As mentioned in the Design and Architecture guide, the Stellar Disbursement Platform consists of a few services deployed together, where the Anchor Platform is one of them.
For that reason, there are some connection points between the two instances that need to be properly configured in order for the Stellar Disbursement Platform to work correctly. We will be covering these integration points in this guide.
Please note that for the default deployment of the Stellar Disbursement Platform, that relies on default Helm values and default Wallets and Assets, no extra configuration is needed. This guide is for those who want to customize the deployment by changing the Wallets and Assets available in their SDP instance.
Role of the Anchor Platform in SDP
The Wallet Registration flow kicks off within the recipient's wallet app. This app interacts with the Anchor Platform to initiate the SEP-24 deposit process through the SDP (Stellar Disbursement Platform). The SDP collects the necessary recipient information to ultimately execute the payment to them.
The Anchor Platform (AP) is used to handle the implementation of interoperability protocols such as SEP-1, SEP-10, and SEP-24, making their endpoints available to wallet apps. The Anchor Platform is pre-configured in both the repo's Helm chart, and in the Docker Compose file available in the
Steps for Configuring SDP-AnchorPlatform Integration
To ensure a seamless integration between the SDP and the Anchor Platform, make sure to follow these steps:
- 🚨 Critical Step: Configure the Anchor Platform with
PLATFORM_SERVER_AUTH_TYPE: JWT. This setting is crucial for securing your Anchor Platform's backoffice API via JWT token authentication.
- Shared Secrets for API Authentication: The
SECRET_PLATFORM_API_AUTH_SECRETin the Anchor Platform should match
ANCHOR_PLATFORM_OUTGOING_JWT_SECRETin the SDP.
- Shared Secrets for SEP-24: The secrets
SECRET_SEP24_MORE_INFO_URL_JWT_SECRETin the Anchor Platform need to align with
SEP24_JWT_SECRETin the SDP.
- SEP-10 Configuration: The
SECRET_SEP10_SIGNING_SEEDin the Anchor Platform should be consistent with both the
SEP10_SIGNING_PUBLIC_KEYin the SDP.
By following these steps, you'll ensure a secure and efficient integration between your SDP and Anchor Platform systems.
Manual Synchronization of Custom Assets and Wallets
Currently, some configurations within the Anchor Platform are static and loaded via environment variables. On the other hand, the SDP reads these same configurations from its database and allows an owner user to modify them. This dynamic pertains particularly to the lists of supported assets and wallets.
While we are actively exploring ways to automate this synchronization process, manual adjustments to the Anchor Platform configuration are necessary whenever an asset or wallet is added or removed on the SDP.
- (Required) Update Supported Assets: Whenever you change the list of supported assets in the SDP, it's essential to update the Anchor Platform's
ASSETS_VALUEconfiguration to reflect these changes. Refer to the repo's Helm values or Docker Compose file(s) for examples.
- (Optional, but Recommended) Wallets and SEP-10 Domains: If you employ the
SEP10_CLIENT_ATTRIBUTION_REQUIRED: truesetting in the Anchor Platform - a recommended best practice - you must also update the
SEP10_CLIENT_ATTRIBUTION_ALLOW_LISTto include trusted wallet domains. This ensures that the Anchor Platform will process SEP-10 requests only from trusted wallets.
By adhering to these guidelines, you can ensure a consistent and secure configuration between your SDP and Anchor Platform instances.