public function sendTrx(string $to, float $amount, string $from = null, string $message = null)
{
if ($amount < 0) {
throw new TronException('Invalid amount provided');
}
if(is_null($from)) {
$from = $this->tron->address['hex'];
}
$to = $this->tron->address2HexString($to);
$from = $this->tron->address2HexString($from);
if ($from === $to) {
throw new TronException('Cannot transfer TRX to the same account');
}
$options = [
'to_address' => $to,
'owner_address' => $from,
'amount' => $this->tron->toTron($amount),
];
if(!is_null($message)) {
$params['extra_data'] = $this->tron->stringUtf8toHex($message);
}
return $this->tron->getManager()->request('wallet/createtransaction', $options);
}
Why isn't the collected transaction being verified?
Theoretically, the server where the transaction is collected could be hacked and the transaction data could be tampered with...