ArConnect is still in beta, so we don't have a documentation for now. If you wish to secure your Arweave application, and want to make it more trustable in the community, you can read the guide below to integrate.
Most Arweave applications currently use something like a modal or a file dropper to access information about your wallet. This is insecure and not suitable for efficient and secure usage.
To replace this action, you can use a new function of arweave-js, only available on the web:
// the extension is loaded asynchronously, so you will need to listen for it to load
// this is only needed when you are executing an "ArConnect" function on page load
// you can leave this event listener out if not
addEventListener("arweaveWalletLoaded", async () => {
// get the currently used wallet's address. "arweave-js" will handle everything under the hood (permissions, etc.)
// important: this funciton returns a promise and it will not be resolved until the user logs in
const addr = await arweave.wallets.getAddress();
});
// you can also listen for wallet switch events (when the user chooses to use an another wallet)
addEventListener("walletSwitch", (e) => {
const newAddr = e.detail.address;
});Now you don't have to load the user's keyfile for transactions. Simply create a transaction without a wallet/jwk key:
const tx = await arweave.createTransaction({ /* config */ });Than sign it with ArConnect:
await arweave.transactions.sign(tx);Done! Now you can freely post the transaction.
ArConnect supports much more with it's powerful API. These features are not integrated into arweave-js right now, but please let us know if you would like to see them added or not.
A documentation for all functions and events will be released soon. Thank you for integrating ArConnect and making the web more secure.