Skip to main content

DeBox DApp

DeBox DApp

Developer-facing DApp integration guide (current version).

1. What is a DApp

A DeBox DApp is an H5 app running inside the DeBox built-in browser.

You can:

  • Reuse existing web pages for fast integration
  • Use injected wallet objects for on-chain interactions
  • Call DeBox OpenAPI from your backend for messaging/user/group features

2. Quick start

  1. Create an app on DeBox Open Platform and get API Key.
  2. Prepare a publicly reachable HTTPS web app.
  3. Implement DeBox environment detection and wallet flows.
  4. Keep OpenAPI calls on your backend (never expose secrets in frontend).

3. Runtime detection

const isDeBoxUA = !!window?.navigator?.userAgent?.includes("DeBox")
const hasDeBoxWallet = typeof window?.deboxWallet !== "undefined"
const hasEthereum = typeof window?.ethereum !== "undefined"
const hasSolana = typeof window?.solana !== "undefined"

Recommendation:

  • Use hasDeBoxWallet || hasEthereum as your EVM capability check.
  • Add graceful fallback for non-DeBox runtime.

4. Wallet and user-info capabilities

Primary entry is window.deboxWallet (EVM-compatible).

4.1 Request permissions

await window.deboxWallet.request({
  method: "wallet_requestPermissions",
  params: [{ eth_accounts: { debox_getUserInfo: {} } }],
})

4.2 Get public user profile

const userInfo = await window.deboxWallet.request({
  method: "debox_getUserInfo",
  params: [],
})

Example response (fields may vary by client version):

{
  "uid": "jkdi123",
  "address": "0xa56b4f0c7622bd076c2ba48b17d1e8d3fbf5303e",
  "name": "Alice",
  "avatar": "https://...png"
}

Security baseline:

  • Frontend calls your backend only.
  • X-API-KEY, signature params, and app secret stay server-side.

Primary API reference:

6. Message sending (current API)

Use POST /openapi/bot/sendMessage:

curl -X POST "https://open.debox.pro/openapi/bot/sendMessage" \
  -H "Content-Type: application/json" \
  -H "X-API-KEY: YOUR_APP_KEY" \
  -d '{
    "chat_id": "cc0onr82",
    "chat_type": "group",
    "content": "Hello from DApp",
    "parse_mode": "richtext"
  }'

Field notes:

  • chat_type: group | private
  • chat_id:
    • group -> gid
    • private -> user user_id
  • content: message body
  • parse_mode: default richtext

7. Production checklist

  1. HTTPS and mobile adaptation are complete.
  2. Runtime detection + fallback path are verified.
  3. Wallet permission flow handles reject/cancel/success.
  4. OpenAPI calls are backend-only.
  5. Logs contain request id, user identity, endpoint, and error code.

8. FAQ

  1. OpenAPI fails when called directly in browser:
  • Expected; move calls to backend.
  1. Message send failures:
  • Check chat_type/chat_id mapping.
  • Check non-empty content and valid parse_mode.
  1. Wallet object missing:
  • Not in DeBox runtime or unsupported client version.