jmordkoff

Help me out here. Doesn't the library use the hash to validate the transaction response is legitimate? Or this considered an application level concern?