toncorp-wallet-connect-sdk 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +184 -0
  2. package/package.json +1 -1
  3. package/registry.json +1 -1
package/README.md CHANGED
@@ -138,6 +138,190 @@ Each wallet instance auto-registers on `window`:
138
138
  | `OneDollarConnect` | `window.onedollar` |
139
139
  | `BaseWalletConnect` | `window.walletconnect` |
140
140
 
141
+ ## Integrate into TMA Wallet App (Telegram Bot)
142
+
143
+ This section is for **wallet app developers** who want their Telegram Mini App (TMA) to support connect requests from DApps using this SDK.
144
+
145
+ ### How it works
146
+
147
+ ```
148
+ DApp (SDK) Your Backend TMA (Telegram)
149
+ ──────────────────────────────────────────────────────────────────────
150
+ 1. SDK calls POST /connect/init
151
+ ← { sessionToken, deeplink }
152
+
153
+ 2. User clicks deeplink / scans QR
154
+ ────────────────────────────────────────────────→ TMA opens
155
+ parse startapp param
156
+
157
+ 3. ← POST /connect/verify TMA sends initData
158
+ verify Telegram HMAC
159
+ → { appId, origin }
160
+
161
+ 4. TMA shows confirm UI
162
+
163
+ 5. User taps Approve
164
+ ← POST /connect/confirm TMA sends JWT + approved
165
+ get user wallet
166
+ emit WS event ──────→ SDK receives result
167
+ modal shows success
168
+ ```
169
+
170
+ ### Step 1: Parse `startapp` param in your TMA
171
+
172
+ When a DApp initiates a connect request, the user is redirected to your TMA via deeplink. The `startapp` parameter contains the session token.
173
+
174
+ ```typescript
175
+ // In your TMA (React / vanilla JS)
176
+ const tg = window.Telegram.WebApp;
177
+ const startParam = tg.initDataUnsafe?.start_param; // "sessionToken_abc123..."
178
+
179
+ if (startParam && startParam.startsWith('sessionToken_')) {
180
+ const sessionToken = startParam.replace('sessionToken_', '');
181
+ // → proceed to Step 2
182
+ }
183
+ ```
184
+
185
+ ### Step 2: Verify session with your backend
186
+
187
+ Call your backend to verify the session and get DApp info to show the user.
188
+
189
+ ```typescript
190
+ const response = await fetch('https://your-api.com/connect/verify', {
191
+ method: 'POST',
192
+ headers: { 'Content-Type': 'application/json' },
193
+ body: JSON.stringify({
194
+ sessionToken,
195
+ initData: tg.initData, // Telegram initData for HMAC verification
196
+ botId: 'your_bot_id',
197
+ }),
198
+ });
199
+
200
+ const { appId, appName, origin, walletId } = await response.json();
201
+ // → Show confirm UI to user
202
+ ```
203
+
204
+ ### Step 3: Show confirm popup
205
+
206
+ Display the DApp info and let the user approve or reject.
207
+
208
+ ```tsx
209
+ // React example
210
+ function ConnectConfirm({ appName, origin, onApprove, onReject }) {
211
+ return (
212
+ <div className="confirm-popup">
213
+ <h2>{appName} wants to connect</h2>
214
+ <p>Origin: {origin}</p>
215
+ <button onClick={onApprove}>Approve</button>
216
+ <button onClick={onReject}>Reject</button>
217
+ </div>
218
+ );
219
+ }
220
+ ```
221
+
222
+ ### Step 4: Confirm or reject
223
+
224
+ When the user taps Approve/Reject, call the confirm endpoint with their JWT token.
225
+
226
+ ```typescript
227
+ const token = 'user_jwt_token'; // from your TMA auth flow
228
+
229
+ const result = await fetch('https://your-api.com/connect/confirm', {
230
+ method: 'POST',
231
+ headers: {
232
+ 'Content-Type': 'application/json',
233
+ 'Authorization': `Bearer ${token}`,
234
+ },
235
+ body: JSON.stringify({
236
+ sessionToken,
237
+ approved: true, // or false to reject
238
+ }),
239
+ });
240
+
241
+ const data = await result.json();
242
+ // {
243
+ // success: true,
244
+ // status: 'CONFIRMED',
245
+ // wallet: { address: 'UQ...', chain: 'TON' },
246
+ // user: { username: 'john', avatar: '...' }
247
+ // }
248
+
249
+ // The SDK on the DApp side receives this automatically via WebSocket/polling
250
+ // → DApp modal shows "Connection Successful"
251
+ ```
252
+
253
+ ### Step 5: In-app QR scanner (optional)
254
+
255
+ Allow users already in your TMA to scan a QR code from a DApp to connect.
256
+
257
+ ```typescript
258
+ // User scans QR → gets deeplink URL
259
+ const scannedUrl = 'https://t.me/YourBot/app?startapp=sessionToken_abc123...';
260
+
261
+ // Parse sessionToken from URL
262
+ const url = new URL(scannedUrl);
263
+ const startapp = url.searchParams.get('startapp') || '';
264
+ const sessionToken = startapp.replace('sessionToken_', '');
265
+
266
+ // → Same flow: verify → confirm popup → approve/reject
267
+ ```
268
+
269
+ ### Step 6: Manage connected DApps
270
+
271
+ Let users view and disconnect DApps from your TMA.
272
+
273
+ ```typescript
274
+ // List connected DApps
275
+ const dapps = await fetch('https://your-api.com/connect/dapps', {
276
+ headers: { 'Authorization': `Bearer ${token}` },
277
+ }).then(r => r.json());
278
+
279
+ // Disconnect a specific DApp
280
+ await fetch('https://your-api.com/connect/disconnect', {
281
+ method: 'POST',
282
+ headers: {
283
+ 'Content-Type': 'application/json',
284
+ 'Authorization': `Bearer ${token}`,
285
+ },
286
+ body: JSON.stringify({
287
+ appId: 'the_app_id',
288
+ walletId: 'onedollar',
289
+ }),
290
+ });
291
+ ```
292
+
293
+ ### Backend API endpoints
294
+
295
+ Your backend needs these endpoints:
296
+
297
+ | Method | Path | Auth | Description |
298
+ |--------|------|------|-------------|
299
+ | `GET` | `/connect/wallets` | No | List supported wallets (SDK fetches this) |
300
+ | `POST` | `/connect/init` | No | Create connect session (SDK calls this) |
301
+ | `GET` | `/connect/status?token=` | No | Poll session status (SDK fallback) |
302
+ | `POST` | `/connect/verify` | initData | Verify session + Telegram user (TMA calls) |
303
+ | `POST` | `/connect/confirm` | JWT | Approve/reject session (TMA calls) |
304
+ | `POST` | `/connect/disconnect` | JWT | Disconnect a DApp (TMA calls) |
305
+ | `POST` | `/connect/disconnect-by-token` | No | Disconnect by session token (SDK calls) |
306
+ | `GET` | `/connect/dapps` | JWT | List connected DApps (TMA calls) |
307
+
308
+ ### Register your wallet in the registry
309
+
310
+ To make your wallet available to all DApps using the SDK, add it to `registry.json`:
311
+
312
+ ```json
313
+ {
314
+ "walletId": "yourwallet",
315
+ "name": "Your Wallet",
316
+ "icon": "https://your-cdn.com/icon.png",
317
+ "botUsername": "YourBot",
318
+ "appName": "app",
319
+ "apiUrl": "https://your-api.com",
320
+ "description": "Your wallet description",
321
+ "order": 0
322
+ }
323
+ ```
324
+
141
325
  ## License
142
326
 
143
327
  MIT
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "toncorp-wallet-connect-sdk",
3
- "version": "0.1.2",
3
+ "version": "0.1.4",
4
4
  "description": "Wallet Connect SDK — connect TonPass, OneDollar and more wallets from any DApp",
5
5
  "author": "PlaygroundVina",
6
6
  "license": "MIT",
package/registry.json CHANGED
@@ -3,7 +3,7 @@
3
3
  "walletId": "onedollar",
4
4
  "name": "OneDollar Wallet",
5
5
  "icon": "https://img.icons8.com/color/96/us-dollar-circled.png",
6
- "botUsername": "OneDollarBot",
6
+ "botUsername": "onedollar_wallet_bot",
7
7
  "appName": "app",
8
8
  "apiUrl": "https://1dollar-api-dev.motcaigido.xyz",
9
9
  "description": "OneDollar wallet on Telegram",