In the ever-evolving world of blockchain technology, Solana is carving out a niche as a high-performance, scalable platform. But with great power comes great complexity—or does it? Enter Solana Actions and Blinks, two ingenious innovations designed to simplify interactions with the Solana blockchain. Think of them as the Batman and Robin of the Solana ecosystem, making on-chain transactions as easy as a few clicks (or taps).
Simply put, they're APIs that return transactions on the Solana blockchain. But there's more to it than that. These APIs are designed to be integrated into various contexts, from QR codes to widgets and websites. The magic of Actions is that they allow developers to bring the functionality of the Solana ecosystem directly to users, without the need to navigate away from their current environment.
Imagine you're browsing a website and you want to make a transaction. Normally, you'd have to open a separate wallet app, sign in, and complete the transaction there. With Solana Actions, you can preview, sign, and send transactions directly from the website. It's like having a personal assistant who handles all the nitty-gritty details while you enjoy the show.
Ready to secure your Solana smart contracts? Take the first step towards a safer blockchain journey. Request an Audit with QuillAudits today & ensure your contracts are robust and secure!
To quickly get started with building custom Solana Actions, follow these steps:
1. Install the Solana Actions SDK
You can find the source code for an Action that performs a native SOL transfer here and other example Actions in this repository.
When deploying your custom Solana Actions to production:
actions.json
file at the root of your domain.actions.json
file.For additional inspiration, explore the Awesome Blinks repository to see community-created Actions and find ideas for new ones.
Interacting with Solana Actions is like having a conversation with a well-mannered chatbot. Here’s how it works:
But wait, there's more! Actions can also support invalidation, meaning they can detect if an action is no longer valid. For example, if a voting window has closed, the GET request can return a message like "This proposal is no longer up for a vote," disabling the relevant buttons.
This code demonstrates how to use Solana Actions, a framework for creating interactive requests for signable transactions or messages on the Solana blockchain. The example showcases a web service that facilitates transferring SOL (Solana's native token) between wallets.
The code uses the @solana/actions
package and Solana's web3.js library.
@solana/actions
: Provides utilities for creating Action responses and handling CORS.@solana/web3.js
: Solana's client library for interacting with the blockchain, including creating transactions and querying the network.DEFAULT_SOL_ADDRESS
and DEFAULT_SOL_AMOUNT
for fallback values.Constants:
DEFAULT_SOL_ADDRESS
: The default address to which SOL will be sent if none is specified.DEFAULT_SOL_AMOUNT
: The default amount of SOL to send if none is specified.
Handles incoming GET requests to provide metadata and action links for the Solana Actions.
GET
req
(Request object)Process:
toPubkey
(recipient's public key) from the URL's query parameters using validatedQueryParams
.ActionGetResponse
) containing:title
: The title of the action.icon
: The URL of an icon image.description
: A brief description of the action.links.actions
: An array of actions users can take, such as sending different amounts of SOL.ACTIONS_CORS_HEADERS
).
Handles OPTIONS requests to support CORS preflight checks.
OPTIONS
Handles POST requests to execute the SOL transfer action.
POST
req
(Request object)Process:
amount
and toPubkey
from the URL's query parameters using validatedQueryParams
.account
(public key).account
and amount
.Connection
.ActionPostResponse
) containing the transaction details for the user to sign.
validatedQueryParams
requestUrl
: The URL object containing query parameters.amount
and toPubkey
properties.Process:
to
query parameter into a PublicKey
object. Defaults to DEFAULT_SOL_ADDRESS
if not provided.amount
query parameter into a float. Defaults to DEFAULT_SOL_AMOUNT
if not provided.amount
to ensure it is greater than 0.
The code includes basic error handling, logging errors to the console and returning an appropriate response with a status code of 400 and a CORS header if an error occurs.
Take advantage of the WAGSI Grants to finance your project and implement your innovative ideas.
Now, let's talk about Blinks—short for blockchain links. These are special URLs that turn any Solana Action into a shareable, metadata-rich link. But Blinks are not just any links; they're like Swiss Army knives for Web3. They can be shared on websites, social media, or even in chat applications like Discord. When you click on a Blink, it can trigger a transaction preview in your wallet or expand into interactive buttons, depending on the platform.
For instance, imagine you're on a Discord server, and someone shares a Blink. If the bot or client you're using supports Blinks, you could see an interactive set of buttons, allowing you to complete the transaction without leaving Discord. It’s like magic but with more zeros and ones.
A Blink URL defines a client application that guides users through the entire process of executing an Action, including wallet signing.
https://example.domain/?action=<action_url>
For a client application to qualify as a blink, it must adhere to the following requirements:
action
query parameter.action
query parameter.Note: Not all blink client applications (such as websites or dApps) are required to support every Action. Developers can choose which Actions to support within their blink interfaces.
A valid blink URL with an Action value of solana-action:<https://actions.alice.com/donate
> URL-encoded:
<https://example.domain/?action=solana-action%3Ahttps%3A%2F%2Factions.alice.com%2Fdonate>
Blinks can be associated with Actions in three primary ways:
solana-action:<https://actions.alice.com/donate
>actions.json
file located at the domain root.https://alice.com/actions.json
might map the website URL https://alice.com/donate
to the API URL https://actions.alice.com/donate
, hosting Actions for donating to Alice.https://example.domain/?action=<action_url>
Clients that support blinks should be able to recognize any of these formats and render an interface for users to execute the action directly within the client.
For clients that do not support blinks, there should be an underlying website as a fallback option, allowing the browser to serve as a universal fallback. If a user clicks anywhere within a client that is not an action button or text input field, they should be redirected to the underlying site.
The concept of Action Identity is critical for attributing on-chain activities to specific services or Action Providers in a verifiable manner. This process involves creating a unique keypair known as the Action Identity, which is used to sign specially formatted messages included in transactions. These messages, known as Action Identifier Messages, are integral to the attribution process and help in identifying and verifying actions taken by a particular service on the Solana blockchain.
The Action Identity keypair consists of a public and private key. The public key serves as an identifier for the Action Provider, while the private key is used to sign messages. These messages, containing specific information, are included in transactions through the Memo instruction. The keypair itself does not sign the transaction, which enhances transaction deliverability when no other signatures are present in the transaction returned to the user.
The Action Identifier Message is a structured string included in a transaction via an SPL Memo instruction. The format is:
protocol:identity:reference:signature
This message helps in associating the transaction with an Action Provider. It's crucial to ensure that each reference value is unique and used only once across all transactions to maintain the integrity of the attribution process.
The verification of transactions associated with an Action Provider involves several steps:
getSignaturesForAddress
RPC method. This method returns all Memo data associated with the transactions, including multiple Memo instructions if present.This verification process is necessary because the identity is not required to sign the transaction, which means that any transaction could potentially include the identity as a non-signer, leading to inflated attribution and usage counts.
Even in the world of permissionless protocols, safety is paramount. That’s where the Blinks Inspector tool comes into play. It allows developers to inspect, debug, and test their Blinks and Actions directly in their browser. Think of it as a stethoscope for your blockchain interactions, letting you listen to the heartbeat of your API requests and responses.
And if you're worried about security, Dialect's Actions Registry is here to help. This public registry lists verified Actions, adding an extra layer of trust. It’s like having a bouncer at a club, ensuring only the right people (or in this case, Actions) get in.
Join 1400+ leaders who secured themselves from losing Billion Dollars.
Solana Actions and Blinks are not just about making transactions easier; they're about bringing Web3 to the masses. By simplifying the interaction process, these tools are paving the way for broader adoption of blockchain technology.
Before deploying any smart contract on Solana's mainnet, make sure to audit your code. Smart contract audits are essential for identifying potential vulnerabilities and ensuring the security of your application.
So whether you're a developer looking to integrate blockchain functionality into your app or a user wanting a smoother experience, Solana Actions and Blinks are here to save the day.
Just like Batman and Robin, they're making the world a better place, one transaction at a time.