waxjs
Javascript API for integration with the WAX Cloud Wallet.
Documentation
Check the WAX developer portal for full instructions
Installation
Browser
Grab the waxjs.js minified bundle in the dist-web folder of this repo, or build it yourself (see below). Check the demo code to see how to use it.
NPM
npm install @waxio/waxjs
YARN
yarn add @waxio/waxjs
Usage
0. Import (for NPM and Yarn installations)
React style apps using npm or yarn can import the library via:
import * as waxjs from "@waxio/waxjs/dist";
1. Instantiate
Instantiate the waxjs object with the WAX RPC server you wish to connect to.
const wax = new waxjs.WaxJS({
rpcEndpoint: 'https://wax.greymass.com'
});
The library can also be instantiated with the user account and the public keys. Due to the library contains the user information, the login step can be avoided.
const wax = new waxjs.WaxJS({
rpcEndpoint: 'https://wax.greymass.com',
userAccount: 'user1',
pubKeys: ['EOS7rC8jFvFrPYDqp3Nh3HdRfL79h11B1JhPEXy85enF5wwYzF3Hk']
});
If you want to handle the auto-login on your side with the isAutoLoginAvailable
function (to avoid waiting for the user to click a button), you can disable the auto-login function in the constructor (so it won't get called twice).
const wax = new waxjs.WaxJS({
rpcEndpoint: 'https://wax.greymass.com',
tryAutoLogin: false
});
2. Login
Log your user in so as to access their wax account name for creating transactions.
const userAccount = await wax.login();
Successful login will return the userAccount. It will also be available as the userAccount
member on the wax
instance. You can now use the eosjs api
member...
2.1 Login combining proof system
We could also combine proof system inside wax.login by passing optional nonce parameter onto the function
const nonce = 'your_nonce_string';
const userAccount = await wax.login(nonce);
later on we could get proof status of user by calling:
const proofVerified = wax.proofVerified;
3. Use the eosjs Objects As Usual
Utilize the eosjs api
and rpc
members available on the wax
instance. They are instances of the regular eosjs objects, Api, and JsonRpc, so you can do anything with them that eosjs already provides. Check the eosjs docs and repo for more info.
The api method will not be initialized until you login your user, and remember that the user's account name is available as the userAccount
member on the wax
instance.
const result = await wax.api.transact({
actions: [{
account: 'eosio.token',
name: 'transfer',
authorization: [{
actor: wax.userAccount,
permission: 'active',
}],
data: {
from: wax.userAccount,
to: 'eosio',
quantity: '0.00000001 WAX',
memo: '',
},
}]
}, {
blocksBehind: 3,
expireSeconds: 1200,
});
Constructor Options
- rpcEndpoint: The WAX public node API endpoint URL you wish to connect to. Required
- tryAutoLogin: Always attempt to autologin when your dapp starts up. Default true
- userAccount: User account to start up with. Optional
- pubKeys: Public keys for the userAccount manually specified above. Optional.
- apiSigner: Custom signing logic. Note that free bandwidth will not be provided to custom signers. Default Optional
- eosApiArgs: Custom eosjs constructor arguments to use when instantiating eosjs. Optional
- freeBandwidth: Request bandwidth management from WAX. Default true
- feeFallback: Add wax fee action if user exhausted their own bandwidth, the free boost. Default true
- verifyTx: Verification function that you can override to confirm that your transactions received from WAX are only modified with bandwidth management actions, and that your transaction is otherwise unaltered. The function signature is
(userAccount: string, originalTx: any, augmentedTx: any) => void
. Where userAccount
is the account being signed for, originalTx
is the tx generated by your dapp, and augmentedTx
is the potentially bandwidth-managed altered tx you will receive from WAX. The default verifier does this for you, and you should check this to be confident that the verifier is sufficiently rigorous. Optional - metricsUrl: used by WAXIO to gather metrics about failed transaction, times it takes to load a transaction. Default Optional
- returnTempAccounts: using this flag will return temporary accounts or accounts that have signed up for a cloud wallet but not paid the introduction fee to get a blockchain account created. When this is set to true, using the doLogin function will return blockchain account name that may not exist in the blockchain but it will also return an extra boolean flag called isTemp. If this flag is true it is a temporary account, it does not exist in the blockchain yet. If this constructor option is false then only accounts which have been activated and have a blockchain account will be returned.
Temporary Accounts
Temporary accounts are users that have signed up for a wallet account, but have not paid the entry fee to get the blockchain account created.
We allow waxjs to return accounts using the returnTempAccounts
contructor argument, by then dapps can create an account on behalf of the user or have a custom signup flow if they want.
For example:
returnTempAccounts
= true, User with temporary account can login and try out the dApp without using any blockchain function
returnTempAccounts
= false, this means the waxjs library will only return accounts for users who have a block chain account. People who have already paid the creation fee
Identify user with temporary account (no blockchain account)
After the wax.login() call you can check if an account is temporary using wax.isTemp(), remember this will only ever can be true if allowTemporaryAccounts is set to true, or else waxjs will never return temporary accounts.
Create blockchain account on behalf of the user
To create blockchain account on behalf of the user, dApp owners can send 5 WAXP
( get the latest value from here ) to newuser.wax
with the MEMO = userAccount
.
There is a refund system in place if you pay more than the account creation fee, the extra amount will be refunded to the newly created account. eg: you send 8 WAXP
to newuser.wax
for a new account named: new.wam
after the new account new.wam
is created it will get 3 WAXP
refunded. There is a maximum amount that will be refunded, it can be found here
If you want to get the latest account creation fee from the blockchain you can get it from waxjs. After the user has logged in you can call waxjs.createInfo
this will return an object like this :
{
"contract": "eosio.token",
"message": "Create the user's blockchain account ds.k.wam by sending 5 WAX to newuser.wax with the memo as the one mentioned below.",
"amount": "5.00000000 WAX",
"memo": "dsDOTkDOTwam"
}
This is only be returned if the account is temporary so check that the account is temporary using waxjs.isTemp
before you call waxjs.createInfo
For example:
User login with temporary account, and their userAccount
= hfhf.wam
Dapps can send 5 WAXP
(current account creation fee) to newuser.wax
, with MEMO
= hfhf.wam
Then the blockchain account of the user would be created, and they can start using all the blockchain features.
Free Bandwidth
So long as waxjs is initialized with freeBandwidth = true
(this is the default), your dapp will take advantage of freebandwidth provided by WAX, up to 5ms of CPU and 5K words per user per 24 hours, and tentatively 50s per contract per 24 hrs.
Dapps that require more bandwidth will be able to register their own bandwidth via the bandwidth registration contract. More info on registering for extra bandwidth management can be found here.
Logout
You can now log a user out of the waxjs library, this is usefull if you want to logout one user and let them login with another account.
To do this just call wax.logout()
that will be enough.
Proof System
Sometimes it is important to verify that the current logged in user is legitimate.
We do this by checking the that the current session belongs to the user account that you have in your dapp.
There are two ways to check this using waxProof(nonce,verify = true)
Function and userAccountProof(nonce,description,verify = true)
Both of these functions will need a nonce, which is a string that you generate on your side and send it to be signed.
An extra parameter called description is needed for userAccountProof
but not used right now.
the verify
boolean will tell the functions if you want waxjs to do the verification.
If verify
is true
then the waxjs library will do the verification and the functions will return a boolean either true of false to indicate if the verfication process succeeded.
If verify
is false
the library will then return the following verification object
{
"type": "VERIFY",
"accountName": "myacc.wam",
"referer": "https://mywebsite.com/",
"signature": "SIG_K1_Jx8kAWjeiyaQPZyDExo5xrMPWLeM93BzJ25w2m2tvMdTnYb8AQ9TPyaPKh9Lqygg4Q6BNfTTsk6chdrnuPyLqG85gjXBpX",
"message": "cloudwallet-verification-https://mywebsite.com/-nonce-myacc.wam"
}
you can then use this structure if you want to do this verification in the backend.
signature
is the signature that was signed using the private key. accountName
is the account name we have on our record. the message
is the message that was actually signed.
The message is different for both the functions. the userAccountVerify
will sign whatever nonce you send so the message will contain only the nonce, where as waxProof
will contain a combined message as shown above.
Usage
wax.waxProof("hello world",true)
wax.userAccountProof("hello world","",true);
Manual verification of signature.
import * as ecc from 'eosjs-ecc';
let verifyObj = await wax.waxProof("hello world",false);
let proofWaxActivePublicKey="EOS5fiahVT7rWcu2V18T93WoCcJ27HF4GR7xr9sX4SQ5rMbGvEH1Y"; //active key for proof.wax
const isValidSignature = ecc.verify(verifyObj.signature, verifyObj.message, proofWaxActivePublicKey);
if (isValidSignature) {
alert('User authenticated');
} else {
alert('User unauthenticated');
}
import * as ecc from 'eosjs-ecc';
let verifyObj = wax.userAccountProof("hello world","",false);
let userWaxActivePublicKey="EOS5aaaaaaaaaaaaa";
const isValidSignature = ecc.verify(verifyObj.signature, verifyObj.message, userWaxActivePublicKey);
if (isValidSignature) {
alert('User authenticated');
} else {
alert('User unauthenticated');
}
Fee fallback
So long as waxjs is initialized with feeFallback = true
(this is the default), Wallet automatically add action to transfer WAXP as fee for that transaction if user has enough balance. Transaction fee is calculated by formula:
waxFee = cpu_usage_us*CPU_FEE_RATIO + net_usage_words*NET_FEE_RATIO + FEE_CONSTANT;
By default CPU_FEE_RATIO=NET_FEE_RATIO=0.001, FEE_CONSTANT=0.01;
Avatar
After logging in, you can get avatar of the current user by method
wax.avatar;
If user sets the avatar using NFT, function will return IPFS hash. You can get full avatar URL from IPFS hash with a IPFS gateway, for example
https://ipfs.io/ipfs/<IPFS_HASH>
Trust Score
Similar to Avatar above, you can get a user's trust score using the function
wax.trustScore;
The Trust score will be from 0 to 1. If there is no score yet, the function will return the empty string ""
.
TRUST scores are powered by Chain Champs and you can learn more about TRUST here.
The Trust score provider can be found in
wax.trustScoreProvider;
Version
Current version of waxjs could be retrieved using
wax.version;
Development
Generate docs
npm run docs
Run the demo
npm run serve
Run tests
Note - run the demo app first (as above), and then run the tests suite:
npm run test
Build lib
npm run build
Build for web
npm run build-web
Contributing
When making a pull request, please make sure to run npm run prettier
to make sure your code is as formatted as possible. Also, make sure npm run lint
runs without errors, since that is the final check before a new version is published to npm.