Need Quick Answers?

Browse our frequently asked questions or use the search below to find what you're looking for.

General Questions

What is CryptoGate?

CryptoGate is a cryptocurrency payment gateway that enables businesses to accept Bitcoin, Litecoin, Dash, Dogecoin, and Ethereum payments. We handle all the technical complexity of blockchain integration, allowing you to focus on your business.

Our platform provides a simple API, pre-built plugins, and a user-friendly dashboard to manage all your cryptocurrency transactions in one place.

Is CryptoGate legitimate, or a scam?

CryptoGate.live is a legitimate, non-custodial software tool for accepting cryptocurrency payments. You can verify that yourself: payments go directly from your customer's wallet into yours, because we only ever hold your wallet's public key (xPub), which can receive funds but can never send them. There is no balance for us, or anyone, to freeze or run off with.

We charge one flat monthly subscription, paid up front. We will never ask you to send crypto to "activate," "verify," or "release" funds, and we never take a cut of your sales. Anyone asking you for a deposit or "withdrawal fee," using our name or any other, is running a scam.

Note on the name: CryptoGate.live is not affiliated with any "Cryptogate" WhatsApp or Telegram investment group, "account manager" who messages you out of the blue, cryptogategroup.com, or any "Cryptogate" investment fund or firm. We do not offer investments, trading, or guaranteed returns. CryptoGate is run by a named, contactable founder, Emil Dabrowski ([email protected]), and our code is published openly on GitHub. Read reviews on Trustpilot.

Which cryptocurrencies do you support?

We currently support:

  • Bitcoin (BTC) - The original cryptocurrency
  • Litecoin (LTC) - Fast and low-fee transactions
  • Dash (DASH) - Privacy-focused digital cash
  • Dogecoin (DOGE) - Popular community-driven coin
  • Ethereum (ETH) - Smart contract platform
  • ERC-20 tokens - USDT, USDC, DAI, WBTC, SHIB, PEPE, LINK, UNI, AAVE and MKR, paid to your Ethereum address

Additional cryptocurrencies are added based on merchant demand and network stability.

How is CryptoGate different from other payment processors?

CryptoGate offers several unique advantages:

  • No KYC for merchants - Get started immediately without lengthy verification
  • Competitive fees - Transparent pricing with no hidden costs
  • Direct wallet control - Funds go straight to your wallet, not held by us
  • Developer-friendly API - Comprehensive REST API with webhook support
  • Zero chargeback risk - Blockchain transactions are irreversible by design
Do I need technical knowledge to use CryptoGate?

No! We offer solutions for all skill levels:

  • No-code: Use our dashboard to generate payment links and invoices
  • E-commerce platforms: Install our plugins for Shopify, WooCommerce, etc.
  • Developers: Integrate using our REST API with SDKs for JavaScript, PHP, Python
Which countries can use CryptoGate?

CryptoGate is available to merchants worldwide, with some exceptions. We currently cannot serve merchants in:

  • Countries under international sanctions (e.g., North Korea, Iran)
  • Regions where cryptocurrency is explicitly illegal

Check our Compliance page for the full list of supported regions.

What types of businesses can use CryptoGate?

We support most legal businesses including e-commerce stores, SaaS platforms, freelancers, non-profits, and service providers. We do not support:

  • Illegal goods or services
  • Adult content or gambling (in most jurisdictions)
  • Unregistered securities or investment schemes
  • Money laundering or terrorist financing

See our Terms of Service for complete usage guidelines.

What is your uptime guarantee?

We maintain 99.9% uptime with redundant infrastructure and full blockchain nodes. Our Status Page shows real-time system health. Scheduled maintenance is announced 48 hours in advance and typically occurs during low-traffic periods.

Do you have a mobile app?

Our dashboard is fully responsive and works on mobile browsers. We don't currently have native iOS/Android apps, but our web interface provides full functionality on mobile devices including payment monitoring, transaction history, and account settings.

Can I try CryptoGate before signing up?

Yes! Our Starter plan is free to start (you only pay per transaction). You can also use our sandbox mode to test full functionality without processing real payments. No credit card required to sign up.

What are your support hours?

Email support is available 24/7 with typical response times of:

  • Starter: Within 24 hours
  • Business: Within 12 hours
  • Enterprise: Within 4 hours + dedicated account manager

Critical issues (payment failures, API outages) receive priority support across all plans.

How do you handle customer data privacy?

We're GDPR and CCPA compliant. We only collect minimal data necessary for payment processing. Customer payment data is encrypted in transit and at rest. We never sell or share customer data with third parties. See our Privacy Policy for details.

Account & Security

How do I create an account?

Getting started is simple:

  1. Visit cryptogate.live/signup
  2. Enter your email and create a secure password
  3. Verify your email address
  4. Complete your profile and wallet setup
  5. Start accepting payments immediately!

The entire process takes less than 5 minutes.

Is two-factor authentication (2FA) required?

2FA is highly recommended but not required during signup. However, certain actions require 2FA:

  • Changing wallet addresses
  • Modifying API keys
  • Accessing sensitive account settings
  • Account recovery options

We support TOTP authenticators (Google Authenticator, Authy, 1Password) and backup codes.

How do you store my funds?

We don't! CryptoGate operates in direct-to-wallet mode by default:

  • You provide your cryptocurrency wallet addresses (XPubs)
  • Customer payments go directly to your wallet
  • We never hold or custody your funds
  • You maintain complete control at all times

Your keys, your crypto. We're completely non-custodial.

What happens if I lose my account password?

Use the "Forgot Password" link on the login page. You'll receive a secure reset link via email. If you've enabled 2FA, you'll also need your authenticator app or backup codes.

Important: We cannot recover your account if you lose access to both your email and 2FA device. Always save your backup codes in a secure location!

How do I keep my API keys secure?

API key security best practices:

  • Never commit API keys to source control (use .env files)
  • Use separate keys for production and testing
  • Rotate keys every 90 days or after team member changes
  • Restrict API keys to specific IP addresses when possible
  • Use read-only keys for reporting/analytics
What should I do if my account is compromised?

If you suspect unauthorized access:

  1. Immediately change your password
  2. Revoke all API keys and generate new ones
  3. Review recent transactions for unauthorized activity
  4. Enable 2FA if not already active
  5. Contact [email protected] immediately

We'll help secure your account and investigate any suspicious activity.

Can I change my account email address?

Yes, you can change your email in Account Settings → Profile. You'll need to verify the new email address. If 2FA is enabled, you'll need your authenticator code. For security, we'll send confirmation emails to both old and new addresses.

How long do login sessions last?

Sessions last 7 days with activity, or 30 minutes of inactivity. You can log out from all devices in Account Settings → Security → Active Sessions. We recommend logging out on shared computers.

How do I delete my account?

To delete your account:

  1. Ensure all pending transactions are completed
  2. Cancel any active subscriptions
  3. Export your transaction history if needed
  4. Go to Settings → Account → Delete Account

Note: Account deletion is permanent and cannot be undone. Transaction data is retained for 7 years for compliance.

Can I restrict API access to specific IP addresses?

Yes! In Dashboard → API Keys → Key Settings, you can whitelist specific IP addresses or CIDR ranges. This is highly recommended for production keys. Requests from non-whitelisted IPs will be rejected with a 403 error.

I lost my 2FA device. How do I access my account?

Use your backup codes that you saved when setting up 2FA. Each code can only be used once. If you've lost your backup codes:

  1. Click "Lost your 2FA device?" on the login page
  2. Verify your identity via email
  3. Provide additional verification (last transaction details, etc.)
  4. Wait for manual review (up to 48 hours)
Why is my account locked after failed login attempts?

After 5 failed login attempts, your account is temporarily locked for 15 minutes to prevent brute force attacks. You can unlock immediately by using the "Forgot Password" link or wait for the lockout period to expire.

Can I add team members to my account?

Yes, on Business and Enterprise plans. You can invite team members with different permission levels:

  • Admin: Full access including billing and settings
  • Developer: Can manage API keys and view transactions
  • Support: Can view transactions and issue refunds
  • View-only: Read-only access for reporting
Can I see a history of account changes?

Yes! Settings → Security → Audit Log shows all account activity including logins, setting changes, API key creation/deletion, and wallet updates. Logs are retained for 90 days on Business plans, 1 year on Enterprise.

Payments & Transactions

What are your fees?

Our pricing is simple and transparent:

  • Starter: 1% per transaction (no monthly fee)
  • Business: 0.5% per transaction ($49/month)
  • Enterprise: Custom pricing for high volume

No hidden fees, no setup costs, no cancellation fees. See our Pricing page for details.

How long do transactions take to confirm?

Confirmation times vary by cryptocurrency:

  • Bitcoin (BTC): ~10 minutes (1 confirmation) to 60 minutes (6 confirmations)
  • Litecoin (LTC): ~2.5 minutes (1 confirmation)
  • Ethereum (ETH): ~15 seconds to 5 minutes
  • Dash (DASH): ~2.5 minutes (InstantSend: 1-2 seconds)
  • Dogecoin (DOGE): ~1 minute

You can configure the required number of confirmations based on your risk tolerance.

Can customers get refunds?

Cryptocurrency transactions are irreversible by design - there are no chargebacks like with credit cards.

However, you can manually process refunds:

  1. Customer requests refund through your support channel
  2. You send cryptocurrency back to their original address
  3. Mark the transaction as refunded in your dashboard

This gives you complete control over your refund policy without third-party interference.

Are there minimum or maximum payment amounts?

Minimum: To ensure payments cover blockchain network fees, we recommend:

  • Bitcoin: $5 USD equivalent
  • Ethereum: $2 USD equivalent
  • Other coins: $1 USD equivalent

Maximum: No upper limit on transaction size. Process payments of any amount.

Integration & Technical

Do you provide an API?

Yes! We provide a comprehensive REST API with:

  • Complete payment lifecycle management
  • Real-time webhook notifications
  • Address generation and monitoring
  • Transaction history and reporting
  • Rate limiting and security features

Check our API Documentation for detailed integration guides.

Do you have plugins for e-commerce platforms?

Yes, we offer pre-built plugins for popular platforms. See our Integration Documentation for setup guides.

Can I test without using real cryptocurrency?

Absolutely! We provide a sandbox mode for testing:

  • Use testnet cryptocurrencies (no real value)
  • Test all payment flows and webhooks
  • Verify your integration before going live
  • Unlimited free testing

See our Test Mode Guide for details.

Troubleshooting & Common Errors

Customer says they paid but I don't see it in my dashboard

Most common causes:

  • Still pending confirmations: Check the blockchain explorer with the transaction ID
  • Wrong amount sent: Verify they sent the exact amount displayed (including fees)
  • Payment window expired: Generate a new payment request
  • Wrong currency: They sent BTC instead of LTC, etc.

Transaction IDs can be tracked at Troubleshooting Guide.

What happens if customer sends too little cryptocurrency?

Underpaid transactions are marked as "Partial" in your dashboard. You can either:

  • Request the remaining amount from the customer
  • Accept partial payment and adjust the order
  • Refund the partial amount

Set underpayment tolerance (e.g., 0.5%) in Settings → Payments to auto-accept small differences.

Customer sent more than the requested amount. What now?

Overpayments are automatically accepted and marked as "Overpaid" in your dashboard. You can:

  • Keep the overpayment as a tip/donation
  • Apply it as store credit for future purchases
  • Refund the excess amount to the customer

The full amount goes to your wallet; you control how to handle it.

Transaction is stuck "pending" for hours. Is it lost?

No, it's not lost. Common reasons for delays:

  • Low network fee: Transaction waiting in mempool for miners
  • Network congestion: High blockchain activity causing delays
  • Unconfirmed parent: Previous transaction needs to confirm first

Most transactions confirm within 24 hours. If stuck beyond 72 hours, the transaction may be dropped and funds returned to sender.

Customer sent to wrong address. Can we recover funds?

Unfortunately, cryptocurrency transactions are irreversible. If sent to:

  • Invalid address: Transaction will fail and funds stay in sender's wallet
  • Wrong but valid address: Funds are gone unless the recipient agrees to return them
  • Your old address: If it's still in your wallet, you'll receive it

Always double-check addresses before sending!

Webhooks aren't being received. How do I fix this?

Troubleshooting steps:

  1. Check webhook logs in Dashboard → Settings → Webhooks
  2. Verify your endpoint is publicly accessible (not localhost in production)
  3. Ensure your server returns 200 OK within 10 seconds
  4. Check firewall isn't blocking our IPs
  5. Validate webhook signature in your code

See Webhook Documentation for setup details.

Getting 401/403 errors when calling the API

Common authentication issues:

  • 401: Invalid or missing API key in Authorization header
  • 403: Valid key but insufficient permissions, or IP not whitelisted

Correct header format: Authorization: Bearer YOUR_API_KEY

Check your API key status in Dashboard → API Keys.

Getting "Rate limit exceeded" errors

Rate limits by plan:

  • Starter: 60 requests/minute
  • Business: 300 requests/minute
  • Enterprise: Custom limits

Implement exponential backoff and check the X-RateLimit-Remaining response header. Batch operations where possible.

Customer was charged twice for same order

This can happen if customer refreshes the payment page or clicks "Pay" multiple times. To prevent:

  • Use unique order_id for each transaction
  • Check for existing payments before creating new ones
  • Implement idempotency keys in your API calls

If duplicate occurred, refund one transaction through the dashboard.

Payment window expired before customer could pay

Default payment windows:

  • Standard: 15 minutes (prevents price volatility)
  • Extended: Up to 60 minutes (configurable in settings)

After expiration, generate a new payment request. Payments sent to expired addresses will still be received but may require manual reconciliation.

Test mode payments aren't appearing in sandbox

Checklist for test mode:

  1. Verify you're using testnet API keys (starts with test_)
  2. Use testnet faucets to get test coins (Bitcoin testnet, Ethereum Ropsten, etc.)
  3. Send to testnet addresses (different format from mainnet)
  4. Allow time for testnet confirmations (can be slower than mainnet)

See Test Mode Guide for complete setup.

E-commerce plugin not showing CryptoGate as payment option

Common plugin issues:

  • API keys not configured or incorrect
  • Plugin not activated in payment settings
  • Currency not supported (check if you're using USD/EUR/GBP)
  • Plugin needs update to latest version
  • Conflicting payment gateway plugins

Check plugin logs and see platform-specific guides at Integration Docs.

Dashboard balance doesn't match my wallet balance

The dashboard shows pending payments only, not your total wallet balance. To see actual wallet balance:

  • Use a blockchain explorer with your wallet address
  • Check your wallet application directly
  • Remember: CryptoGate doesn't hold funds, they go straight to your wallet

Dashboard only tracks payments created through CryptoGate API.

Getting SSL/HTTPS errors when making API calls

SSL errors usually indicate:

  • Outdated SSL certificate bundle on your server
  • Firewall blocking HTTPS connections
  • Using HTTP instead of HTTPS in API base URL
  • Self-signed certificates in development (disable SSL verify for testing only)

Ensure your HTTP client library has up-to-date CA certificates.

Exchange rate shown to customer differs from my dashboard

Exchange rates are locked when payment is created and held for the payment window duration (15 minutes). This protects against volatility. The rate shown in your dashboard is the rate at payment creation time, not current market rate.

To minimize discrepancies, encourage customers to complete payments quickly or extend the payment window in settings.

Wallet & Addresses

What is an XPub and why do you need it?

An Extended Public Key (XPub/YPub/ZPub) allows us to generate unlimited unique payment addresses for your customers without accessing your private keys. Think of it as a "master address generator."

Benefits:

  • Each customer gets a unique address (better privacy)
  • Easier payment tracking and reconciliation
  • Your private keys stay completely safe

See Wallet Setup Guide for how to export your XPub.

Can I reuse the same cryptocurrency address?

Not recommended. While technically possible, reusing addresses:

  • Reduces privacy (all transactions publicly linked)
  • Makes payment tracking difficult
  • Increases risk of payment confusion

CryptoGate automatically generates unique addresses for each payment using HD wallets. Always use the address provided for each transaction.

How do I change my wallet address?

To change your receiving wallet:

  1. Go to Settings → Wallets
  2. Enter your new XPub/address
  3. Verify with 2FA code
  4. Confirm via email

Important: Existing pending payments will still go to the old address. The new address only applies to future payments created after the change.

Which Bitcoin address format should I use?

We support all Bitcoin address formats:

  • Legacy (P2PKH): Starts with "1" - Most compatible but higher fees
  • SegWit (P2SH): Starts with "3" - Lower fees, widely supported
  • Native SegWit (Bech32): Starts with "bc1" - Lowest fees, modern wallets

Recommendation: Use Native SegWit (bc1) for lowest transaction fees if your wallet supports it.

Can I use different wallets for different cryptocurrencies?

Yes! You configure a separate wallet for each supported cryptocurrency:

  • Bitcoin → Your Bitcoin wallet XPub
  • Ethereum → Your Ethereum address
  • Litecoin → Your Litecoin wallet XPub
  • And so on...

Each cryptocurrency requires its own wallet. You cannot use a Bitcoin wallet to receive Ethereum, for example.

Can I use a hardware wallet (Ledger/Trezor)?

Absolutely! Hardware wallets are highly recommended for security. Simply export the XPub from your hardware wallet and provide it to CryptoGate. Your private keys never leave the hardware device.

Compatible wallets: Ledger Nano S/X, Trezor One/Model T, BitBox, and most HD wallets.

How do I collect/sweep funds from multiple addresses?

If you're using HD wallets (XPub), all generated addresses are part of your wallet - you don't need to sweep them. Your wallet application automatically manages all addresses.

If using individual addresses, use your wallet's "sweep" or "consolidate" feature to move funds to a single address (note: you'll pay network fees for each consolidation).

What derivation path should I use?

Standard derivation paths:

  • BIP44 (Legacy): m/44'/0'/0' - For addresses starting with "1"
  • BIP49 (SegWit): m/49'/0'/0' - For addresses starting with "3"
  • BIP84 (Native SegWit): m/84'/0'/0' - For addresses starting with "bc1"

Most wallets use BIP84 by default. The derivation path must match your wallet's XPub type.

Do you need access to my wallet's private keys?

No! Never! CryptoGate operates in watch-only mode. We only need your XPub (public key) to generate addresses and monitor incoming payments. Your private keys remain exclusively in your control.

We cannot spend your funds - only watch for incoming transactions.

Can I use an exchange wallet address?

Not recommended. Exchange wallets have limitations:

  • Addresses often change or expire
  • Cannot export XPub (must use single address)
  • Exchange may flag/freeze accounts receiving merchant payments
  • You don't control the private keys

Use a personal wallet (software, hardware, or custodial business wallet) instead.

How can I verify my wallet address is correct?

Before saving your wallet address:

  1. Send a small test transaction to the address
  2. Verify it appears in your wallet
  3. Only then configure it in CryptoGate
  4. Double-check the address character-by-character

Our system validates address format, but cannot verify if you own it. Always test first!

Why are some generated addresses not showing in my wallet?

Wallets use a "gap limit" (typically 20) - they stop scanning for addresses after finding 20 consecutive unused addresses. If you generate many addresses that don't receive payments, some may be beyond this gap.

Solution: Increase your wallet's gap limit, or ensure addresses are used in sequential order. Most modern wallets handle this automatically.

Webhooks & Notifications

How do I set up webhooks?

Setting up webhooks:

  1. Go to Dashboard → Settings → Webhooks
  2. Click "Add Webhook Endpoint"
  3. Enter your publicly accessible HTTPS URL
  4. Select events to receive (payment.created, payment.confirmed, etc.)
  5. Save and note your webhook secret for signature verification

See Webhook Documentation for implementation details.

How do I verify webhook signatures?

Every webhook includes an X-CryptoGate-Signature header. To verify:

  1. Get the raw request body (before parsing JSON)
  2. Compute HMAC-SHA256 using your webhook secret
  3. Compare computed signature with header value
  4. Reject webhook if signatures don't match

Example code available in our Webhook Guide for all languages.

What happens if my webhook endpoint is down?

We automatically retry failed webhooks:

  • Immediate retry
  • After 5 minutes
  • After 1 hour
  • After 6 hours
  • After 24 hours (final attempt)

After all retries fail, the webhook is marked as failed. You can manually replay webhooks from the dashboard.

Can I test webhooks on localhost?

Use a tunneling service to expose localhost:

  • ngrok: ngrok http 3000 - Get public HTTPS URL
  • localtunnel: lt --port 3000
  • Cloudflare Tunnel: For permanent development URLs

Alternatively, use our sandbox mode with a test server deployed online.

What webhook events are available?

Available webhook events:

  • payment.created: New payment request generated
  • payment.pending: Payment detected in mempool
  • payment.confirmed: Payment confirmed on blockchain
  • payment.completed: All confirmations received
  • payment.failed: Payment expired or failed
  • payment.refunded: Payment manually refunded

Subscribe to only the events you need to reduce noise.

How do I prevent processing the same webhook twice?

Implement idempotency using the event_id field:

  1. Store processed event_id values in your database
  2. Check if event_id exists before processing
  3. If exists, return 200 OK immediately (already processed)
  4. If new, process and store the event_id

This prevents duplicate order fulfillment from webhook retries.

My webhook takes longer than 10 seconds to process. What should I do?

Use asynchronous processing:

  1. Immediately return 200 OK to CryptoGate
  2. Queue the webhook for background processing
  3. Process order fulfillment asynchronously

Don't perform heavy operations (email sending, inventory updates) in the webhook handler. Queue them instead.

How can I debug webhook issues?

Debugging tools:

  • Dashboard logs: Settings → Webhooks → View Logs
  • Webhook replay: Manually resend past webhooks for testing
  • RequestBin/Webhook.site: Inspect raw webhook payloads
  • Server logs: Check your application logs for errors

Common issues: SSL errors, signature validation failures, timeout errors.

Can I receive email notifications for payments?

Yes! Configure email notifications in Settings → Notifications:

  • Payment received
  • Payment confirmed
  • Payment failed/expired
  • Suspicious activity detected
  • Daily/weekly summary reports

You can set different email addresses for different notification types.

Can I add multiple webhook endpoints?

Yes! You can configure multiple webhook endpoints, each receiving different events. Useful for:

  • Separate endpoints for different services (order processing, analytics, notifications)
  • Load balancing across multiple servers
  • Development/staging/production environments

Each endpoint has its own secret for signature verification.

Still Have Questions?

Can't find what you're looking for? Visit our Support page or email us at [email protected]. We typically respond within 24 hours.