Bitcoin Dapp Integration

This API is designed for DApps opened within the Tokeo wallet browser. When users navigate to your site from the in-app browser, window.tokeo.bitcoin is automatically injected to allow seamless interaction. ^{_{If you’re building a mobile DApp or want to integrate outside of the Tokeo browser, our wallet also supports deep linking. You can find details here.}}

---

🧩 Overview

DApps can use window.tokeo.bitcoin to:

• Request access to user accounts

• Sign messages

• Sign transactions

All responses are returned directly, and methods are either synchronous or return Promises depending on the implementation.

---

📚 API Methods

window.tokeo.bitcoin.requestAccounts(): Promise<object[]>

Returns a list of addresses the DApp is authorized to use.

Example Response:

[{
      "address": "bc1pabc123...",
      "type": "p2tr",
      "network": "mainnet",
      "publicKey": "abcdef1234567890..." // 64-character hex (x-only Taproot pubkey)
    }]

---

window.tokeo.bitcoin.getAccounts(): object[]

Returns the same list as requestAccounts() but without the user prompt (if already enabled).

---

window.tokeo.bitcoin.signMessage(message: string, type: 'ecdsa' | 'bip322'): Promise<string>

Signs an arbitrary message using the selected Bitcoin key.

Parameters:

• message: string — the message to sign

• type: 'ecdsa' or 'bip322' (default is 'ecdsa')

Returns: signature string

---

window.tokeo.bitcoin.signPsbt(psbt: string, options?: object): Promise<string>

Signs a PSBT transaction.

Parameters:

• psbt: base64-encoded PSBT string

• options: object (optional)

  • autoFinalize: boolean — whether to finalize the PSBT after signing (default: true)

  • inputs: array of objects (optional per-input overrides)

    -index: number — index of the input

    - address: string — input’s associated address

    - publicKey: string — input’s public key

    - sighashTypes: number[] — array of sighash types (e.g. [1] for SIGHASH_ALL)

    - disableTweakSigner: boolean — disables Taproot tweak signing

    - useTweakedSigner: boolean — forces tweaked signer usage

Returns: base64-encoded signed PSBT

---

🔐 Permissions Model

Wallet prompts users once per session for requestAccounts(). After that, other read methods (like getAccounts) don’t prompt again unless session is reset.

---

🧪 Example Usage

const accounts = await window.tokeo.bitcoin.requestAccounts();
const signature = await window.tokeo.bitcoin.signMessage("hello", "ecdsa");

---

❗ Error Handling

Errors are thrown as JavaScript exceptions.

You can catch them with:

try {
  await window.tokeo.bitcoin.requestAccounts();
} catch (e) {
  console.error("User rejected connection", e);
}

---

🧠 Notes

• No base64-encoded data parameter is required.

• If you’re building a mobile DApp or want to integrate outside of the browser context, our wallet also supports deep linking. You can find details here.