in reply to Re^6: Invalid nonce
in thread Invalid nonce

i have tried to do this

my $apiKey = 'BITSTAMP pEF7aWa';
my $apiSecret = 'sWNuYX4QS';

my $urlcb = "https://www.bitstamp.net";
my $url = URI->new($urlcb);
my $urlpath = $url->path('/api/v2/usdt_withdrawal/');

my @Char = ('a'..'z');
my $Leng = 36;
my $RandomChar = '';
for (1..$Leng) {
$RandomChar .= $Char[int rand @Char];
}

my $timestamp = int (gettimeofday * 1000);
my $nonce = $RandomChar;

my $Query = URI->new();
$Query->query_form(
'currency' => "USDT",
'network' => "ethereum",
'address'   => "#wallet",
'amount' => "4"
);

my $API_Version = 'v2';
my $ContentType = "application/x-www-form-urlencoded";
my $signature = hmac_sha256_hex($apiKey.'POST'.$urlcb.$urlpath.$Conten
+tType.$nonce.$timestamp.$API_Version.$Query, $apiSecret);

my %payload = (
"X-Auth" => $apiKey,
"X-Auth-Signature" => $signature,
"X-Auth-Nonce" => $nonce,
"X-Auth-Timestamp" => $timestamp,
"X-Auth-Version" => $API_Version,
"Content-Type" => $ContentType
);


print $Query;
print $signature;

[download]

but am still getting this error

Error: {"status": "error", "reason": "Invalid signature", "code": "API0005"}

i have even tried to follow the API example in other Languages https://www.bitstamp.net/api/#section/Authentication/Authentication-examples

Replies are listed 'Best First'.
Re^8: Invalid nonce
by Corion (Patriarch) on Jul 20, 2024 at 09:36 UTC

    The string you compute for your signature does not match the string from the example code.

    For debugging, print out the string you compute the signature over, and compare that to the example code string.

    message = 'BITSTAMP ' + api_key + \
    'POST' + \
    'www.bitstamp.net' + \
    '/api/v2/user_transactions/' + \
    '' + \
    content_type + \
    nonce + \
    timestamp + \
    'v2' + \
    payload_string

    [download]

    Your code should be:

    my $msg = $apiKey.'POST'.$urlcb.$urlpath.$ContentType.$nonce.$timestam
+p.$API_Version.$Query, $apiSecret;
print "Computing signature over [$msg]\n";
my $signature = hmac_sha256_hex($msg, $apiSecret);

    [download]

    Then, compare the output of that part with the message as it is constructed in the documentation. There are differences between the two.

[reply]
[d/l]
[select]

      the problem still persists

      Error: {"status": "error", "reason": "Invalid signature", "code": "API0005"}

      my $apiKey = 'BITSTAMP p25F7aWa';
my $apiSecret = 'gisWNuYX4Q';

my $urlcb = "https://www.bitstamp.net";
my $url = URI->new($urlcb);
my $urlpath = $url->path('/api/v2/usdt_withdrawal/');

my @Char = ('a'..'z');
my $Leng = 36;
my $RandomChar = '';
for (1..$Leng) {
$RandomChar .= $Char[int rand @Char];
}

my $timestamp = int (gettimeofday * 1000);
my $nonce = $RandomChar;

my $Query = URI->new();
$Query->query_form(
'currency' => "USDT",
'network' => "ethereum",
'address'   => "Ef4cAwayizMH",
'amount' => "4"
);

my $API_Version = 'v2';
my $ContentType = "application/x-www-form-urlencoded";
my $msg = $apiKey.'POST'.$urlcb.$urlpath.$ContentType.$nonce.$timestam
+p.$API_Version.$Query, $apiSecret;
my $signature = hmac_sha256_hex($msg, $apiSecret);

my %payload = (
"X-Auth" => $apiKey,
"X-Auth-Signature" => $signature,
"X-Auth-Nonce" => $nonce,
"X-Auth-Timestamp" => $timestamp,
"X-Auth-Version" => $API_Version,
"Content-Type" => $ContentType
);

my $req = HTTP::Request->new(POST=>$url);
$req->header(%payload);
$req->content($Query);

my $resp = $ua->request($req);

if($resp->is_success){
   print $resp->content ."\n";
}
else{
  print "Error: " . $resp->content;
}

      [download]
[reply]
[d/l]

        So, maybe post what the script outputs, and then tell us part-by-part why/how it is the same. You obviously haven't done this.

        There is a difference in generating the signature string that I spot from reading the documentation and your code, but you will have to find it yourself. This is called "debugging" and I expect you to make a honest try at it.

[reply]

In Section Seekers of Perl Wisdom