Closed nikita-gorodeckij closed 8 months ago
Hey @nikita-gorodeckij, thanks for catching this. Seems like the fix is to convert the transaction python dict to a json string and ensure that string is used in both the callback request body and the signature payload. I'll get started on a patch.
Looks like signatures for callbacks are calculated incorrectly
Here you get string to compute signature
https://github.com/stellar/django-polaris/blob/a60fe69f656fe9745efad6da9d83b796ef871c63/polaris/utils.py#L278C5-L278C85
and result is something like this:
But in request to anchor body will be converted to json and will be completely different so anchor compute different signature