Get Started
Welcome to the CryptoWall documentation. An account is required to use any of our tools.
Add your Website
To be able to integrate our offerwall, first you have to add your website. Once you have added your website you will have an API KEY and a SECRET KEY, that you will need to integrate our offerwall.
To register your website into our service, please follow these steps:
- Login to your CryptoWall account.
- You should now see the Add Website button at sidebar. Click this button to add your first website.
- Set your Website Name, Domain Name and application type (platform) and proceed to next step.
- Set your Currency Name in plural form (e.g. Points, Tokens, Coins...), Currency Round (the number of decimals your currency can have, up to 2 decimals) and Exchange Rate (How many of your website currency units will a user earn for every 1 BTC Satoshi that we will pay you).
- Set your Postback URL. Whenever a user completes an offer, we will make a call to this URL by sending all the information needed to help you to credit the virtual currency to your users.
- Done! You have add your website, one of our team members will review it and once it is approved you will receive an email in the meantime you can continue with the integration process. You will find more informatons about postback integration in next chapters of this documentation.
Integration Offerwall
Our Offerwall enables users to benefit from incentives and rewards thanks to segmented, automatically translated ads. Our offerwall will adapt to any screen and will show offers to your users.
Before being able to integrate our offerwall, you must register your website first. Once you have registered your website you will have an API KEY and a SECRET KEY, that you will need in the following steps.
- Click on My Websites button on sidebar.
-
From your websites list, you can get your API and Secret keys, anyway if you click Edit button on any of your websites you will be able to get your full integration code of the offerwall.
From your website overview, you can get the offerwall code by clicking on Get Offerwall Code button. You just need to copy the code on your website.
Offerwall Code
<iframe style="width:100%;height:800px;border:0;padding:0;margin:0;" scrolling="yes" frameborder="0" src="https://demo.cryptowall.info/offerwall/[API_KEY]/[USER_ID]"></iframe>
Replace [API_KEY] with your website api key and [USER_ID] by the unique identifier code of the user of your site who is viewing the wall.
<iframe style="width:100%;height:800px;border:0;padding:0;margin:0;" scrolling="yes" frameborder="0" src="https://demo.cryptowall.info/offerwall/[API_KEY]/[USER_ID]"></iframe>
Parameter | Description | Value |
---|---|---|
[API_KEY] | Unique API Code provided when you registered your website | varchar(32) |
[USER_ID] | Unique identifier code of the user of your site | varchar(32) |
Postback Notifications
Whenever a user complete an offer, we will make a call to the Postback URL that you indicated in your app attaching all the information that you will need to credit your users.
Parameter | Description | Example |
---|---|---|
subId | This is the unique identifier code of the user who completed action on your platform. | user123 |
transId | Unique identification code of the transaction made by your user. | 12345678 |
reward | The amount of your virtual currency to be credited to your user. | 1.25 |
reward_name | The name of your currency set when you registered your website. | Points |
payout | The offer payout in BTC | 0.00000080 |
fiat_payout | The offer payout in USD | 0.0001245 |
userIp | The user's IP address who completed the action. | 192.168.1.0 |
country | Country (ISO2 form) from the lead comes. | US |
debug | Check if is a test or a live postback call. | 1 (test) / 0 (live) |
signature | MD5 hash that can be used to verify that the call has been made from our servers. | 17b4e2a70d6efe9796dd4c5507a9f9ab |
Postback Security
You should verify the signature received in the postback to ensure that the call comes from our servers.
Signature parameter should match MD5 of subId
transactionId
reward
secret key
. You can find your Secret Key of your website in My Websites section.
The formula to be checked is as follows:
<?php
$secret = ""; // Get your secret key from CryptoWall
$subId = isset($_REQUEST['subId']) ? $_REQUEST['subId'] : null;
$transId = isset($_REQUEST['transId']) ? $_REQUEST['transId'] : null;
$reward = isset($_REQUEST['reward']) ? $_REQUEST['reward'] : null;
$signature = isset($_REQUEST['signature']) ? $_REQUEST['signature'] : null;
// Validate Signature
if(md5($subId.$transId.$reward.$secret) != $signature)
{
echo "ERROR: Signature doesn't match";
return;
}
?>
Responding to Postback
Our servers will expect your website to respond with "ok". If your postback doesn't return "ok" as response, postback will be marked as failed (even if postback was successfully called) and you would be able to resend it manually from our website.
Postback Example
The following example is not a working one but should be enough to understand how you should implement your postback in your website.
<?php
$secret = ""; // Get your secret key from CryptoWall
// Proceess only requests from CryptoWall IP addresses
$allowed_ips = array('188.165.198.204','2001:41d0:2:8fcc::');
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$IP = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$IP = $_SERVER['REMOTE_ADDR'];
}
if(!in_array($IP, $allowed_ips))
{
echo "ERROR: Invalid source";
return;
}
$userId = isset($_REQUEST['subId']) ? $_REQUEST['subId'] : null;
$transId = isset($_REQUEST['transId']) ? $_REQUEST['transId'] : null;
$reward = isset($_REQUEST['reward']) ? $_REQUEST['reward'] : null;
$reward_name = isset($_REQUEST['reward_name']) ? $_REQUEST['reward_name'] : null;
$payout = isset($_REQUEST['payout']) ? $_REQUEST['payout'] : null;
$fiat_payout = isset($_REQUEST['fiat_payout']) ? $_REQUEST['fiat_payout'] : null;
$ipuser = isset($_REQUEST['userIp']) ? $_REQUEST['userIp'] : "0.0.0.0";
$country = isset($_REQUEST['country']) ? $_REQUEST['country'] : null;
$debug = isset($_REQUEST['debug']) ? $_REQUEST['debug'] : null;
$signature = isset($_REQUEST['signature']) ? $_REQUEST['signature'] : null;
// validate signature
if(md5($userId.$transId.$reward.$secret) != $signature)
{
echo "ERROR: Signature doesn't match";
return;
}
// Check if the transaction is new, use $transId to valiate it
if(isNewTransaction($transId))
{
// Transaction is new, reward your user
processTransaction($userId, $reward, $transId);
}
echo "ok"; // Important!
?>