Web3devs Stacks Access Plugin

Description

Stacks Access Plugin allows users to define which Posts or Pages have limited access based on user’s Hiro wallet contents (STX, NFTs, Fungible Tokens).

Ex. let’s say you own Crypto Ducks Club NFTs and want your blog content to be available only to other Crypto Ducks Club owners – with this plugin, you can do that.

Installation

  1. Upload web3devs-stacks-access.zip to the /wp-content/plugins/ directory
  2. Unzip the file
  3. Remove the zip file, leave the directory
  4. Activate the plugin through the ‘Plugins’ menu in WordPress
  5. Go to “Stacks Access > Settings” and configure token contract addresses (or stx/STX for STX)
  6. Go to Page/Post and use Stacks Access Widget (at the bottom) to configure access restrictions

FAQ-e

What wallets do you support?

Hiro Wallet only.

Do you plan to support any other wallets?

Short answer: no.

Long answer: Xverse – maybe. Wallet Connect compatible wallets – maybe.

If a wallet is compatible with Stacks.js, then it should work.

Hiro Wallet is the de facto standard for Stacks 🤷

What PHP extensions are required for this plugin to work?

None.

The ones that we would probably need for this to be 100% PHP based are:

  • secp256k1 – but it’s experimental, requires manual compilation and it’s development is staled
  • c32check – it’s Stacks’ variant, so has to be reimplemented in PHP
  • stacks.js – but in PHP 🙂

Since none of the above is available at the moment, we’ve moved the required dependencies to a third party service that simply takes the signature and calculates Public Address used to sign it.

What is the transaction cost (gas fee) of determining the access?

0 (zero).

There’s no cost, because there’s no transaction involved.

Signing a secret phrase is the wallet’s built in functionality. It happens “locally” and is not published to the blockchain, therefore does not end up as a transaction.

Why do you need access to my wallet?

We don’t.

We don’t need it and we don’t access it.

We need your wallet’s public address. To prove you OWN the address, we need you to use the wallet to sign a secret phrase for us (your wallet uses your private key to do it – the key never leaves your computer!).

Your wallet contents is publicly available information. If you know a wallet’s address, ex. ST24YYAWQ4DK4RKCKK1RP4PX0X5SCSXTWQXFGVCVY you can see it’s contents in blockchain explorer or via Stacks API – that’s how we determine if you own configured tokens.

See:
API view
Stacks Explorer

If we (or ANYONE ELSE) ask you for your private key or seed/mnemonic phraseTHAT’S SOMETHING you should be worried about

Why does it say “testnet” when I’m on mainnet?

It’s due to a bug in Hiro Wallet, see here.

Basically, when connecting Hiro Wallet for signing, the account selection screen sometimes makes no effect and your current account is selected.

Pay attention to account public address shown at the top of the screens to make sure you’re signing with desired account.

Otherwise – switch it in the wallet, before connecting (refresh the page to “disconnect” your wallet if needed, sometimes you may need to close your browser (clear session cookies))

Are there any other Stacks/Hiro bugs I should be concerned about?

Yes.

Message signing (which we use to derive your wallet’s public address) is a relatively new feature in Hiro Wallet and Stacks itself and it’s been published prematurely 🙂

There are (were) problems with:
– message signing in a way that prevented users from deriving public address from signatures (see here, here and here)
– incompatible secp256k1 signature orders (vrs vs rsv) (see here)

The good thing is: it’s a known problem
The bad thing is: when it’s fixed, chances are our plugin will stop working until we make it compatible with the new versions of Hiro Wallet and Stacks.js

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Web3devs Stacks Access Plugin” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

1.0.3

  • Changed logo again

1.0.2

  • Changed logo

1.0.1

  • Fix: Issue with “testnet” phrase showing up when “mainnet” account selected

1.0.0

  • Mainnet / Testnet compatible Stacks Access plugin