PayString was previously known as PayID.
In this guide, you will deploy a local PayString server, create a PayString, sign and verify the PayString, and test it using calls to the PayString Admin API. If you want to use base PayString without verification, see Getting Started.
For more information about Verifiable PayString, see Enhance Security With Verifiable PayString.
Before you begin:
- Deploy a PayString server locally. See Getting Started: Deploy a PayString Server.
- Install PayString CLI. You will use the command line to perform the tasks in this tutorial.
- Open the command line. Enter
payid. You can now enter commands in interactive mode.
- See the available commands: enter
help. Note the commands related to signing and verifying PayStrings.
- Create an empty PayString:
- Add a crypto address:
crypto-address add XRPL TESTNET rDk7FQvkQxQQNGTtfM2Fr66s7Nm3k87vdS. This command specifies the relevant
addressfor your ledger.
- Generate a user identity key:
keys generate. This key is stored locally at the specified location. Make sure you keep the key in a safe place.
- Sign the PayString with the user identity key to create a verified PayString and address payload:
- Remove the unverified crypto address:
crypto-address remove rDk7FQvkQxQQNGTtfM2Fr66s7Nm3k87vdS. The output payload should have this format:
- Upload the verified PayString. If you are using the PayString Admin API version from 2020-08-25 or later, POST the payload from Step 7 to the Admin API endpoint. See PayString API Reference. As mentioned, you must have a PayString server deployed to use this API.
If you use the PayString Admin API version from before 2020-08-25, then you must modify this payload.
identityKeyshould have the contents of the
protectedfield in Step 7.
verifiedAddressesshould be the un-stringified JSON contents of the
payloadfield in Step 7.
identityKeySignatureshould be the
signaturefield in Step 7. The payload for older versions of the PayString Admin API appears as follows:
Retrieve and verify the verified PayString using PayString CLI. These commands do not use interactive mode.payid load verifiabledemo$127.0.0.11payid inspectpayid verify
Verify the PayString from the PayString Public API endpoint with GET. See API Reference. You can also use a JWS library like
joseto verify the
If operating through a trust on first use (TOFU) model, safely store the identity key after successful verification, and use this key to verify subsequent addresses retrieved from the same PayString.