PaperConnect allows any dapp to request wallet addresses for the Embedded Wallets that a user created on other applications.
In the future, dapps will be able to prompt the user to sign messages and send transactions from their wallet.
Example use case
Sue purchased an NFT from Acme Inc. and wants to redeem it for benefits on Web3Store.
Here's a high level overview of how PaperConnect works:
-
Acme Inc. integrates Embedded Wallets and allows users to claim or purchase NFTs to their wallet. Sue signs in with email, Google, SMS, etc. and is provided a wallet she can access across any device.
-
Sue visits Web3Store.
-
Sue selects Log in to Paper.
-
Sue selects which wallet(s) for she'd like to share details (read-only, no write permissions).
-
The PaperConnect login form returns a temporary access token.
-
Web3Store's backend exchanges this temporary access token for a verified payload:
{ "user": { "email": "[email protected]" }, "wallets": [ { "applicationName": "Acme Inc.", "applicationUrl": "https://acme.inc", "applicationImageUrl": "https://acme.inc/assets/logo.png", "walletAddress": "0x2086Fcd5b0B8F4aFAc376873E861DE00c67D7B83", "createdAt": "2023-05-03T17:57:02.947515+00:00" } ] }
Integration
Flow diagram to get verified wallet details
1. Request a PaperConnect login URL
Call the Generate PaperConnect Login URL API to get a one-time URL. Provide a redirectUrl to navigate the user back to your application and retrieve the temporary access code.
const resp = await fetch("https://withpaper.com/api/2022-08-12/embedded-wallet/paper-connect-login-url", {
method: "POST",
headers: {
"Authorization": "Bearer YOUR_PAPER_API_KEY",
"Content-Type": "application/json",
},
body: JSON.stringify({
redirectUrl: "https://example.com/paperconnect-callback",
applicationName: "Example_company",
applicationImageUrl: "https://example_company.com/assets/logo.png",
}),
});
const { paperConnectLoginUrl } = await resp.json();
// Navigate user to this URL.
2. Navigate your user to the PaperConnect login URL
Navigate your user to this URL to load a login page on Paper's domain. The user will:
- Sign in to Paper via email, Google, SMS, etc.
- For email and SMS, they'll need to provide a One-Time Passcode (OTP) sent to them to verify their identity.
- Select the wallets to share details with your application. They will be informed that your application will only receive read-access to their wallet details and not be able to perform any write actions.
- After selecting wallets, they will be navigated to your
redirectUrl. A temporary access token will be provided as a query parameter, e.g.https://example.com/paperconnect-callback?access_token=MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3
3. Exchange the temporary access token for verified wallet details
Send the temporary access token to your backend and call the Get User Details by Access Token API to retrieve the user's shared account details.
{
"user": {
"email": "[email protected]"
},
"wallets": [
{
"applicationName": "Acme Inc.",
"applicationUrl": "https://acme.inc",
"applicationImageUrl": "https://acme.inc/assets/logo.png",
"walletAddress": "0x2086Fcd5b0B8F4aFAc376873E861DE00c67D7B83",
"createdAt": "2023-05-03T17:57:02.947515+00:00"
}
]
}
FAQ
What wallet permissions does an application integrating PaperConnect have?
An application can only request wallet details after a user signs in and selects the Embedded Wallet accounts they'd like to share. Remember: Wallets activity is public so all NFTs, currencies, and transaction history can be queried for the wallet address.
Important: PaperConnect applications can only read data from wallets. Write permissions including the ability to sign messages or send transactions to the blockchain are not granted.