search

btcpayserver / btcTransmuter

A self-hosted ,modular IFTTT-inspired system for bitcoin services written in C#
https://btcpayserver.org
77 stars 22 forks source link

NDAX exchange error #90

Open astupidmoose opened 3 years ago

astupidmoose commented 3 years ago

Could not setup NDAX within transmuter

Error: Could not connect with current settings. Transmuter tests against fetching your balance amount from the exchange so you would need to enable that option if available

I thought it was possibly due to exchangesharp using an old outdated data point for tickers, but after that was fixed, its still an issue.

abdulbadi commented 3 years ago

Hello, which endpoint is being called?

astupidmoose commented 3 years ago

Hello, which endpoint is being called?

From my discussions with @Kukks I believe the issue is somewhere in the Authenticate endpoint. Part of the problem is the endpoint is undocumented on the API docs so there isn't a lot of guidance there.

abdulbadi commented 3 years ago

Here is an example on how to authenticate to that endpoint over http: const crypto = require('crypto'); var request = require('request-promise'); const { url: host, api_key, api_secret } = require('./creds.json'); const hmac = crypto.createHmac('sha256', api_secret); const creds = { Nonce: ${Date.now()}, APIKey: api_key, Signature: '', UserId: '7', }; creds.Signature = hmac .update(${creds.Nonce}${creds.UserId}${creds.APIKey}) .digest('hex'); const main = async () => { const url = https://${host}:8443/AP; try { const result = await request(${url}/Authenticate, { headers: creds, }); console.log(JSON.parse(result)); const { SessionToken: APToken, User: { AccountId }, } = JSON.parse(result); const options = { method: 'GET', url: ${url}/GetAccountInfo?OMSId=1&AccountId=${AccountId}, headers: { APToken }, }; const account_info = await request(options); console.log(JSON.parse(account_info)); } catch (e) { console.log(e); } }; main();

abdulbadi commented 3 years ago

Please let me know if there is any information I can provide to resolve this issue ASAP.

Kukks commented 3 years ago

Yes, something has definitely changed since the initial implementation if that is the case:

The ExchangeSharp integration used to work via an Authorization header with a Basic scheme consisting of apikey:apisecret and did not require a user id.

Unfortunately this will require some deeper refactoring inside ExchangeSharp to get it working again (and also figure out where you can stuff the required user id since ExchangeSharp tries to be a generic layer with usually only two authorization properties)

abdulbadi commented 3 years ago

For security purposes a nonce is used to prevent replay attacks