Connecting Your Anchor Service to a Stellar wallet

---

Welcome to our step-by-step guide on connecting your wallet to a Stellar anchor service! In this comprehensive tutorial, we'll navigate through the intricate process of establishing the crucial link between your wallet and a Stellar anchor. By the end of this walkthrough, you'll be equipped with the knowledge to configure endpoints and servers, empowering your wallet to seamlessly execute essential operations. From transforming your wallet into a user entity to performing a range of transactions, this guide will demystify the complexities, ensuring you can navigate the Stellar ecosystem with confidence. Let's dive in and unlock the full potential of your cryptocurrency management journey! Also, for more information about Stellar Blockchain, visit our Stellar Blockchain development services.

• User session authentication
• KYC
• Initiate deposit or withdraws

As an issuer of a coin on the Stellar network, you are responsible for the following points:

• You accept payments from local rails
• Issue tokens for the deposits you accepted the payments for
• Enable users to withdraw those tokens via local rails for money in the bank or in their pocket.

You may also like |  Exploring Stellar Blockchain for Fintech Solutions

Connecting Your Anchor Service to a Stellar Wallet

Now, let's explore some information about making your token widely accessible which is to setting up a few APIs that enable wallets to offer in-app deposits and withdrawals features, such as well as enable set up of those APIs following the best practices so that any wallet can easily find and interact with them.

The Business-to-Customer Suite of APIs

The API setup information is available in the 5 SEPs below. Each of its SEP covers a specific part of the setup process. The details are given below: 

• SEP-1: stellar.toml specification
• SEP-6: Anchor/Client Interoperability
• SEP-9: Standard KYC/AML Fields
• SEP-10: Stellar Web Authentication
• SEP-12: Anchor/Client Customer Info Transfer

The SEPs provide the details of the endpoints you need to set up, how wallets interact with those endpoints' structure, and how you form your responses to those endpoints. 

The implementation decisions, however, are up to how you want to design, develop, and deploy those APIs based on your needs, technology stack, resources, and organizational abilities.

Here are the steps you need to take:

Set up a transfer server (SEP-6)

The Transfer Server is the core of the anchor/wallet interaction part. It hosts above mentioned endpoints of different SEPs that gather and transmit information on deposits, withdrawals, transaction history, transaction status, etc. It also enables the wallet to take the required steps to authenticate a user and collect KYC information. 

During the operation of a deposit or a withdrawal, a wallet may ping the Transfer Server multiple times to collect information from another anchor and provide the required information to another anchor or party. For instance:

• If user authentication is required, the Transfer Server will first route the wallet to the WEB_AUTH_ENDPOINT specified in SEP-10 to every user session and access control
• If KYC is required, the Transfer Server will then route the wallet to the /customer endpoint specified in SEP-12 to collect a user's KYC information.

Once all those requirements are met, the Transfer Server:

• Collects the user's account information, which you'll use to credit the deposit or withdrawal
• Transmits your account information, which is where the user will send their money to make a deposit or redeem their tokens to initiate a withdrawal
• Provides additional instructions or information about required memos, fees, or expected wait times

All those interactions happen in the background via API. From a user's perspective, the interaction is incredibly simple: they choose to make a deposit or withdrawal; they get user-friendly instructions in return.

Also, Check | Exploring Stellar Blockchain in Cross-Border Payments

Set up an endpoint for KYC (SEP-12 / SEP-9)

Before accepting fiat/crypto deposits or withdrawals, you need to obtain KYC information. There are two different ways you can collect KYC information from the user. 

• Interactive Flow
• Non-interactive Flow

Interactive Flow - Involves having a user to fill out his KYC information on a webpage hosted by you or by any third-party provider during the flow of a deposit or withdrawal. When a wallet requests for deposits to the anchor, your Transfer Server responds with a URL that the wallet opens in a popup browser window or an iframe before proceeding with the deposit operation to take place.

Non-interactive -  Non-interactive flow of KYC enables users to enter required KYC information using the interface itself provided by the wallet. When a wallet requests for the deposit,  your Transfer Server responds with a list of required fields specified in SEP-9, along with a request for required image data such as a photo ID.

Non-interactive KYC is easy and more customer-friendly, and more apps can integrate your service if you choose this option. 

But in case of non-interactive flow, rather than forcing a user to enter KYC info for every token they want to interact with, a wallet can collect the user's info once and share it with the issuers as and when needed. In this way, the user does not need to provide the same information and upload the same photo ID again and again. From a user's perspective, it provides a more enhanced, seamless, and intuitive experience.

To handle non-interactive KYC flow, you need to set up a 

• /customer(GET) - Get KYC information
• /customer(POST) - Update KYC information

For managing non-interactive KYC, a set up of endpoints that wallets can use to upload customer info for your perusal. You can host these endpoints on your Transfer Server, or you can even set up a dedicated KYC Server for this purpose. It is up to you. 

Meanwhile, you can inspect the KYC information using your method of choice. Since KYC checks often happen in real time, the non-interactive method allows deposits and withdrawals to achieve an uninterrupted flow.

Also, Check | Understanding Soroban | Stellar Smart Contract Platform

Set up an endpoint for user session authentication (SEP-10)

Before accepting KYC info non-interactively, you need to verify that the user uploading KYC info owns the Stellar account that's signing the deposit or withdrawal transaction. To do that, you need to set up a WEB_AUTH_ENDPOINT, which uses a challenge and response method to generate a JWT token that the wallet then includes in the header or in the query parameter when uploading information to the POST /customer endpoint described above.

The WEB_AUTH_ENDPOINT uses it to verify ownership of a Stellar account's secret key. Essentially:

• The wallet requests an authenticated user session to WEB_AUTH_ENDPOINT. You can host your WEB_AUTH_ENDPOINT on the transfer server itself or you can choose a dedicated server for this.
• The WEB_AUTH_ENDPOINT responds with a Stellar transaction signed by your Stellar account's secret key, but it just has an invalid sequence number
• Even though this transaction can not be submitted to the ledger of the network, the wallet can use Stellar libraries to check whether your signature is valid or not.
• The wallet then signs the transaction on behalf of the user and returns it to the WEB_AUTH_ENDPOINT
• You need to check whether the wallet-provided signature is valid or not. If not, don't process the user's request.
• If it is, the WEB_AUTH_ENDPOINT provides a valid JWT token

You can set the JWT to expiry time whatever you want to. The rule of thumb is 24 hours, but you can set it by yourself as the ultimate design decision depends on you.

Also, Read | Stellar Blockchain Use Cases | A Quick Explainer

Complete your stellar.toml file (SEP-1)

Your stellar.toml file is a very important file of the Stellar infrastructure. It's important to keep your stellar.toml ready before setting up all SEPs. You can follow this guide to complete your stellar.toml and try to complete it as much as possible. By using a set_options operation, you set the home domain of your issuing account of the anchor so that any wallet or bot can look up your stellar account, and find your stellar.toml file, and can learn more about your anchor integration.

Wallets check your stellar.toml, see what tokens you are offering, and use that information to populate their listings on your wallet. They also can check to see what SEPs you support, and where to find the relevant endpoints to query the important endpoints of your anchor's SEPs.

So, after setting up the APIs discussed above, make sure to add the below fields of your stellar.toml file so that wallets or bots know that you're set up for in-app deposits and withdrawals operations:

• TRANSFER_SERVER
• KYC_SERVER
• WEB_AUTH_ENDPOINT

Completing your stellar.toml file is crucial to getting any exposure to your anchor in the Stellar ecosystem. Wallets usually do not display token info with incomplete stellar.toml, and users are reluctant to touch assets that lack information. You should also complete the Issuer Documentation, Point of Contact Documentation, and Currency Documentation sections of stellar.toml.

Also, Check | The Rise of Neobanks on the Blockchain

Putting it all together

Once you implement all the SEPs mentioned above, you are ready to enable the end-to-end user experience outlined.

Here is a quick run-through of a deposit:

From a user's perspective:

• Using a wallet of choice, a user initiates a fiat deposit with your anchor
• The user enters his KYC info
• Users will be prompted to send funds via off-chain to their bank account.
• Once the deposit clears on the anchor's side, users' tokens will appear in their wallet
• Here's what's going on in the background:

Here's what's going on in the background:

• Wallet requests your anchor's WEB_AUTH_ENDPOINT, goes through the challenge/response mentioned above, and receives a valid JWT token to authenticate the user session
• The wallet then uploads the user's KYC info to your /customer endpoint if not updated already
• You will check customer KYC information
• Wallet requests your /deposit endpoint with the customer account's public key
• Once KYC and user authentication requirements are met and verified, your /deposit endpoint responds with your bank account information.
• Users need to send funds via ACH to their bank account
• Once the user's ACH deposit clears, you need to credit the user's Stellar account with tokens

Also, Explore | Ripple and Stellar Blockchain Solutions in Banking

Conclusion

In conclusion, by following the detailed steps outlined in this guide, you can seamlessly connect your Anchor service to a Stellar wallet, unlocking a world of possibilities for cryptocurrency management. From configuring endpoints and servers to facilitating user authentication, KYC procedures, and transaction operations, you can ensure a smooth and efficient experience for both users and issuers alike. By adhering to the Stellar ecosystem's best practices and implementing the relevant SEPs, you pave the way for widespread accessibility of your token and establish trust within the community. With a completed stellar.toml file and a comprehensive understanding of the process, you're poised to navigate the complexities of the Stellar network with confidence and embark on a successful cryptocurrency management journey.

If you are looking to develop a project using Stellar blockchain's potential, connect with our skilled blockchain developers to get started.