Merge remote-tracking branch 'origin/main'

.github/ISSUE_TEMPLATE/feature_request.yaml

@@ -1,6 +1,6 @@
-name: Feature request
+name: Docs feature request
 description: Suggest an idea for this project
-title: Feature request
+title: Docs feature request
 labels: ["feature :sparkles:"]
 body:
   - type: textarea
@@ -17,22 +17,8 @@ body:
       description: A clear and concise description of what you want to happen
     validations:
       required: true
-  - type: textarea
-    id: feature_request_alternatives
-    attributes:
-      label: Describe alternatives you've considered
-      description: A clear and concise description of any alternative solutions or features you've considered
-    validations:
-      required: true
   - type: textarea
     id: feature_request_additional_context
     attributes:
       label: Additional context
       description: Add any other context or screenshots about the feature request here
-  - type: markdown
-    attributes:
-      value: |
-        **Want to contribute?**
-  - type: markdown
-    attributes:
-      value: We love contributions from the TON community! Please comment on an issue if you're interested in helping out with a PR.

README.md

@@ -21,7 +21,7 @@ TON is an actively growing ecosystem, and every day many devs contribute to its
 You can participate in TON by helping organize knowledge, making Pull Requests and creating tutorials to help other developers. 
 Feedback, lectures, technical articles, tutorials, and examples. All this can help the developers community grow even faster!
 
-Join TON Docs Club chat in Telegram and get the latest tasks from maintainers:
+Join TON Docs Club chat in Telegram to join contributors party:
 * https://t.me/+c-0fVO4XHQsyOWM8
 
 ---
@@ -30,12 +30,11 @@ Join TON Docs Club chat in Telegram and get the latest tasks from maintainers:
 
 ## How to Contribute? 🦄
 
-As said before, it's up to you.
-
 If you are a developer and faced some difficulties, successfully overcoming them - share this knowledge with future developers!
 
-— Have an idea? [Submit an issue](https://github.com/ton-community/ton-docs/issues/new/choose).  
-— Want to validate changes? [Setup your environment](https://github.com/ton-community/ton-docs#set-up-your-environment-%EF%B8%8F).
+— Have an issue? [Prepare a solution with TON Docs Wizard](https://t.me/ton_docs_bot).  
+— Have an idea? [Submit a Feature Request](https://github.com/ton-community/ton-docs/issues/new/choose).  
+— Want to contribute? [Setup your environment](https://github.com/ton-community/ton-docs#set-up-your-environment-%EF%B8%8F).
 
 Contributing best practices:  [docs/contribute](https://ton.org/docs/contribute)
 

docs/develop/dapps/ton-connect/sign.mdx

@@ -4,8 +4,10 @@ import ThemedImage from '@theme/ThemedImage';
 
 ## Use Cases
 
-Please note that signing is not required for all DApps. It will be useful if you want to verify a user to provide them with their personal information from the back end. This is necessary for authorization on the backend, to prove that the user truly owned the declared address.
+Please note that the ton_proof verification is not required for all DApps.
+This is necessary for authorization on the backend to make certain that the user truly owned the declared address, as it follows that the user has permission to access his data on the backend.
 
+It will be useful if you want to verify a user to provide them with their personal information from the back end.
 
 ## How ton_proof Works?
 
@@ -45,26 +47,21 @@ type TonProofItemReplySuccess = {
 
 ```
 
-## Check ton_proof with API
-
-1. Retrieve `TonProofItemReply` from user.
-2. Try to obtain public key via get_public_key get method on smart contract deployed at `address`
-3. If the smart contract has not been deployed (e.g., the user has just created a new wallet locally in the wallet app) or does not support get_public_key method(v3 contracts), follow these steps:
-* a. Parse wallet's StateInit `walletStateInit = TonAddressItemReply.walletStateInit`
-* b. Retrieve `{public_key, address}` from `walletStateInit` with [TON API](https://tonapi.io/) method POST /v2/tonconnect/stateinit
-*  Check that `address` extracted from `walletStateInit` or  corresponds to wallet's `address` declared by user.
-4. Verify timestamp, domain, signature with `public_key` (examples [GO](https://github.com/ton-connect/demo-dapp-backend/blob/master/proof.go), [TS](https://gist.github.com/TrueCarry/cac00bfae051f7028085aa018c2a05c6), [Python](https://github.com/XaBbl4/pytonconnect/blob/main/examples/check_proof.py))
-
-## How to Check TON Proof on Server Side
-
-Obtain from the frontend the following data: wallet address, domain, timestamp, walletStateInit, signature
-
-* Verify that the domain corresponds to the domain of your application
-* Check that this payload was issued recently (you can issue cookies with the payload before authorization, and when checking ton_proof, verify the presence of a cookie for this client)
-* Assemble a message according to the scheme from the previous slide
-* Obtain the wallet's pubkey via the wallet contract's get method
-* If the contract is not active, then obtaining the key in this manner will be impossible; you will need to parse the walletStateInit, which is provided by the frontend
-* Verify that the signature from the frontend actually signs the assembled message and corresponds to the public key of the address
+## Check ton_proof on Server Side
+
+1. Retrieve `TonProofItemReply` from a user.
+2. Verify that the received domain corresponds to the domain of your application.
+3. Check if `TonProofItemReply.payload` permitted by original server and still active.
+4. Check if `timestamp` actual at the moment.
+5. Assemble a message according to the [message scheme](/develop/dapps/ton-connect/sign#concept-explanation).
+6. Retrieve `public_key` either API (a) or (b) implemented logic on back-end
+- 6a:
+    - Retrieve `{public_key, address}` from the `walletStateInit` with [TON API](https://docs.tonconsole.com/tonapi/api-v2#:~:text=/v2/-,tonconnect,-/stateinit) method `POST /v2/tonconnect/stateinit`.
+    - Check that the `address` extracted from `walletStateInit` or corresponds to wallet's `address` declared by user.
+- 6b:
+    - Obtain the wallet's `public_key` via the wallet contract's [get method](https://github.com/ton-blockchain/wallet-contract/blob/main/func/wallet-v4-code.fc#L174).
+    - If the contract is not active, or if it lacks the get_method found in older wallet versions (v1-v3), then obtaining the key in this manner will be impossible. Instead, you will need to parse the walletStateInit provided by the frontend. Ensure that TonAddressItemReply.walletStateInit.hash() is equal to TonAddressItemReply.address.hash(), indicating a BoC hash.
+7. Verify that the `signature` from the frontend actually signs the assembled message and corresponds to the `public_key` of the address.
 
 ## React Example