Action Codes is designed around a modular, service-oriented architecture optimized for secure and scalable consumption of One-Time Action Codes (Action Codes). It separates code generation, indexing, and consumption into distinct components that can scale independently and be integrated flexibly across client platforms.

Core Components

• Code Generation Service: A secure service that lives under app.ota.codes and is the only source of valid Action Codes. Users must connect their wallet to generate codes.
• Action Code Resolver: A lightweight SDK and backend utility that validates and interprets codes from any client, with built-in expiry and anti-spoof checks.
• Consumption Clients: Headless widgets or app-integrated components (e.g. Blink) that accept Action Codes, resolve intent, and submit transactions for users to confirm.
• Indexer: An internal system that tracks code usage and events for analytics, security review, and insights.

Security Considerations

Each Action Code includes a cryptographic proof of wallet intent and is time-limited (default 2 minutes). The system ensures codes cannot be reused, spoofed, or fabricated off-platform. Validations happen entirely on-chain or with strong off-chain guarantees depending on context.

Integration Flow

Developers integrate the consumption side of the architecture via the @actioncodes/sdk package. This includes TypeScript SDK or React hooks and utilities that handle code resolution, action monitoring, and submission flows, allowing seamless drop-in support for Action Codes in any app.

Alternatively, you can use our REST API to consume Action Codes.