Flyover SDK - Trusted Accounts
If you wish to suggest changes on this document, please open a PR on the Liquidity Provider Server Repository
π§ Summaryβ
The Liquidity Provider Trusted Accounts feature extends the existing Liquidity Provider Server (LPS) and FlyoverSDK to allow Liquidity Providers (LPs) to configure a set of trusted Rootstock accounts that can bypass certain validation checks β such as the reCAPTCHA verification β during PegIn or PegOut operations.
This functionality is part of the Flyover Protocol, aimed at enabling automated integrations for partners and liquidity providers who operate frequently.
π Architecture and Designβ
Componentsβ
This feature adds functionality to two existing components:
- Liquidity Provider Server (LPS) β Enables LPs to configure and manage trusted accounts with BTC/RBTC locking caps.
- FlyoverSDK β Provides new methods that allow integrators to sign and submit quotes authenticated by trusted accounts.
Design Notesβ
- Backward compatible with existing FlyoverSDK versions
>= v1.7.0and LPS versions>= v2.3.0. - The account paying for the operation doesnβt need to be the same as the whitelisted account, but a valid signature of the quote hash from the trusted account must be provided.
βοΈ Setup and Configurationβ
Environment Requirementsβ
- FlyoverSDK:
>= v1.70 - LPS:
>= v2.3.0
Configurationβ
- The LP must configure authorized trusted accounts in their LPS instance.
- No additional
.envvariables or feature flags are required.
π API / Interface Detailsβ
FlyoverSDK Methodsβ
async acceptAuthenticatedQuote(quote: Quote, signature: string): Promise<AcceptedQuote>: Accepts a PegIn quote authenticated by a trusted accountβs signature.async acceptAuthenticatedPegoutQuote(quote: PegoutQuote, signature: string): Promise<AcceptedPegoutQuote>: Accepts a PegOut quote authenticated by a trusted accountβs signature.async signQuote(quote: Quote | PegoutQuote): Promise<string>: Generates a valid signature for a given quote using the whitelisted Rootstock account.
Input / Outputβ
Same input and output as acceptQuote and acceptPegoutQuote.
The difference is that these methods require a signature parameter, obtained via:
- The
signQuote()SDK method, or - A manually created signature by the SDK integrator.
Possible errorsβ
Both error types are raised as FlyoverError instances:
| Error Scenario | Description |
|---|---|
| Invalid Signature | The provided signature does not match a whitelisted account. |
| Locking Cap Exceeded | The account exceeded its assigned BTC/RBTC locking cap. |
π§ Integration Guideβ
To integrate this feature:
- Ensure you are using FlyoverSDK >= v1.70.
- Obtain a whitelisted Rootstock account from your Liquidity Provider.
- Use the SDKβs
signQuotemethod to sign your quote hash. - Use the authenticated accept method (
acceptAuthenticatedQuoteoracceptAuthenticatedPegoutQuote) with the quote and signature. - The LPβs LPS instance will validate the signature against its trusted accounts configuration.
π Only accounts whitelisted by an LP will be accepted. Each account has a configured BTC/RBTC locking cap that restricts usage volume.
Authenticationβ
Trust is based solely on account whitelisting and signature verification.
Integration Entry Pointsβ
- Primary integration via FlyoverSDK
- No direct API calls required
π§ͺ Testingβ
Local Testing Setupβ
- Deploy a local LPS instance.
- Configure one or more trusted accounts.
- Test using the new SDK methods with valid and invalid signatures to validate expected behavior.
Test Utilitiesβ
Example tests and automation demos can be found in: π Flyover SDK Automation Demo
Notesβ
Follow the documentation in the above repository for commands and setup steps.
π§Ύ Changelogβ
| Component | Version | Release Link |
|---|---|---|
| FlyoverSDK | v1.7.0 | GitHub Release |
| LPS | v2.3.0 | GitHub Release |
π¦ Related Resourcesβ
- Flyover SDK (npm): @rsksmart/flyover-sdk
- GitHub Repo: Flyover SDK