Developer Questions

Hi. I'm trying to implement OAuth2 flow in my project and verify jwt on my API. In documentation said that JWT is signed using HS256 <https://docs.xumm.dev/environments/xapps-dapps/your-own-backend-auth> but when I debug jwt using jwt.io it says that algorithm is RS256 { "alg": "RS256", "typ": "JWT" } Is it intentionally or it is a bug? How can I verify this JWT on my backend? Because documentation says that I can verify it using XUMM Api Secret but RS256 is actually asymmetric algorithm. Thanks

Our platform is an e commerce platform, think ebay / facebook business's type of app. We currently integrating xumm/xrpl as a payments solution and are interested about finding out more about pathing and using gatehub as an off ramp. With respect to pathing the store owner can decided what he wants payment in and the user can pay in what they choose and it gets converted - is this possible via the xmm sdk In terms of off ramp, what is the best possible solution ? If memory serves me correct im sure i viewed a tweet where by you guys mentioned you can use gatehub - i have searched my bookmarks but cannot find the reference.

I am using the server side SDK and i am successfully creating a sign in request and logging in via the always link returned ie <https://xumm.app/sign/22fbdc2a-2e36-43ab-b609-2f65edaed49c> My sign in function looks like the following ... export const xummSignIn = async () => { const payload = { TransactionType: 'SignIn', options: { user_token: true, }, } as any try { const subscription = await xummClient.payload.createAndSubscribe( payload, (event) => { console.log('New payload event:', event) if (Object.keys(event.data).indexOf('signed') > -1) { return event.data } } ) ``` console.log('SUBSCRIPTION ', subscription.created) return { qr_png: subscription.created.refs.qr_png, uuid: subscription.created.uuid, always: subscription.created.next.always, } ``` } catch (error) { console.error('Error fetching XUMM payment URL:', error) throw new Error('Failed to fetch XUMM payment URL') } } The response object comes back in the subscribe function but the issued_user_token is always null ie issued_user_token: null Any ideas ?

I was minting NFTs from my Shopify app and signing with Xumm without problems until yesterday. Could you please help me? Here the info of the transaction: - Signed tx hash: 9261114965EE879FA842814EC1FC880FE33E6CA9F5C7F29621243A4A4E72C906 - Payload: { TransactionType: "NFTokenMint", NFTokenTaxon: 1, Account: "rDnHqD11jB9HdFx3YmHTbQc8GScDd8BQfM", URI: "697066733A2F2F516D53696A6139567774687459417070627762346E3769476F3647774C534B79735742647A655673344A4A6A6F33", Flags: 1, TransferFee: 10 }

here is an example of how im using xrpl to batchminting nfts, 100+ nfts at once. how can i do the same with xumm without having the user to sign the tx 100 times. <https://xrpl.org/batch-minting.html> ```javascript const mintBatch = async (account,tickets) => { try { const mintedTxs = []; for (let i = 0; i < tickets.length; i++) { const transactionBlob = { TransactionType: "NFTokenMint", Account: account.classicAddress, URI: xrpl.convertStringToHex("some url" + i), Flags: parseInt("9"), TransferFee: 100, Sequence: 0, TicketSequence: tickets[i], LastLedgerSequence: null, NFTokenTaxon: 0, }; mintedTxs.push(client.submit(transactionBlob, { wallet: account })); } Promise.all(mintedTxs) .then(async (txs) => { console.log(txs); return "done!"; }) .catch((err) => { console.log(err); }); ```

Hey Xumm team, What's the process for submitting our app? Are there beta-testing steps we can take, for example deploying the app publicly, but have it only show up when people scan our QR code? What we'd ideally like to do is test in private beta on the testate for a while, where we invite people to test, and anyone with the QR code or link can join, but it's not publicly listed. Then when we're ready to list it publicly, we'll switch to main net and publicly list it in Xumm. So far we've been internal testing with device IDs, but we're thinking of testing with a few hundred people, and obviously that's not well suited for that. Thanks! Julian

Can the escrow(escrow creator) be customize to connect to a database with multiple wallet address and distribute a certain amount of xrp from another field in that same database?

We are retrieving transaction details using transaction id using JSON-RPC method but we need to know the type of response for API call. For example, if we try to retrieve Account NFTs we'll get response of type AccountNFTsResponse, likewise need response type for API call get transaction details using transaction id. Sample code to retrieve transaction details, const txInfo = await fetch({ method: 'tx', params: [ { transaction: txid, binary: false } ] }); What is the type of txInfo object?

Hi, for what I need (a simple payment page, in the browser, no backend needed, no nodejs, pure vanilla js) I found a working demo: https://oauth2-pkce-demo.xumm.dev/jsmodule-payload and working example here: https://github.com/XRPL-Labs/XummPkce/blob/main/sample/jsmodule-payload.html However, I'm trying to batch a few transactions in the same payload, is that possible? How? I've got a few code suggestions by chatgpt: const transaction1 = { TransactionType: 'Payment', Destination: 'rwietsevLFg8XSmG3bEZzFein1g8RBqWDZ', Amount: '100111' } const transaction2 = { TransactionType: 'Payment', Destination: 'rwietsevLFg8XSmG3bEZzFein1g8RBqWDZ', Amount: '700777' } const payloadData = { Transactions: [transaction1, transaction2], Fee: '12' } const encodedPayloadData = sdk.encode(payloadData) console.log('encoded', encodedPayloadData) const payload = await sdk.payload.create(encodedPayloadData) but it's not working: sdk.encode is not a function ps I used the same address, but of course I intend using 2 different addresses for the 2 transactions. Ideas? Thank you

Hi, My client side code listens to events/transaction status updates using the WebSocket approach. I noticed that when the user chooses the "Close" button instead of Accept/Decline in the transaction sign request, it doesn't emit/send any event to the websocket connection. Is there a way to know when the user closes or ignores the sign request? Or will a feature for this be added in future versions? Thanks