Webhook Notifications not working for Transfers (Deposits)

Developer Discussion
1

Hi,

We’ve created a webhook URL to get deposit information, however, when we do testnet transfers into the deposit addresses, there is no notification at all.

All other notifications work fine, for withdrawal, login, creating vault etc.

This is on Sandbox environment.

Is this a common issue?

2

Hi,
Our testing shows that webhooks for all events re being sent out successfully in the sandbox environment.
It is not a known issue.

If you would please provide the webhook URL, I will check our logs to see if the webhooks are being posted by us.

Can you also please try again and check if this issue is reoccurring?

Is this only related to deposit addresses for UTXO assets?
The webhooks for incoming transactions for account based assets like ETH are received successfully?

Thanks.

3

Hi,

Ive tried using BTC testnet, LTC testnet and ETH testnet.

All of them do not give any webhook notification, all other events do, outbound transactions also give off the notification.

Our endpoint (Google Cloud Run)
https://handlefireblockswebhook-y4fwpm2h5q-uc.a.run.app

Here is an example of incoming webhook for vault creation, which works.

2023-12-05 22:46:04.935 CET
POST200698 B139 msaxios/0.21.1 https://handlefireblockswebhook-y4fwpm2h5q-uc.a.run.app/ 
2023-12-05 22:46:04.942 CET
Function handleFireblocksWebhook invoked
2023-12-05 22:46:04.942 CET
Received webhook request:  {
2023-12-05 22:46:04.942 CET
  title: 'Vault Wallet Added',
2023-12-05 22:46:04.942 CET
  description: 'Added',
2023-12-05 22:46:04.942 CET
  notificationSubject: 'Vault Wallet Added',
2023-12-05 22:46:04.942 CET
  createdAt: 1701812763821,
2023-12-05 22:46:04.942 CET
  asset: 'BNB_TEST',
2023-12-05 22:46:04.942 CET
  accountName: 'UserVault-test12',
2023-12-05 22:46:04.942 CET
  user: 'System',
2023-12-05 22:46:04.942 CET
  userId: 'System',
2023-12-05 22:46:04.942 CET
  eventKey: 'vault_account',
2023-12-05 22:46:04.942 CET
  workspace: 'Anonymous Workspace Name'
2023-12-05 22:46:04.942 CET
}
2023-12-05 22:46:05.075 CET
Message sent to Slack successfully.

I do the test as followed:

  1. I look up the deposit address for lets say ADA
  2. I enter it in the ADA testnet faucet
  3. The faucets sends it to the address. We can see it incoming in Fireblocks aswell (all stages of the transaction / unconfrimed / confirmed).
  4. No notification whatsoever.
4

Kindly see above. Thank you

5

Hi Edji,

Our tests show that webhooks are being delivered correctly for all events in all workspaces.

I am not sure about the configuration of the webhook server /google cloud endpoint being used.
Please use ngrok and node to run a webhook server locally and try performing the test.

To setup the server please follow the instructions below.
There are two files below. Name them index.js and package.json
• paste it in a folder and open the index.js
• Get the public key from Webhooks & Notifications
• Add the public key in the file in front of const publicKey variable.
• Run npm express install
• Run node index.js
• Run ngrok http 3000 ( please get ngrok from here https://ngrok.com/)
• Add the url mentioned by the ngrok server and add /webhook at the end. http:example.com/webhook and add the URL in the console in manage URL section under settings

6 
{
  "name": "webhook",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "author": "",
  "license": "ISC",
  "dependencies": {
    "body-parser": "^1.19.1",
    "crypto": "^1.0.1",
    "express": "^4.17.2"
  }
}
7

index.js

const crypto = require("crypto")
const express = require("express")
const bodyParser = require("body-parser")

const port = 3000

const publicKey = ``.replace(/\\n/g, "\n")

const app = express()

app.use(bodyParser.json())

app.post("/webhook", (req, res) => {
  const message = JSON.stringify(req.body)
  console.log(message)
  const signature = req.header("Fireblocks-Signature")
  console.log(signature)
  const verifier = crypto.createVerify("RSA-SHA512")
  verifier.write(message)
  verifier.end()

  const isVerified = verifier.verify(publicKey, signature, "base64")
  console.log("Verified:", isVerified)

  res.send("ok")
})

app.listen(port, () => {
  console.log(`Webhook running at http://localhost:${port}`)
})
8

Hi,

Is the verification with public key / signature required? I haven’t used it to keep the test simple for now.

I just did a few more tests

  1. Login → event triggered
  2. Withdrawwal → event triggered
  3. Sending LTC from external wallet into fireblocks deposit address → no event

I can garantuee you the deposit event is not working. Not receiving a response for deposit events at all.

9

On our side, I can see all webhooks failing for the URL you added.
In my tests using ngrok and node, I can see all webhooks getting delivered.

It is not necessary to add a public key. It is for signature verification.

10

Ok, I identified the issue.

The issue is not with Cloud Run.

Apparently, I set up the webhook event here

https://sandbox.fireblocks.io/v2/settings/notifications

Which is not the correct way. It should be under general.

It works now! Thanks for helping out regardless.

11

Great, I’m glad to hear it works now.
Thanks.