Calculation and Payout Schedule
- Interest calculations: Every day at 11 p.m. UTC
- Interest payouts: Once a month on the 1st day of the month at 12 a.m. UTC
Payout Notifications
We provide a series of HTTP callbacks that allow you to notify users when funds have been deposited and when they become available. When creating a wallet, you can set a callbackUrl. The following information describes the structure of the callbacks received.
When callbacks are sent
Callbacks are sent whenever a transactional event occurs that will affect the wallet's balance. Examples include:
- Incoming pending transaction
- Pending transaction confirmed
Callback Acceptance and Retries
Your system should respond to the callback request with a 200 response. We only attempt to send the request once, but we may introduce automatic retries in the future. We can manually resend callbacks upon request.
Payload
The callback payload will be a JSON representation of the transaction that has caused the callback to trigger. An example of such a transaction can be found below:
// Interest payouts require resolving the transfer id.
// GET https://api.testwyre.com/v3/transfers/TF_HTQEQ327NYE
{
"createdAt": 1617235219704,
"id": "TR_AE79Q7L6QAT",
"source": "transfer:TF_HTQEQ327NYE",
"dest": "wallet:WA_8TJFJ3EQEN9",
"currency": "BTC",
"amount": 0.0000106,
"status": "CONFIRMED",
"confirmedAt": 1617235219704,
"cancelledAt": null,
"reversedAt": null,
"message": "Deposit for transfer TF_HTQEQ327NYE",
"allowOverdraft": true,
"authorizer": "service:Nobody",
"senderProvidedId": null,
"reversedBy": null,
"fees": 0,
"feesDest": null,
"metadata": {
"transferId": "TF_HTQEQ327NYE"
},
"tags": [],
"sourceFees": null,
"destFees": null
}
Security Signature
In order to prevent callback spoofing, we provide a signature with the callback passed back through the HTTP header X-API-Signature.
i.e. x-api-signature: 56a00765528a6a6fab70c9272485131f157a423f78a5ab06d2c8627f867f6aea
This signature is a SHA256 HMAC signature of the JSON body signed with the merchant's secret key. To the right you can find example implementations of the signature.
Note: It's important to verify the signature in the callback, otherwise it is possible for the request to be spoofed by an external attacker.
Interest Payout Transfer Details
Certain types of transfers will display the "source" as a transfer SRN. This requires that you query the transfer id to get the details of the transfer. This is the case for savings wallets and subsequent interest payouts.
You can determine if a callback is the result of an interest payout by querying the transfer id in the "source," for example:
If a callback presents with a source like this: "source": "transfer:TF_HTQEQ327NYE," you can query the transfer id with GET https://api.testwyre.com/v3/transfers/TF_HTQEQ327NYE. The result will look like the sample below. Notice the source of the transfer, "source": "service:Interest Payments."
{
"owner": "service:Nobody",
"status": "COMPLETED",
"source": "service:Interest Payments",
"createdAt": 1617235217000,
"sourceAmount": 0.0000106,
"destCurrency": "BTC",
"sourceCurrency": "BTC",
"totalFees": 0,
"customId": null,
"completedAt": 1617235220000,
"cancelledAt": null,
"failureReason": null,
"expiresAt": 1617494417000,
"updatedAt": 1617235220000,
"fees": {
"BTC": 0E-8
},
"destAmount": 0.0000106,
"exchangeRate": null,
"statusHistories": [
{
"id": "BBGZBGDVWUR",
"transferId": "TF_HTQEQ327NYE",
"createdAt": 1617235220000,
"type": "ADMIN_CREDIT",
"statusOrder": 0,
"statusDetail": "Initiating Transfer",
"state": "INITIATED",
"failedState": null
},
{
"id": "GUMTCX4QUEH",
"transferId": "TF_HTQEQ327NYE",
"createdAt": 1617235220000,
"type": "ADMIN_CREDIT",
"statusOrder": 5100,
"statusDetail": "Transfer Completed",
"state": "COMPLETED",
"failedState": null
}
],
"estimatedArrival": 1617847722127,
"dest": "wallet:WA_8TJFJ3EQEN9",
"pendingSubStatus": null,
"blockchainTx": null,
"reversalReason": null,
"reversingSubStatus": null,
"message": null,
"id": "TF_HTQEQ327NYE"
}