Deep Link Specification
This document describes the deep link structure and response formats for the Tokeo mobile wallet. This includes supported operations, parameters, expected behavior, and error handling standards.
📥 Incoming Deep Links
Deep links follow the format:
The data query parameter is a base64url-encoded JSON object. All requests must contain:
callback: a URL that the wallet should call when responding.nonce: a unique string that the DApp can use to correlate the response.
🔐 Common Parameters (in data JSON)
data JSON)callback
string
✅
URL to be called after processing.
nonce
string
✅
Unique identifier for the request.
✅ Supported Actions
1. request-accounts
request-accountsRequest the user's BTC address.
Example Request
Response
Success:
Returned as:
Error:
Returned as:
2. get-accounts
get-accountsAlias of request-accounts, returns the same result.
3. sign-message
sign-messageSign a message with the user's private key.
Fields in data
msg
string
✅
The message to be signed.
curve
string
❌
One of ecdsa (default) or secp256k1
Success Response
Error Example
4. sign-psbt
sign-psbtSign a PSBT (Partially Signed Bitcoin Transaction).
Fields in data
tx
string
✅
The base64 PSBT string to be signed.
autoFinalize
boolean
❌
Whether to finalize the PSBT (default: true)
Success Response
Error Response
🔁 Response Format
All responses to a callback URL include:
?data=<base64 encoded JSON>for success?error=<base64 encoded JSON>for errors&nonce=<original nonce>is always appended
Example:
❗ Error Codes
1001
user_rejection
User manually declined a request.
1002
invalid_request
Malformed or missing input from DApp.
1003
signing_error
Failure during signing (exception, invalid input).
1006
internal_error
Unexpected app crash or internal issue.
🛠️ Notes
nonceis not validated by the wallet, but must be returned for the DApp to match responses.callbackmust be HTTPS.Base64 is URL-safe encoded with
NO_WRAPandURL_SAFEflags.All JSON responses are encoded before returning.
Last updated