diff --git a/webapp/controller/BlockChainController.class.php b/webapp/controller/BlockChainController.class.php
index 5286eb06..b2aedd46 100644
--- a/webapp/controller/BlockChainController.class.php
+++ b/webapp/controller/BlockChainController.class.php
@@ -116,6 +116,11 @@ class BlockChainController extends BaseAuthedController {
     {
         $type = getReqVal('type', 0);
         $uniid = getReqVal('uniid', 0);
+        $accountAddress = strtolower(getReqVal('account_address', ''));
+        if ($accountAddress != myself()->_getAddress()) {
+            myself()->_rspErr(1, 'account address error');
+            return;
+        }
         switch ($type) {
         case 1:
         {
@@ -169,6 +174,11 @@ class BlockChainController extends BaseAuthedController {
     public function mintGoldBullion()
     {
         $type = getReqVal('type', 0);
+        $accountAddress = strtolower(getReqVal('account_address', ''));
+        if ($accountAddress != myself()->_getAddress()) {
+            myself()->_rspErr(1, 'account address error');
+            return;
+        }
         $itemId = 0;
         $goldNum = 0;
         switch ($type) {