A Guide to the Injected Provider API for Bitcoin-Compatible DApps

The Injected Provider API, often referred to as Signet, represents a powerful JavaScript interface that enables communication between decentralized applications (DApps) and a user's browser extension wallet. It allows DApp developers to seamlessly request user account information, read on-chain data, and facilitate the signing of messages and transactions directly from the user's wallet environment, creating a smooth and integrated user experience.

This technology is fundamental to the Web3 ecosystem, bridging the gap between user-friendly interfaces and the robust capabilities of blockchain networks. It is specifically designed for Bitcoin-compatible chains, offering a standardized set of methods that developers can rely on.

Note: Support for BTC Signet is available starting from extension version 2.82.32 and above.

Core Functionalities of the Provider API

The API exposes several key methods that handle different aspects of wallet interaction. Understanding these methods is crucial for any developer looking to integrate wallet functionality into their DApp.

Establishing a Connection

The first step in any wallet-DApp interaction is establishing a connection to request the user's account details.

okxwallet.bitcoinSignet.connect()

Description
This method prompts the user to connect their wallet to the DApp. It is a essential permission gate that must be passed before any account-specific information can be accessed or any signing operations can be performed.

Parameters

• None.

Return Value

• Promise<object>: A promise that resolves to an object containing:

  • address: string - The Bitcoin-compatible address of the currently connected account.
  • publicKey: string - The public key associated with the current account.

Example Usage
A typical implementation involves calling this function upon a user action, such as clicking a "Connect Wallet" button, and then handling the returned promise to update the application's state with the user's address.

Signing Messages

Message signing is a critical operation for verifying ownership of an address without conducting a transaction on the blockchain.

okxwallet.bitcoinSignet.signMessage(signStr[, type])

Description
This method requests the user's signature for a specific string of data. The signed message can be verified off-chain to prove that the holder of the private key authorized a particular message.

Parameters

• signStr: string - The raw string data that requires a signature.
• type: string (Optional) - The signing algorithm to use. Accepted values are "ecdsa" or "bip322-simple". If omitted, the default "ecdsa" is used.

Return Value

• Promise<string>: A promise that resolves to the signature result as a hexadecimal string.

For developers building complex DeFi or NFT platforms on Bitcoin-compatible chains, mastering these APIs is the first step. 👉 Explore more strategies for advanced DApp development

Signing a Partially Signed Bitcoin Transaction (PSBT)

The PSBT format is a standard for coordinating the signing of Bitcoin transactions between multiple parties.

okxwallet.bitcoinSignet.signPsbt(psbtHex[, options])

Description
This method is used to sign a PSBT. By default, it will automatically scan all inputs within the PSBT that correspond to the connected wallet's address and sign them. Developers can also specify precise inputs to sign using the options parameter.

Important Note: When generating a PSBT that involves a Taproot address, you must add a public key for every input within the PSBT that uses such an address.

Parameters

• psbtHex: string - The hexadecimal string representation of the PSBT that needs to be signed.

• options: object (Optional) - An object for fine-tuning the signing process:

  • autoFinalized: boolean - A flag indicating whether the PSBT should be finalized automatically after signing. The default value is true.

  • toSignInputs: array - An array of objects specifying which inputs to sign, overriding the default behavior.

    • index: number - The index number of the input to sign.
    • address: string - The address whose corresponding private key should be used for signing (must provide either an address or a publicKey).
    • publicKey: string - The public key whose corresponding private key should be used for signing (must provide either an address or a publicKey).
    • sighashTypes: number[] (Optional) - An array of sighash types.
    • disableTweakSigner: boolean (Optional) - When signing for Taproot addresses, the tweakSigner is used by default. Setting this to true allows signing with the original private key.

Return Value

• Promise<string>: A promise that resolves to the hexadecimal string of the fully signed PSBT.

Batch Signing Multiple PSBTs

For applications that require high throughput, the API provides a method for signing multiple PSBTs in a single call.

okxwallet.bitcoinSignet.signPsbts(psbtHexs[, options])

Description
This method extends the functionality of signPsbt by accepting an array of PSBT hex strings for batch signing. Each PSBT in the array is processed, signing all inputs that match the current wallet's address.

Important Note: The same rule applies: for any PSBT input using a Taproot address, a public key must be provided for that input.

Parameters

• psbtHexs: string[] - An array of hexadecimal strings, each representing a PSBT to be signed.
• options: object[] (Optional) - An array of options objects. Each object in this array corresponds to the PSBT at the same index in psbtHexs and accepts the same parameters as the options object in signPsbt.

Return Value

• Promise<string[]>: A promise that resolves to an array of hexadecimal strings, each representing a signed PSBT.

Frequently Asked Questions

What is the primary purpose of the Injected Provider API?
The primary purpose is to provide a secure and standardized bridge between a user's cryptocurrency wallet (like a browser extension) and a web-based DApp. It allows the DApp to request account access, read blockchain data, and get signatures for messages and transactions without ever handling the user's private keys.

What is the difference between signing a message and signing a PSBT?
Signing a message is for off-chain verification, often used for authentication or proving ownership. Signing a PSBT is specifically for authorizing a blockchain transaction. A PSBT is a structured data format that can involve multiple inputs and outputs and may require signatures from multiple parties.

Why is it necessary to add a public key for Taproot inputs in a PSBT?
Taproot addresses (P2TR) are based on Schnorr signatures and MuSig schemes. The signing process for these addresses requires knowledge of the internal public key to correctly generate the signature. Providing the public key ensures the wallet can execute the correct cryptographic operations.

Can I use this API with mobile wallets?
The Injected Provider API is typically designed for browser extension wallets that can "inject" this JavaScript object into the website's context. Mobile wallet integration often relies on different methods, such as WalletConnect, for establishing a connection.

What should I do if the connect() method is rejected?
If the promise is rejected, it means the user denied the connection request. Your DApp should handle this gracefully by informing the user that wallet connection is required to proceed and providing them with an option to try again.

How do I handle errors from the signing methods?
All methods return a Promise. You should use .catch() or try/catch with async/await to handle potential errors. Common errors include user rejection, network issues, or incorrect parameters (e.g., an invalid psbtHex). Proper error handling ensures a robust user experience.