Select Page

Web3devs Stacks Access Plugin

Sample of exclusive content to only NFT owners in the stacks network.

Thank you for taking the time to review our site using our new wordpress plugin.

We have developed and released the first stacks NFT project for wordpress administrators that will allow you to only allow certain content to be accessed by owning an NFT.

 

Below is an example of how the plugin works.

Below is a link to the pod casts that can only accessed by owners of the Stacks token. If you do not have a stacks token in your wallet then you will be redirected to a denial page. If you do have one then you will get access to the podcasts page.

It is that easy!

wordpress

1. Get plugin

Download and upload web3devs-stacks-access.zip to the /wp-content/plugins/ directory and unzip the file.

Activate the plugin through the ‘Plugins’ menu in WordPress.

wordpress-backend

2. Configure

Go to “Stacks Access > Settings” and configure token contract addresses (or stx/STX for STX).

new-screenshot-1

3. Use it!

Go to Page/Post and use Stacks Access Widget (at the bottom) to configure access restrictions.

new-screenshot-5

Answers to Your Questions

What wallets do you support?
Do you plan to support any other wallets?

Short answer: no.

Long answer: Xverse – maybe. Wallet Connect compatible wallets – maybe. If a wallet is compatible with Stacks.js, then it should work. Hiro Wallet is the de facto standard for Stacks

What PHP extensions are required for this plugin to work?

None.

The ones that we would probably need for this to be 100% PHP based are:
secp256k1 – but it’s experimental, requires manual compilation and it’s development is staled
c32check – it’s Stacks’ variant, so has to be reimplemented in PHP
stacks.js – but in PHP 🙂

Since none of the above is available at the moment, we’ve moved the required dependencies to a third party service that simply takes the signature and calculates Public Address used to sign it.

Why does it say “testnet” when I’m on mainnet?

It’s due to a bug in Hiro Wallet, see here.

Basically, when connecting Hiro Wallet for signing, the account selection screen sometimes makes no effect and your current account is selected.

Pay attention to account public address shown at the top of the screens to make sure you’re signing with desired account.

Otherwise – switch it in the wallet, before connecting (refresh the page to “disconnect” your wallet if needed, sometimes you may need to close your browser (clear session cookies))

What is the transaction cost (gas fee) of determining the access?

0 (zero).
There’s no cost, because there’s no transaction involved.

Signing a secret phrase is the wallet’s built in functionality. It happens “locally” and is not published to the blockchain, therefore does not end up as a transaction.

Why do you need access to my wallet?

We don’t.
We don’t need it and we don’t access it.

We need your wallet’s public address. To prove you OWN the address, we need you to use the wallet to sign a secret phrase for us (your wallet uses your private key to do it – the key never leaves your computer!).

Your wallet contents is publicly available information. If you know a wallet’s address, ex. ST24YYAWQ4DK4RKCKK1RP4PX0X5SCSXTWQXFGVCVY you can see it’s contents in blockchain explorer or via Stacks API – that’s how we determine if you own configured tokens.

Are there any other Stacks/Hiro bugs I should be concerned about?

Yes.

Message signing (which we use to derive your wallet’s public address) is a relatively new feature in Hiro Wallet and Stacks itself and it’s been published prematurely 🙂

There are (were) problems with:
– message signing in a way that prevented users from deriving public address from signatures (see here, here and here)
– incompatible secp256k1 signature orders (vrs vs rsv) (see here)

The good thing is: it’s a known problem
The bad thing is: when it’s fixed, chances are our plugin will stop working until we make it compatible with the new versions of Hiro Wallet and Stacks.js