When you connect your wallet, buy, sell, swap etc your prompted to accept the smart contract for connection and for gas fees etc.
Is it possible to accept these prompts without user input, in other words without a user clicking on the accept button and the same for gas fees.
Can you automate this process via API?
So say I first wanted to connect my wallet to some website, I'd click connect wallet, then I'd be promoted to accept this by clicking accept.
Then say I wanted to buy some BTC on a Dex like pancakeswap, I'd be promoted to accept the gas fees.
I want to know if I can auto accept these though API or whatever other method?
From a perspective of the app developer: If you have a private key corresponding to the address, you don't need to invoke the wallet popup. Instead, you can just sign the transaction automatically with the private key.
Example using web3js:
web3.eth.accounts.wallet.add(senderPrivateKey);
web3.eth.sendTransaction({
from: senderAddress,
// ...
});
From a perspective of the app user: You're limited by what the app offers. If they only allow signing the transaction through MetaMask (and no other way), you can only sign the transaction this way.
You could theoretically create macro that automates clicking on the MetaMask wallet UI, enters your password to the wallet, clicks the send button, ... But anytime the wallet software changes their UI or behavior, you'd need to update the macro.
Related
I need to verify on my own domain/server the user which has connected his MetaMask wallet is the owner of a specific NFT in order to allow him special functions? Basically, I want to give the user access to an area that only the owner of this NFS would have.
My original NFT is sold in opensea but I can't use the opensea hidden-area option to just give the user a hidden password since the next owner (after reselling) and the old owner would have the same password and old owners could still access like this. But I need that only the current owner has access.
My user/visiter can already connect with MetaMask at my own domain and I get the public ETH address of the active account but since this is only javascript and my backend is PHP I can't just post the MetaMask info to my PHP backend since this would be easy to trick/hack.
How can I make sure the current connected MetaMask Account is the same as the NFT owner (which I know) and allow to access a URL only for this user?
My current state is that the user connects his MetaMask and I use opensea API to check who is currently the owner of the NFT. I can compare both eth addresses but the flaw in this is obviously that I use ajax to send the MetaMask public address to my backend which is only for testing since this is of course zero save!
Thank you in advance for any idea, help, tip I can get.
PS: My backend is PHP
After hours and days of researching, I found a solution that works for me.
Here are the needed steps.
Use the MetaMask API to let the user connect with your site. This is pretty easy and good explained in the MetaMask API.
Once you want to verify the MetaMask owner is the legit owner of an NFT you need first query OpenSea (or another place) the current owner of the NFT. In my case, I use the OpenSea API for my specific NFTs. Once you got the owner you are ready to verify.
On your site you need to ask the user to sign a custom message with MetaMask. There are different options to do that. More about this here: MetaMask Signing. I send for example a short text message with a unique code that I first created in my PHP Backend. Doing that I also save the code and custom message into my MySQL.
Once the user has signed you get the signing code which you can send back to your PHP backend via ajax etc. without a problem. Only the owner of the Account which you requested in the signing code is able to sign with the correct account.
Once you got the signing code in your PHP Backend you can use Fast Elliptic Curve Cryptography in PHP and php-ecrecover to check the code against the unique code you created before and the message the user signed. As a response, you get the Signer Account ETH Address and you are ready to compare. If the Signers ETH Address is the same as the NFT owner you are ready to go and you can consider the signer the owner of the NFT.
I believe this is safe to use but I am not an expert on that. In my case, this only authorize an NFT owner for a certain closed area in my community page and there are not really high risks involved but maybe somebody raises some security thoughts on that. However, I found that other NFT pages and even Opensea work similarly.
I hope this points someone in the right direction, I lost quite some time figuring this out because most solutions are Node.js etc. but not with PHP backends.
According to plaid docs, plaid does not support auth for 10% of bank institutions.
Is there a way to test this on sandbox environment?
Yes, there is! There is a document with all the details on the Plaid site Testing all Auth flows.
The full support version of Auth, that works with 90% of banks, is called Instant Auth. The other flows are called Instant Match, Automatic Micro-deposit Verification, and Same-Day Micro-deposit Verification.
To test Instant Match and Automatic Micro-deposit Verification, you use the test institution Houndstooth Bank and then pick specific test accounts as described in the article. I recommend just reading the article because it has all the details, but here's the summary version:
For Instant Match:
Search for “Houndstooth Bank” in Link.
Enter user_good and pass_good in the Credential pane.
Select the second account that is returned: Plaid Savings (****1111).
In the Routing number input, enter: 021000021 or 011401533
In the Account number input, enter: 1111222233331111
For Automatic micro-deposits:
Search for “Houndstooth Bank” in Link.
Enter user_good and microdeposits_good in the Credential pane.
Select the first account that is returned: Plaid Checking (****0000)
In the Routing number input, enter: 021000021 or 011401533
In the Account number input, enter: 1111222233330000
Enter your legal first and last name.
Select personal as the account type.
Link will display the Automated Micro-deposit success view – click continue to trigger the onSuccess callback with a public_token.
The micro-deposit verification will automatically succeed after twenty-four hours. To test a failed micro-deposit, or to skip the twenty-four hour waiting period, use the /sandbox/item/set_verification_status endpoint to manually control the Item's micro-deposit verification status.
For Same-day Micro-deposit Verification (this is the flow for banks that really can't connect to Plaid):
Search for an institution, and scroll to the bottom of the search results, click on connect your bank manually.
Select “checking” or “savings” as the account type.
In the Routing number input, enter: 110000000
In the Account number input, enter: 1111222233330000
Link will display the success view – click continue to trigger the onSuccess callback with a public_token.
To verify the deposit, call /item/public_token/exchange with your public_token from the previous step to receive an access_token.
Call /link/token/create and provide the access_token from the previous step to receive a link_token.
Open Link with your link_token.
In the first deposit input, enter $0.01
In the second deposit input, enter $0.02
I am designing a website that accepts payment through simple PayPal or Stripe buttons, but also has a section that pays out users through PayPal. What is the best way to do this?
Current setup: The user builds up coins through an action (NDA won't allow me to discuss in detail) and when their coins reach a certain amount, they can cash out in real $. I have designed this flow: Pay Me Now Button -> Screen with PayPal email address input. Repeat email for typos, then Confirm Button -> Success screen
However, the client would prefer a direct link out to PayPal instead of manual input of email addresses. The reasoning is that they would prefer it being arranged through PP's service to reduce manual errors and typing out. As far as I am aware the only way to get paid is through writing down an email address/phone number. I have researched PayPal.me buttons but it still isn't making sense. Maybe there's another service altogether that I can suggest to the client for paying out users in a no-friction way?
I'm looking at how user testing sites pay people, but not getting very far.
If the money is in your client's PayPal account and they wish to send it to a user's email address (that may or may not have a PayPal account already), this can be automated with PayPal Payouts.
If the user does not have a PayPal account already they will receive an email notification and have 30 days to create an account or add the email to an existing account. If they don't, the payment will be refunded automatically.
We use PayPal to accept donations on our website. The problem we're facing is usually this happens that a user clicks on the pay button on our website but then for some reason drops from PayPal.
Is there a way through the PayPal API we could check that the user for some reason left off the transaction or maybe his transaction was denied.
No there is not; keep track of that drop off yourself if they don't come back or you don't get a resulting transaction.
If you are not using an API to accept the donations, then to be notified of resulting transactions you can use Webhooks. A parameter you can use for reconciliation is custom, which can be set at the moment the user clicks 'Pay' and you redirect them to PayPal.
(But if you are using an API, then the API is your notification already)
Anyone know how to create a transaction in the paypal sandbox?
It keeps saying go to my transactions software... all over it says my transaction software. Thing is.. I don't have transaction software. I'm just trying to get the details of a transaction. :)
I have an app that integrates with several back ends (ebay, westfield, google, amazon... ) if someone buys something from there, using paypal, I get a transaction ID. I want to be able to retrieve the details of the paypal transaction because (god love em) they allow the user to change the ship to address or add special instructions, but they don't pass that info back to the "merchant".
I was thinking I'd create a test user in the sandbox and then see if I can get the details of a transaction, sadly I don't see a way to create a transaction.
Anyone find their docs equally mystifying? I am in Nod.
You will have to create another test account ie one account will act as seller and other will act as buyer.
From sellers Paypal account, you will have to create button.
Steps to create PayPal button:
Login to your seller's test account in sandbox.
Click on 'Merchant Services' tab.
There you will find Create PayPal payment button
Fill out the form as per your requirement.
This will generate a HTML script.
Create a HTML file and copy paste this HTML script.
Open the HTML file, You will get a Paypal Button.
Click it and accept transaction by buyers PayPal account.