The in-app wallet enables users to sign transactions or information to prove that they are the source of these actions. These signatures are verified by the smart contract Deposit Pool before any deposit, withdrawal, or in-app purchase. The sequence diagram below illustrates the general flow of an action that requires a signature.
In the diagram, the process begins in the app where a payload is created and signed by the user. This signed payload is then sent to the backend, where it checks the payload and the user's signature. If valid, the backend makes a transaction using the payload and user signature, which is then sent to the smart contract. The smart contract verifies the user’s signature once more before executing the payload. This ensures that all actions are securely authenticated and authorized, maintaining the integrity of the user's transactions and data within the application.