# Bitcoin Dapp Integration

This API is designed for DApps opened within the Tokeo wallet browser. When users navigate to your site from the in-app browser, `window.tokeo.bitcoin` is automatically injected to allow seamless interaction.\ <sup><sub>*If you’re building a mobile DApp or want to integrate outside of the Tokeo browser, our wallet also supports deep linking. You can find details*<sub></sup> [<sup><sub>*here*<sub></sup>](https://tokeo.gitbook.io/tokeo/tokeo/technical-information/dapp-integration/bitcoin-dapp-integration/deep-link-specification)<sup><sub>*.*<sub></sup>

***

### 🧩 Overview

DApps can use `window.tokeo.bitcoin` to:

* Request access to user accounts
* Sign messages
* Sign transactions

All responses are returned directly, and methods are either synchronous or return Promises depending on the implementation.

***

### 📚 API Methods

#### `window.tokeo.bitcoin.requestAccounts(): Promise<object[]>`

Returns a list of addresses the DApp is authorized to use.

**Example Response:**

```js
[{
      "address": "bc1pabc123...",
      "type": "p2tr",
      "network": "mainnet",
      "publicKey": "abcdef1234567890..." // 64-character hex (x-only Taproot pubkey)
    }]
```

***

#### `window.tokeo.bitcoin.getAccounts(): object[]`

Returns the same list as `requestAccounts()` but without the user prompt (if already enabled).

***

#### `window.tokeo.bitcoin.signMessage(message: string, type: 'ecdsa' | 'bip322'): Promise<string>`

Signs an arbitrary message using the selected Bitcoin key.

**Parameters:**

* `message`: string — the message to sign
* `type`: `'ecdsa'` or `'bip322'` (default is `'ecdsa'`)

**Returns:** signature string

***

#### `window.tokeo.bitcoin.signPsbt(psbt: string, options?: object): Promise<string>`

Signs a PSBT transaction.

**Parameters:**

* `psbt`: base64-encoded PSBT string
* `options`: object (optional)
  * `autoFinalize`: boolean — whether to finalize the PSBT after signing (default: true)
  * `inputs`: array of objects (optional per-input overrides)

    -`index`: number — index of the input

    \- `address`: string — input’s associated address

    \- `publicKey`: string — input’s public key

    \- `sighashTypes`: number\[] — array of sighash types (e.g. \[1] for SIGHASH\_ALL)

    \- `disableTweakSigner`: boolean — disables Taproot tweak signing

    \- `useTweakedSigner`: boolean — forces tweaked signer usage

**Returns:** base64-encoded signed PSBT

***

### 🔐 Permissions Model

Wallet prompts users once per session for `requestAccounts()`.\
After that, other read methods (like `getAccounts`) don’t prompt again unless session is reset.

***

### 🧪 Example Usage

```js
const accounts = await window.tokeo.bitcoin.requestAccounts();
const signature = await window.tokeo.bitcoin.signMessage("hello", "ecdsa");
```

***

### ❗ Error Handling

Errors are thrown as JavaScript exceptions.

You can catch them with:

```js
try {
  await window.tokeo.bitcoin.requestAccounts();
} catch (e) {
  console.error("User rejected connection", e);
}
```

***

### 🧠 Notes

* No base64-encoded `data` parameter is required.
* If you’re building a mobile DApp or want to integrate outside of the browser context, our wallet also supports deep linking. You can find details [here](https://tokeo.gitbook.io/tokeo/tokeo/technical-information/dapp-integration/bitcoin-dapp-integration/deep-link-specification).