Implementation checklist
This article presents a concise implementation checklist for developers using Xumm. By following these steps, you can ensure a smooth and secure integration whilst optimizing the user experience.
Fetch Payload Results: Trigger your application to fetch payload results after receiving a Webhook callback.
Inspect Payload Output: Confirm
meta.resolved
andmeta.signed
are both true in the payload output.Identify Dispatched Node Type: Ensure
response.dispatched_nodetype
is "MAINNET" for real payments.Validate Transaction ID: Validate the
response.txid
value on the ledger.Examine Delivered Amount: Confirm the
meta.delivered_amount
equals the expected payment amount.Use xrpl-txdata Package: Establish a connection to the XRP Ledger, fetch the transaction by hash, and cross-verify transaction details with the XRPL ledger.
Network Independence: Use the Xumm API/SDK, which operates independently of the network, to allow users the freedom of network choice.
Network Information: Ensure the results of a signed payload include the network the user was on during the signing.
Forced Network Identifier: Check for the expected result in the Payload results or specify a particular network using a forced network identifier in a payload.
OTT Data: Utilize xApp OTT data, including network information, to better manage transactions.
When linking to Transaction Details using a Transaction Explorer, consider using our helper tooling: Tx Explorer(s)
Secure Your Webhooks: Implement appropriate security measures.
Verify Payloads: Authenticate received payloads.
Error Handling: Develop robust error management mechanisms.
xApp Creation & Audit: Anyone can create sandbox xApps, but public release requires an audit by XRPL Labs for user safety, compliance, and value addition.
User Experience: xApps must be self-explanatory, prevent dangerous mistakes, and provide a unique experience tailored to Xumm users.
Technical & Styling Standards: xApps must meet Xumm's technical guidelines and respect or have unique styling.
Transparency & Support: Developers cannot be anonymous and must provide a clear support workflow, terms & conditions, and a privacy statement.
Last updated