How do I set the bounty for my affiliate? Can I assign just certain items I'm selling or do I have to assign all of them? For example, I am selling over 374 .crypto domains, but he is assisting only on 50 just now. So, if possible, I would like to assign 2.0% bounty to him, as each domain is sold.
Posted by Mark Thomas Wilgus 2 days ago
Does OpenSea support ERC721 tokens in other blockchains like Avalanche? Ethereum gas price right now is too high. But Avalanche's C chain fully support Ethereum smart contracts. So I am thinking about building my NFT tokens there. Could OpenSea support tokens built on Avalanche blockchain? Please help. Thank you
Posted by Kudo 12 days ago
Dear OpenSea team, I'm trying to access the API without an API key just for personal research. I'm trying to get all items minted with a specific contract address. There are >100,000 items minted. I have written now a loop which - requests 50 items at a time - waits 1s - increases offset by 50 - next request .. and so on But when I reach a point at which offset is > 10000 it says that the offset cannot be higher than 10000. Do I need to have an API key or how can I get the rest of the items? Kind regards, Dominik
Posted by Dominik 21 days ago
Dear OpenSea, we already have an openSea shop and we already minted some NFT and we used the standard erc721 openSea contract. We would like to update the contract with a new erc1155 custom contracts made by us using your tutorial for erc1155. My question is, what happens to the old minted NFT we already have in our shop? Is it possible to update the old NFT and link them to the new erc1155 contract? Thanks for your consideration Regards Riccardo
Posted by Riccardo Crippa 25 days ago
If I create my own ERC20 token and distribute it to a group of people, can I create listings and allow those people to buy items on my OS account with that ERC20 token? And what fees would OS collect on those sales? Thanks for any feedback.
Posted by Brian Halloran 26 days ago
Hi again, more api questions... :D If I open https://opensea.io/bundles/good-luck-getting-this-somewhere-else-Y7G, the listing price is 2.5 eth. I've been using current_price in the API to get the eth price of a card/bundle and so far it has seemed pretty accurate, but when I get to a few bundles, like this one, things are wildly different. If I use this API call: https://api.opensea.io/wyvern/v1/orders?bundled=true&include_bundled=true&include_invalid=false&collection_slug=gods-unchained&listed_after=1606521600&listed_before=1609113600&limit=50&offset=0 ... the listing is in the response and for this record, current_price = 3500000000000000000.000000000 3500000000000000000.000000000 * 1e+18 = 3.5eth.... not 2.5eth like what is being shown in the UI. Is there something I am missing in the API to help me get a more accurate picture of how the UI calculates a bundles list price? Thanks!
Posted by Robert Ogden 26 days ago
Hi ! I've already uploaded one item. I try to send two others items before to start a "Request review" but I have these errors : - Failed to Fetch or - There was an error adding your item I'm running Opensea in Chrome browser with Metamask plugin. Thanks !
Posted by Benjamin Bardou 27 days ago
When I log in to opensea, I see something along the lines of 7 million results when I query collection_slug=gods-unchained. Im trying to accumulate all open orders through the API. Testing the waters, I have one set of criteria that pages through 10500 records at 50 records a page and then I get a bad request from the API call that is being made. ex. 1: https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=5300&collection_slug=gods-unchained If I change the criteria, and therefore change the records that I am paging over, I page through exactly 10500 records and dead again: ex. 2: https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=5300&collection_slug=gods-unchained&is_english=false&only_english=false&sale_type=0 I would expect from what I read in the API guide that the call in ex. 1 would show all listings and the call in ex.2 would only show FOR SALE listings(doesnt seem to be working that way - here is one of the results that is returned from ex.2 - an AUCTION - https://opensea.io/assets/0x0e3a2a1f2146d86a604adc220b4967a898d7fe07/46362204) Question 1: How can I form an API call to get an accurate list of orders that are current FOR SALE type auctions only? The second GET request that is shown implements everything I could find in the API manual to get a list of FOR SALE only, NON-AUCTIONS, yet the data set I pull down after paging through the results contains AUCTIONS, which I do not currently want to see. Question 2: Is there a rate limit or cap that is preventing me from pulling over 10500 records? Seems very suspect that both GET calls convienently stop at the same place no matter what my criteria is. Could it be that there is only 10500 records even though it shows 7 million in the UI? Thank you in advance!
Posted by Robert Ogden 27 days ago
Hello to anyone who might be able to assist: I am using the orders endpoint to attempt to find only orders that are currently unsold - I do not wish to retrieve any listings that have already been sold. https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=0&collection_slug=gods-unchained ...returns a list of orders... I see the taker param in the API docs and have concluded that I probably want to filter using that param, but when I add it to the end of the same API call (see below), I cannot get it to omit records that have a taker using the methods I have attempted: https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=0&collection_slug=gods-unchained&taker=NullAddress ... returns "Not valid address"... https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=0&collection_slug=gods-unchained&taker=null ... returns "Not valid address"... https://api.opensea.io/wyvern/v1/orders?bundled=false&include_bundled=false&include_invalid=false&limit=50&offset=0&collection_slug=gods-unchained&taker= ...returns the same list of records that the first call above returns... Is there a way to use this endpoint to only show me listings that are currently unsold? Thank you for the help!
Posted by Robert Ogden 28 days ago
Hello Security, This is Hassan here with the bug report. Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites. This vulnerability affects Web Server. IMPACT: An attacker can host this domain in other evil site by using iframe and if a user fill the given filed it can directly redirect as logs to attacker and after its redirect to your web server.. its lead to steal user information too and use that host site as phishing of your site its CSRF and Clickjacking. POC 1.Open URL : https://opensea.io/wallet/install?referrer=%252Faccount 2.put the url in the below code of iframe <!DOCTYPE HTML> <html lang="en-US"> <head> <meta charset="UTF-8"> <title>i Frame</title> </head> <body> <h3>This is clickjacking vulnerable</h3> <iframe src= "https://opensea.io/wallet/install?referrer=%252Faccount" frameborder="2 px" height="500px" width="500px"></iframe> </body> </html> 3.Observe that site is getting displayed in Iframe Impact: By using Clickjacking technique, an attacker hijack's click's meant for one page and route them to another page, most likely for another application, domain, or both. Remediation: Frame busting technique is the better framing protection technique. Sending the proper X-Frame-Options HTTP response headers that instruct the browser to not allow framing from other domains Please check this issue. Hoping to receive appreciation for responsibly reporting this bug I m waiting for your response. Kind regards Hassan
Posted by Hassan Abbas about a month ago
I get the following error when trying to auction something with a price of 1000 without decimal values. Does this mean I can only auction to opensea with a price including decimal values and not integers?
Posted by Philippe Oscar Sanoy about a month ago