# Protocol

## Account verification

<mark style="color:blue;">`GET`</mark> `https://app.proofi.com/api/verify/{blockchain}/{account}`

Verify that a blockchain account is allowed to participate in a project. The response depends on the given API key.

#### Path Parameters

| Name                                         | Type   | Description          |
| -------------------------------------------- | ------ | -------------------- |
| blockchain<mark style="color:red;">\*</mark> | String | CAIP-2 blockchain id |
| account<mark style="color:red;">\*</mark>    | String | Blockchain address   |

#### Headers

| Name                                                  | Type   | Description              |
| ----------------------------------------------------- | ------ | ------------------------ |
| Auhorizaton: Bearer<mark style="color:red;">\*</mark> | String | Project specific API key |

{% tabs %}
{% tab title="200: OK Verification response" %}

```javascript
{
  "blockchain": "eip155:1",
  "address": "0xab16a96d359ec26a11e2c2b3d8f8b8942d5bfcdb"
  "state": "final",
  "approved": true,
  "timestamp": 1644581061214,
  "proof": "47pP5r1Kh159XmxcfG2eQVj6dKNhub3mvGgpJovcw7EcZyJswFLYyKGYNV21BGJ8pwkajA75ZLMWFBdv3BzMRMk"
}
```

{% endtab %}
{% endtabs %}

{% hint style="info" %}
[CAIP-2](https://github.com/ChainAgnostic/CAIPs/blob/master/CAIPs/caip-2.md) defines a way to identify a blockchain in a human readably, developer-friendly, and transaction-friendly way.
{% endhint %}

| eip155:1                                | Ethereum mainnet             |
| --------------------------------------- | ---------------------------- |
| eip155:42                               | Kovan: Ethereum test network |
| eip155:56                               | Binance smart chain          |
| solana:4sGjMW1sUnHzSxGspuhpqLDx6wiyjNtZ | Solana mainnet               |
| lto                                     | LTO Network                  |

### State <a href="#term-text" id="term-text"></a>

The response contains a `state` field, which can be "unknown", "pending", or "final". In case of a final result, the response will contain an `approved` field specifying if the given account should be allowed to participate in accordance with the configured requirements.

### Non-repudiation <a href="#term-text" id="term-text"></a>

A final response contains proof of delivery for additional assurance towards DeFi projects. It allows you to indisputably and independently prove that the information used to allow or reject participation, has been provided by Proofi.

The proof is an ECDSA secp256r1 (aka ECC prime256v1) signature. The signature is based on a binary message

| Field              | Type   | Bytes |
| ------------------ | ------ | ----- |
| Project id         | Binary | 26    |
| Account Length (N) | Short  | 2     |
| Account            | String | N     |
| Allowed            | Byte   | 1     |
| Timestamp          | Long   | 8     |

{% hint style="info" %}
The `account` field has the CAIP-10 format, which is `blockchain-id:address`. The address may be normalized.
{% endhint %}

{% hint style="success" %}
The sha256 hash of the signature is also published to LTO Network using an anchor transaction.
{% endhint %}

The public key for verifying the proof of delivery can be obtained from the SSL certificate of app.proofi.com.

### Idem potent

Doing the same request multiple times will give the same response, given that the information associated with the wallet address hasn't changed in the meantime.