That’s correct, your canister needs to expose a method to accept notifications. Note however, that if anybody was allowed to call ledger notify
method, you’d still need such a method: Ledger’s notify
just calls transaction_notification
method on the destination canister, just as the original caller might have done. The main difference between calling transaction_notification
directly or doing this through the ledger’s notify
call is the receiver of the notification will see a different values of the caller
attribute.
It’s indeed easier to validate transactions if the notification comes directly from the ledger, but this mechanism was never intended for the general use: it scales poorly and it has security risks for the ledger canister. The notify
mechanism is likely to be removed from the ledger interface in future.
Im my recent community conversations talk, I described a way to validate transactions on the Ledger without relying on Ledger notifications. @kpeacock is also working on a service that will provide a simplified payment validation mechanism: Payments - Invoice Canister Design Review