Send customers to a hosted checkout. They can pay in any currency; once paid, we send your server a signed confirmation you verify with the public key below.
1. Checkout link
https://anondrop.net/checkout?wallet=YOUR_WALLET_KEY&nonce=ORDER_ID&amount=SOL&shop=Shop&product=Item&image=https://you/item.png&callback=https://you/cb
A nonce is single-use per wallet. image must be .png or .webp.
2. Public key (Ed25519)
V7F6+hiMHqB5i/csaZ1yFqDXbP7qGcBZ/LLnJi8rj0k=
Also at /checkoutpubkey.
3. Signed callback we POST you
{
"payload": { "wallet": "...", "nonce": "...",
"amount_requested": "1.5", "amount_paid": "1.5",
"currency": "SOL", "status": "paid", "paid_at": 0 },
"signature": "<base64>", "public_key": "...", "algorithm": "ed25519"
}
4. Verify (Python)
import base64, json
from nacl.signing import VerifyKey
PUB = "V7F6+hiMHqB5i/csaZ1yFqDXbP7qGcBZ/LLnJi8rj0k="
def verify(body, my_wallet, my_nonce, my_amount):
p = body["payload"]
msg = json.dumps(p, sort_keys=True, separators=(",",":")).encode()
VerifyKey(base64.b64decode(PUB)).verify(msg, base64.b64decode(body["signature"]))
assert p["wallet"] == my_wallet # not changeable via URL
assert p["nonce"] == my_nonce # ties it to your order
assert p["status"] == "paid"
assert float(p["amount_paid"]) >= float(my_amount)
return True
The signature proves it came from AnonDrop. Always compare wallet, nonce and amount_paid against your own order so a tampered URL can't fool you. Full docs at /info.