You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -39,7 +45,46 @@ Use the [@tonconnect/protocol package](https://github.com/ton-connect/sdk/tree/m
39
45
Also, pay close attention to the creation of encrypted communication channels between the wallet and the dApp. You can find detailed information in the [Session Protocol documentation](https://github.com/ton-blockchain/ton-connect/blob/main/session.md). For a practical implementation reference, check out the [@tonconnect/protocol package](https://github.com/ton-connect/sdk/blob/main/packages/protocol/src/crypto/session-crypto.ts).
40
46
41
47
### Step 4: Implement Wallet State Init
42
-
Generate the StateInit for your wallet using parameters like wallet ID and public key. An example implementation can be found in the guide.
48
+
49
+
The wallet state init is a base64-encoded BOC containing the standard `StateInit` structure for all contracts in TON.
50
+
51
+
To create the `StateInit` for the wallet, you will need various parameters depending on the wallet version, but the data set always includes the wallet ID and the public key.
52
+
53
+
-**Wallet ID**: Set the wallet ID to `698983191`. This value is the sum of the "magic number" `698983191` (which is the first 4 bytes of the reversed hash of the zero state) and the workchain number (0 for users).
54
+
-**Public Key**: Generate the public key from the seed.
55
+
-**Wallet Version**: Determine which version of the wallet is being used. TON has several wallet versions, but most often `v4r2` or `v3r2` is used.
56
+
57
+
Regardless of the version, the `StateInit` is formed in the same way:
Here, walletContract.init is a JS structure in the format { code: codeCell, data: dataCell }. If you are using @ton/core, you can generate such structures automatically:
To create a signature for the TON proof, you need to compute the required payload according to the [TON Connect Address Proof Signature Documentation](https://github.com/ton-blockchain/ton-connect/blob/main/requests-responses.md#address-proof-signature-ton_proof), or use the [TON Proof Service Example](https://github.com/ton-connect/demo-dapp-with-react-ui/blob/master/src/server/services/ton-proof-service.ts#L29-L116), and then sign it using the secret key.
76
+
77
+
#### Creating a Signature for a Message
78
+
For creating a signature for a message, you can either use the ready-made method of the wallet contract [v4 Wallet Contract Signature Method](https://github.com/ton-org/ton/blob/master/src/wallets/WalletContractV4.ts#L93-L112), or use it as a reference for your own implementation.
79
+
80
+
#### Resources
81
+
82
+
Here are the links to the wallet contracts implementations:
We also have a guide on wallet smart contracts that can be useful for many other questions: [TON Wallet Smart Contracts Guide](https://docs.ton.org/develop/smart-contracts/tutorials/wallet).
43
88
44
89
### Step 5: Validate Parameters
45
90
In addition to the guidelines, here is further information for validating request fields. Please review the [guidelines](https://github.com/ton-blockchain/ton-connect/blob/main/wallet-guidelines.md) before examining the information below.
@@ -64,14 +109,152 @@ In addition to the guidelines, here is further information for validating reques
64
109
-**`ret` Contains an Unknown Value:** The wallet should follow the strategy as if `ret` was `none`.
65
110
66
111
### Step 6: Demo Integration
67
-
To test and demonstrate the integration, use the [demo dapp with wallet](https://github.com/ton-connect/demo-dapp-with-wallet). This repository provides a starting point for setting up a demo environment. Also try some real world examples:
112
+
To test and demonstrate the integration, you can use the following resources:
113
+
-[Demo Dapp](https://github.com/ton-connect/demo-dapp-with-wallet) with Wallet: This repository provides a starting point for setting up a demo environment to test wallet integration.
114
+
-[TON Proof Demo App](https://github.com/liketurbo/demo-dapp-with-backend/tree/js-demo): This app allows you to verify TON proof functionality in a practical setting.
115
+
116
+
For real-world testing and examples, try the following platforms:
68
117
69
118
-**[TON Stakers](https://app.tonstakers.com):** Test wallet connection, stake, and unstake TON.
70
119
-**[STON.fi](https://app.ston.fi):** Test wallet connection, swap TON for USDT, and manage liquidity.
71
120
-**[GetGems](https://getgems.io):** Test wallet connection, mint, list, and purchase NFTs.
72
121
73
122
### Emulating Transactions
74
-
Use the `/v2/wallet/emulate` method from [tonapi.io](https://tonapi.io/api-v2) to emulate transaction chains. This helps in testing and verifying the transaction flow without using real assets.
123
+
#### Handling Messages from TON Connect
124
+
125
+
When using TON Connect, you will receive multiple messages, each containing a `body` and `init`. Simply displaying these messages as they are might be acceptable for basic functionality, but it is not sufficient for ensuring security.
126
+
127
+
#### Initial Implementation
128
+
129
+
For the first version, displaying the messages as they are may be sufficient. However, in future updates, it would be beneficial to parse these messages or emulate a transaction chain to provide the user with more detailed and useful information.
130
+
131
+
#### Recommended Approaches
132
+
133
+
You can enhance your implementation by using the following methods:
134
+
135
+
-**TON API**: Utilize the `/v2/wallet/emulate` method from [TON API v2](https://tonapi.io/api-v2).
136
+
137
+
:::tip
138
+
139
+
When emulating transactions, it's essential to keep the following points in mind:
140
+
141
+
1.**Do Not Use the Real Wallet’s Secret Key**: Always avoid using the actual wallet's secret key during emulation. Instead, sign the transaction with a fake key, such as an empty buffer, to ensure security.
142
+
143
+
2.**Ensure the Real Wallet Balance is Used for Emulation**: For accurate emulation, the real wallet balance must be provided. If the balance is empty, the emulation process will fail and return an error. During testing, you may uncomment the line to specify a larger balance than what actually exists, but remember to revert to the real balance in production.
// get wallet balance for emulation, must be not empty
214
+
let walletBalance =Number(awaitwallet.getBalance());
215
+
// you can uncomment this line for testing purposes, BUT DON'T FORGET TO COMMENT IT BACK FOR REAL USAGE
216
+
// walletBalance = 1_000_000_000;
217
+
const result =awaitfetch(`https://tonapi.io/v2/wallet/emulate`, {
218
+
method: 'POST',
219
+
headers: {
220
+
Accept: 'application/json',
221
+
'Content-Type': 'application/json'
222
+
},
223
+
body: JSON.stringify({
224
+
boc: extMsgBocBase64,
225
+
params: [
226
+
{
227
+
address: wallet.address.toRawString(),
228
+
balance: walletBalance
229
+
}
230
+
]
231
+
})
232
+
}).then(p=>p.json());
233
+
// log emulation result
234
+
console.log(result);
235
+
}
236
+
237
+
main().catch();
238
+
239
+
```
240
+
</details>
241
+
242
+
-**Tongo Library**: Explore the [Tongo library on GitHub](https://github.com/tonkeeper/tongo).
243
+
-**Custom Parser**: Consider implementing your own parser, similar to the one in [tlb-abi](https://github.com/TrueCarry/tlb-abi) (please note that this version is not stable).
244
+
-**Transaction Emulation**: Look at the emulation example in [this GitHub repository](https://github.com/thekiba/multisig/tree/main/apps/ui) (primarily for research purposes).
245
+
246
+
#### Emulating Transactions with TON API
247
+
248
+
If you choose to use the `/v2/wallet/emulate` method, here’s an example of how to implement it. However, keep in mind the following critical points:
249
+
250
+
1.**Avoid Using the Real Wallet’s Secret Key**: When emulating transactions, never use the actual wallet's secret key. Instead, sign the message with a fake key, such as an empty buffer.
251
+
252
+
2.**Use the Real Wallet Balance for Emulation**: You must pass the real wallet balance when performing the emulation. If the balance is empty, the emulation will fail and return an error. For testing, you can temporarily specify a larger balance by uncommenting the corresponding line, but always remember to use the real balance in production.
253
+
254
+
#### Code Example
255
+
256
+
Here is the relevant code snippet for your reference:
257
+
75
258
76
259
### Step 7: Get an Audit
77
260
To add your wallet to the wallets-list repository, please submit a pull request and ensure that all the necessary metadata is filled out. Additionally, applications can integrate wallets directly through the SDK.
@@ -81,6 +264,6 @@ To add your wallet to the wallets-list repository, please submit a pull request
0 commit comments