今天來聊一下關於詐騙的 TRC20 錢包在 API 下面的特徵,這邊我們舉例得錢包地址是 https://tronscan.org/#/address/TS64QAQEL5GfbB61C86ZSJjfkVi6kPFmEA
這是詐騙地址,請勿向裡面轉任何代幣,除了官方會有警告以外,我想在 API 中會有啥呈現的不同
這 API 中的變化,說結論在 Response 中 owner_permission => keys[] => address 如果有跟原地址不同的就要小心
這邊就留下物件模型跟撈取的 C# code
/// 詐騙的錢包
var addressInfo = GetAcccountResponse("TS64QAQEL5GfbB61C86ZSJjfkVi6kPFmEA");
/// 正常的錢包
//var addressInfo = GetAcccountResponse("TNGF6UPkjHfRytykSDRgrEuu4UbhixXZ6K");
if (addressInfo != null)
{
Console.WriteLine("Query Address:");
Console.WriteLine(addressInfo.address);
Console.WriteLine("Owner Permission Info:");
Console.WriteLine("Permission_name =>" + addressInfo.owner_permission.permission_name);
foreach (var permissionAddress in addressInfo.owner_permission.keys)
{
Console.WriteLine(permissionAddress.address);
}
}
/*
Query Address:
TS64QAQEL5GfbB61C86ZSJjfkVi6kPFmEA
Owner Permission Info:
Permission_name =>Djjdodnrbrhdo
TFP6sR2ZbsnWFfdv192HxEh2gbw2JnCXW9
*/
/// <summary>
/// 取得錢包資訊
/// </summary>
/// <param name="targetAddress"></param>
/// <returns></returns>
static GetAccountResponse GetAcccountResponse(string targetAddress)
{
var client = new RestClient("https://api.trongrid.io");
var request = new RestRequest("/wallet/getaccount", Method.Post);
request.AddHeader("accept", "application/json");
request.AddHeader("content-type", "application/json");
var body = new
{
address = targetAddress,
visible = true
};
request.AddJsonBody(body);
var response = client.ExecuteAsync(request).Result;
if (response.IsSuccessful)
{
var result = JsonConvert.DeserializeObject<GetAccountResponse>(response.Content);
return result;
}
else
{
//Console.WriteLine($"Error: {response.StatusCode} - {response.ErrorMessage}");
return null;
}
}
public class GetAccountResponse
{
public string address { get; set; }
public int balance { get; set; }
public long create_time { get; set; }
public long latest_opration_time { get; set; }
public int free_net_usage { get; set; }
public long latest_consume_time { get; set; }
public long latest_consume_free_time { get; set; }
public int net_window_size { get; set; }
public bool net_window_optimized { get; set; }
public AccountResource account_resource { get; set; }
public OwnerPermission owner_permission { get; set; }
public List active_permission { get; set; }
public List frozenV2 { get; set; }
public List assetV2 { get; set; }
public List free_asset_net_usageV2 { get; set; }
public bool asset_optimized { get; set; }
public class AccountResource
{
public long latest_consume_time_for_energy { get; set; }
public int energy_window_size { get; set; }
public bool energy_window_optimized { get; set; }
}
public class Key
{
public string address { get; set; }
public int weight { get; set; }
}
public class OwnerPermission
{
public string permission_name { get; set; }
public int threshold { get; set; }
public List keys { get; set; }
}
public class ActivePermission
{
public string type { get; set; }
public int id { get; set; }
public string permission_name { get; set; }
public int threshold { get; set; }
public string operations { get; set; }
public List keys { get; set; }
}
public class AssetV2
{
public string key { get; set; }
public object value { get; set; }
}
public class FreeAssetNetUsageV2
{
public string key { get; set; }
public int value { get; set; }
}
public class FrozenV2
{
public string type { get; set; }
}
}result:
有問題的 wallet adress:
Query Address:
TS64QAQEL5GfbB61C86ZSJjfkVi6kPFmEA
Owner Permission Info:
Permission_name =>Djjdodnrbrhdo
TFP6sR2ZbsnWFfdv192HxEh2gbw2JnCXW9
沒有問題的:
Query Address:
TNGF6UPkjHfRytykSDRgrEuu4UbhixXZ6K
Owner Permission Info:
Permission_name =>owner
TNGF6UPkjHfRytykSDRgrEuu4UbhixXZ6K
紀錄一下,因為最近在處理這些東西..
--
本文原文首發於我的個人部落格:詐騙 TRC20 錢包的 API 端特徵解析
---
Yesterday I wrote down the code. I bet I could be your hero. I am a mighty little programmer.
