can increase
the user’s balance in your software. 10 confirmations are recommended, but you can use whatever
value you prefer.

Blocks can become orphaned and transactions can be cancelled, so pay attention to the timestamp
and deadline values of a transaction. Timestamp is measured in seconds since the genesis block
(10th of Jan, 2017 12:00:00 UTC). The transaction deadline is measured in minutes.

A transaction expires when timestamp + deadline * 60 greater current time. It can’t be included into a
block with a timestamp greater than timestamp (of the transaction) + deadline * 60. The current
time can be obtained with:

To make sure that you won’t lose the transaction you should check that a user uses a large deadline
and doesn’t try to cheat you by setting a timestamp too far in the past. Until a transaction gets
720 confirmations you should check to be sure it’s still confirmed. If not (due to blockchain reorg),
rebroadcast the transaction to the network using:…;

Transaction bytes can be obtained by this call, taking the transaction ID:

Example return:

“unsignedTransactionBytes”: “00107b37eb003c00a0f71792358ca7043e86dcb8d7c904749e8b5a6c788c41
“requestProcessingTime”: 1,
“confirmations”: 5,
“transactionBytes”: “00107b37eb003c00a0f71792358ca7043e86dcb8d7c904749e8b5a6c788c41b