Correct - it should only be at the end of the "key"

What I'm actually finding now is that blockchain.info will 'decode' the URL on their side after an address is successfully created... So once they get a deposit to a particular address, they are invoking the callback URL without the encoded values, so if a '+" or "=" is in the URL, it will get hairy on my side.

For example, if I send over the following key to blockchain.info
?key=xyz123%2B456abc

It will come to my server as "?key=xyz123+456abc" and my application will treat this as two strings " "xyz123" and "456abc" as the internet protocol will substitute  the + for a space as it gets to my server.

Thanks for the clarification on blockchain.info and the help!

I will give that a whirl, I believe you are correct that it will work in the event there are 0,1,2 "=" at the end of the string. My only concern now is that there won't be "=" embedded in the string (not the end) that get stripped out.

*** Feel free to Move this Mods, I believe it's in the wrong place -- Sorry! ***

Hey Folks -

We are currently undergoing a new technique for our callback transactions, and we seem to be finding a potential bug with Blockchain and how they post callback URLs using their API. We haven't gotten very far with their general support, so we are hoping someone here can articulate what we are doing wrong or get the attention of the right guys at Blockchain to respond to our threads.

Without getting into specifics, we generate a unique callback key for each user that registers on our site by encrypting a series of data tied to that user. Before generating a call to Blockchain, we also urlencode() the secret key as it contains specials characters that won't play well in the browser. Below would be an example call to Blockchain

https://blockchain.info/api/receive?method=create&address=<OUR ADDRESS>&shared=false&callback=<DOMAIN>/callback.php?key=Qy5Z5sCNkYCoCmv2ppn1nw4qU3UsrS4TA%2Fx0nPQOsNBaTMAjl6HceHOBQsCeiKal2w0NEXbvJKF9x%2BIvTrgfoA%3D%3D

Once we get the response from hitting the URL above, everything looks great - they replay the callback URL exactly as we put it in, and we get a unique receiving address as well.

So far, so good - now is when things get weird.

Once we send BTC to the new bitcoin receiving address returned above,  the following full callback URL is triggered from Blockchain.
<DOMAIN>/callback.php?anonymous=false&shared=false&destination_address=<OUR ADDRESS>&confirmations=0&address=<OUR ADDRESS>&value=600000&input_address=<SENDERS ADDRESS>&input_transaction_hash=<HASH>&key=Qy5Z5sCNkYCoCmv2ppn1nw4qU3UsrS4TA%2Fx0nPQOsNBaTMAjl6HceHOBQsCeiKal2w0NEXbvJKF9x+IvTrgfoA&transaction_hash=e1fd6dadc0...&

You'll notice the 'key' parameter is actually stripped of the last two "%3D"'s rending our decryption routine obsolete?

Now - If someone can tell me why this is happening, I will gladly fork over a donation! I'm really hoping it's somewhere on our side, but after looking at this all weekend, I don't think it is.

Coming later today!

Just a reminder for all players - the US Golf Open is in it's last day and the field is widdled down to just a few contenders, so hurry up and place your bet for who will win at Merion! https://casinobitco.in/bet-us-open

Yes !

We have it functional; however - we aren't releasing to customers until some other patches are applied to the entire site. I promise it's coming very soon, we just want to be positive we aren't releasing anything with bugs now that we are getting steady traffic to our site daily.

Get those bets in for tonight's NBA Game 4!

I have a feeling the Spurs run the court once again!

Are you going to lay anything on the US Open Futures?

Shoot - if you hit a 300 - 1 shot, you're money

Thanks for the bump!

Guys - make sure you get your bets in on the US Open Futures.

We are offering Huge payouts for picking the winner - this is a gamble you'l be able to enjoy all weekend!

We offer instant deposits and withdrawals, start playing today.

P.S - We are rolling out Blackjack this weekend!

FYI - If you were trying to get into our site to bet the US Open Future for tomorrow, we had server issues throughout the day - but we are back up and running now! Sorry for the inconvenience

http://casinobitco.in/bet-us-open

FYI - We were having site issues throughout the day, so if you were trying to register or sign-in and ran into complications please accept our apologies. The issue has since been resolved.

Take note of this - Any user that couldn't sign-in will get a credit of 0.05 BTC in their account as long as they PM me with their username. Credits will be applied by 8 PM tonight or sooner.

TLDR - Free bitcoin if you contact me with your username!

NHL Stanley Cup starts tonight - don't miss out on betting who wins the series and who wins tonight!

US Open Future betting live on http://casinobitco.in/bet-us-open right now!

Tiger looks like the favorite!

Interesing feedback!

We have a timeout set now now and we originally explored not having one - but voted against it because of security risks.

That said, we'll take this feedback to a vote soon though!
In the short term we can definitely increase the timeout threshold in our next push (tomorrow afternoon). I'll PM you once we get this out the door.

The US Open I was talking about was the Golf one (but Tennis is on our roadmap).

Checkout the huge lines right now: http://casinobitco.in/bet-us-open

Just posing the question out there - if you are interested, please PM me and if we get enough interest we will offer this on our site tonight.

What's everyone thinking tonight... Heat + 2 with another strong showing from lebron?

Don't miss out on this awesome opportunity to test drive our site and bet on the NBA Championship and NHL Stanley Cup. We are giving all customers tht bet on either of those props a 15% rebate credited to their account if they lose!

King - why don't you try our site out?

We are running a promotion where any user that makes a future bet on either the NBA Championship (http://casinobitco.in/bet-nba-futures) or NHL Stanley Cup Finals http://casinobitco.in/bet-nhl-futures will receive 15% of their wager back in their account if thier bet doesn't win!

Awesome Opportunity to test drive our site and bet on the NBA Championship and NHL Stanley Cup.

Any user that makes a future bet on either the NBA Championship (http://casinobitco.in/bet-nba-futures) or NHL Stanley Cup Finals http://casinobitco.in/bet-nhl-futures will receive 15% of their wager back in their account if thier bet doesn't win! Take this opportunity to test out our site and win some Bitcoin!

Heat - 6 was the lock of the century IMO... Glad you are winning and enjoying the site. We have only been open for 3 days, but we are getting a lot of traffic; however - we need more players! Register guys - this site is legit!