Quickproof

Introduction

Using Quickproof, VASPs can easily generate unique URLs that allow their customers to prove ownership over a self-hosted wallet. These proofs will be sent to, verified by and stored in 21 Travel Rule.

Workflow

  1. A VASP's customer is required to submit proof of ownership for an address.
  2. The VASP generates a unique proof ID which it associates with the customer.
  3. The VASP uses the proof ID to assemble a Quickproof URL following the detailed explanation below.
  4. The VASP loads the Quickproof URL in an iframe or redirects the customer to the Quickproof URL.
  5. The customer completes the ownership proof and (if necessary) is redirected back to the VASP's main page.
  6. The VASP receives a notification about the completed proof via the GraphQL subscription API.
  7. The VASP correlates the proof ID from the subscription notification with the proof ID it has generated in step 1 and proceeds accordingly.

Quickproof URL composition

Quickproof requires a URL with a specific format. An example of what it can look like is shown below.

https://quickproof.vasp.com/withdraw/wallet/someid

Below, the URL's components are discussed.

Domain

Given the URL above, quickproof.vasp.com represents the domain. It is set during deployment in the Caddyfile.

Transaction Type

Quickproof requires choosing between the withdraw and deposit transaction type. This is done by selecting either the /withdraw/wallet/ or /deposit/wallet/ path in the URL. The key difference is that the deposit transaction type will require the customer to submit his xpub key.

Proof ID

/someid is the last segment in the URL's path and represents the proof ID. The proof ID enables a VASP to correlate received proofs with their customer. The proof ID is a one-time use ID. Therefore, a new ID needs to be generated for each proof of ownership. This ID will be included in the message to be signed by the customer.

Optional Query Arguments

There are a few optional query arguments available.

https://quickproof.vasp.com/withdraw/wallet/someid?asset=eth&redirect=www.vasp.com

In the above example, both asset and redirect are used, but they can be used separately.

Asset

A VASP can add the asset query parameter /someid?asset=eth to specify the asset required for the ownership proof. If the query parameter is omitted, Quickproof will default to the Bitcoin (btc) asset type. The wallet options presented to the customer are filtered by supported assets. Hence, the customer is never presented with wallets that don't work for a particular asset.

Redirect

By using the redirect query argument /someid?redirect=www.vasp.com, a VASP can redirect a customer back to its main site upon successful proof submission. A valid URL must be entered, or the query argument will be ignored.

Wallet Address Picking Strategies

Different wallets will inhibit different strategies for picking an address for the ownership proof. These are detailed below.

BitBox

BitBox picks the next available address.

Ledger

Ledger picks the native segwit address at index 0. Native segwit needs to be configured in the settings of Ledger Live in order for the address to become visible.

Trezor

Trezor picks the native segwit address at index 0.