DApp(PC Web)-Anchor协议
扫码登录
dapp
生成一个
uuid作为房间号(WSS地址例如:wss://fwd.aplink.app/f7693a09-e038-4c9e-8583-f70638cd67cc),放在二维码信息里,然后aplink可以通过二维码获取到。aplink登录签名信息会通过此房间号把签名信息返回给dapp,完成登录。
二维码信息如下:
{
"chain_id": [
"chain_id",
"208DACAB3CD2E181C86841613CF05D9C60786C677E4CE86B266D0A58884968F7"
],
"req": [
"identity",
{
"scope": "anchor.link.d",
"permission": null
}
],
"flags": 2,
// 登录成功信息会通过 wss://fwd.aplink.app/aa2f1738-bc3e-4b61-9e14-1e31f84b6f44(注意是wss协议)返回
"callback": " https://fwd.aplink.app/aa2f1738-bc3e-4b61-9e14-1e31f84b6f44",
"info": [
{
"key": "link",
"value": "09E074115CDAD0340002A0EF7AE67D27AEBC094EF5FACC04B0FAF52BE88EE3B5B846E4D2483B0F7536D500"
},
{
"key": "scope",
"value": "616E63686F722D6C696E6B2D64656D6F"
},
{
"key": "dapp",
"value": "5B224E46544F6E65222C22687474703A2F2F3139322E3136382E35302E38353A383038302F66617669636F6E2E706E673F3334363334336338366361643631353565323462222C22687474703A2F2F3139322E3136382E35302E38353A383038302F64657461696C2F75736572312F313030303030322F3230303730225D"
}
]
}aplink
通过扫码获上到上面信息,然后生成
登录交易信息去签名。放在sig里aplink 会随机生成钱包地址,作为sessionID,以便查找。放在
link_key里aplink 也会随机生成一个
uuid,后面通信通道。这个通信方式不是wss协议,而是https协议。放在link_ch里返回给dapp的数据如下:
{ "sig": "SIG_K1_KgEvtaCSUc5PL2VEzjTcnPPj1Qmph9kkjDZkezC5fEPysyvnJpJhfJa34i5ebUMBqL3Cu7m2qRo2gqQmQggRLaiP22X1xy", "tx": "", "rbn": "0", "rid": "0", "ex": "2022-10-27T10:03:23.000", "req": "esr://g2NU6F2z2ubSw8YTGY6JNh9i5yRU5KTX-bzIVsvliujwzPjOzPmgRDDm1gUTRodMRWcWi7OxDECw4q2REYN1RklJQbGVvn5aeYpeYkFOZl42kCrQT7VITjEyt0zWNTcySNI1SU410E1KMTHQTTMyT0kxSbJMTjQ0YWYBKdeGGc7AJHk3P7uw_NbbiwsmWf5Q52w5v3Q72-9QVhZBVe8oxlA3VwbW4uT8glSBxLzkjPwiXZBu3ZTU3HyWFKCVddFKfm4h_nmpSjpKIEcB3WRoaaRnaGahZ2qgZ2FqZWFgYaCflliWmZyfp1eQl25vbGJmbGKcbGGWnJhiZmhqmmpkkoRXc0pqSWJmjn5pcWqRob6hAQgY6RsZGJgbKMUCAA", "sa": "frank12345oo", "sp": "active", "cid": "208DACAB3CD2E181C86841613CF05D9C60786C677E4CE86B266D0A58884968F7", "link_ch": "https://fwd.aplink.app/b515693d-0305-41f4-95b4-0720214e54ec", // 随机生成钱包地址,作为sessionID "link_key": "AM7Pz82eg6GTw1byZ8nKXta8nQzUoqwbkudmB6L9H7kteLv5NoG9", "link_name": "app", "link_meta": { "launch_url": "" } }sig的签名内容如下:(仿制的交易,并不会广播。只做签名)aplink会生成下面信息去签名。dapp会也生成下面信息去验证签名。
{ "expiration": null, "ref_block_num": null, "ref_block_prefix": null, "max_net_usage_words": 0, "max_cpu_usage_ms": 0, "delay_sec": 0, "context_free_actions": [], "actions": [ { "account": "", "name": "identity", "authorization": [ { "actor": "merchantx", "permission": "active" } ], "data": [ 9, 224, 116, 17, 92, 218, 208, 52, 1, 0, 0, 232, 121, 154, 134, 174, 146, 0, 0, 0, 0, 168, 237, 50, 50 ] } ], "transaction_extensions": [], "signatures": [], "context_free_data": [] }
发起交易
dapp
再次随机生成一个
uuid,用来接收交易返回信息,也可能是错误处理信息。发起
https请求,把esr信息(包含uuid)发给aplink。https请求的地址就是上面的link_ch,这是个固定通道。aplink也会用这个通道接收信息。esr信息如下:
// https://fwd.aplink.app/b515693d-0305-41f4-95b4-0720214e54ec
{
"chain_id": [
"chain_id",
"208DACAB3CD2E181C86841613CF05D9C60786C677E4CE86B266D0A58884968F7"
],
"req": [
"action",
{
"account": "amax.mtoken",
"name": "transfer",
"authorization": [
{
"actor": "frank12345oo",
"permission": "active"
}
],
"data": "406921430438CD5D00000000809FAF911027000000000000064D55534454000013313030303030323A32303037303A3130303030"
}
],
"flags": 3,
// 本次交易接收信息的通道
"callback": "https: //fwd.aplink.app/82739b76-3a5e-43a8-a6ba-a24dfd7b8905",
"info": [
{
"key": "no_modify",
"value": "01"
},
{
"key": "link",
"value": "09E074115CDAD0340002E5F594BD12F69B2D014D5A4A53B14D35922F46C195A328FC544F59FCE983B9939D01416E63686F724C696E6B2F332E352E362042726F777365725472616E73706F72742F332E352E31204D6F7A696C6C612F352E3020284D6163696E746F73683B20496E74656C204D6163204F5320582031305F31355F3729204170706C655765624B69742F3533372E333620284B48544D4C2C206C696B65204765636B6F29204368726F6D652F3130362E302E302E30205361666172692F3533372E3336"
}
]
}aplink
接收上面
esr信息,解析生成交易,并签名。然后通过https请求带过来的callback通道把签名与其它信息发送给dapp。发送的信息如下
{
"sig": "SIG_K1_K8ez6n96dxnUMcrhXviSgsMP38wAEVrQvAcQskHyUo4AxRgjq2WuyqRMLwRpYrPTUsBEi3tPYobAPRgSUqLvyu1dCGQHis",
"tx": "81418a0684f8f7719c7f226c173ef542fb01ca31989587465e0171be91114f6b",
"rbn": "6141",
"rid": "2254776506",
"ex": "2022-10-28T03:16:55.000",
"req": "esr://gmNU6F2z2ubSw8YTGY6JNh9i5yRU5KTX-bzIVsvliujwzPjOtNwzOvmv-C6N1DYGIGBkWNZk4n2h1wTIDte1OXuW0SFT0ZnF4mwsSHbFWyMjE2SBhvnrJwqoM4ABm29osEsIA4OwoQEIGFkZGRiYG1iBeQzM1hklJQXFVvr6aeUpeokFOZl52UCqQN_M3MjUzNTQWDctLSVZ18Tc2EDXwjAlSTfJwDgpxdIw2Twx0YCJMy8_Pjc_JTOtkpGRBaSVJRfoagA",
"sa": "frank12345oo",
"sp": "active",
"cid": "208DACAB3CD2E181C86841613CF05D9C60786C677E4CE86B266D0A58884968F7",
"link_ch": "https://fwd.aplink.app/b515693d-0305-41f4-95b4-0720214e54ec",
"link_key": "AM7Pz82eg6GTw1byZ8nKXta8nQzUoqwbkudmB6L9H7kteLv5NoG9",
"link_name": "app",
"link_meta": {
"launch_url": ""
}
}link_ch与link_key只要session没有重链,是不会变的。
侦听退出登录
这是后面开发的一个功能,如果实现?
用sessionId即上面的link_key创建一个通道。然后aplink与dapp都侦听这个通道,如果aplink主动退出,则发出APPREMOVESESSION信息。如果dapp主动退出,则发出REMOVESESSION信息。两边相互接收对方信息,接收到就会触发退出登录操作。
对于dapp只需增加对aplink的侦听:
注意:事件是在session对象上,非link对象
export async function onAppRemoveSession() {
if (!window.__LINK__) {
return;
}
const session: LinkSession = await window.__LINK__.restoreSession(scope);
if (session) {
(session as LinkChannelSession).onAppRemoveSession(() => {
eventBus.trigger('logout');
});
}
}总结
每次交易都会用不同的
uuid通信,这也是为了安全考虑,防止信息被侦听窃取。这是记住session方式,还有一种方式是每次都要扫码,但没开启。
dapp发起请求是通过
https发送到https://fwd.aplink.app服务器,然后由服务器再通过wss发送信息到aplink。aplink通过侦听wss获取信息并处理。通信息服务器
https://fwd.aplink.app由dapp确定。但必需要有相应功能。
最后更新于