Post

Stellar TOML

By XDBChain 10 min read

Introduction

The stellar.toml file is used to provide a common place where the Internet can find information about your domain’s XDBChain integration. Any website can publish XDBChain network information. You can announce your validation key, your federation server, peers you are running, your quorum set, if you are a anchor, etc.

The stellar.toml file is a text file in the TOML format.

Completing your stellar.toml

The first Stellar Ecosystem Proposal (SEP) is SEP-0001: Stellar Info File and specifies everything you would ever need to include in your Stellar info file. This section will walk through the sections of SEP-0001 that relate to asset issuers. Use this section in conjunction with the SEP to ensure you complete your stellar.toml correctly.

The four sections we’ll cover are:

  1. General Information
  2. Organization Documentation
  3. Point of Contact Documentation
  4. Currency Documentation

Note: it’s a good idea to keep the sections in the order presented in SEP-0001: Stellar Info File, which is also the order they’re presented here. TOML requires arrays to be at the end, so if you scramble the order, you may cause errors for TOML parsers.

1. General Information

Required field for all asset issuers:

  • ACCOUNTS: A list of public keys for all the Stellar accounts associated with your asset.

Listing your public keys lets users confirm that you own them. For example, when https://google.com hosts a stellar.toml file, users can be sure that only the accounts listed on it belong to Google. If someone then says, “You need to pay your Google bill this month, send payment to address GIAMGOOGLEIPROMISE”, but that key is not listed on Google’s stellar.toml, then users know not to trust it.

There are several fields where you list information about your Stellar integration to aid in discoverability. If you are an anchor service, and you have set up infrastructure to interoperate with wallets and allow for in-app deposit and withdrawal of assets, make sure to include the locations of your servers on your stellar.toml file so those wallets know where to find relevant endpoints to query. In particular, list these:

Suggested fields for asset issuers:

If you support other Stellar Ecosystem Proposals — such as federation or delegated signing — or host a public Horizon instance that other people can use to query the ledger, you should also add the location of those resources to General Information so they’re discoverable.

2. Organization Documentation

Basic information about your organization goes into a TOML table called [DOCUMENTATION]. Organization Documentation is your chance to inform exchanges and buyers about your business and to demonstrate that your business is legitimate and trustworthy.

Required field for all asset issuers:

  • ORG_NAME The legal name of your organization, and if your business has one, its official ORG_DBA.
  • ORG_URL The HTTPS URL of your organization’s official website. In order to prove the website is yours, you must host your stellar.toml on the same domain you list here. That way, exchanges and buyers can view the SSL certificate on your website and feel reasonably confident that you are who you say you are.
  • ORG_LOGO A URL to a company logo, which will show up next to your organization on exchanges. This image should be a square aspect ratio transparent PNG, ideally of size 128x128. If you fail to provide a logo, the icon next to your organization will appear blank on many exchanges.
  • ORG_PHYSICAL_ADDRESS The physical address of your organization. We understand you might want to keep your work address private. At the very least, you should put the city and country in which you operate. A street address is ideal and provides a higher level of trust and transparency to your potential asset holders.
  • ORG_OFFICIAL_EMAIL The best business email address for your organization. This should be hosted at the same domain as your official website.
  • ORG_SUPPORT_EMAIL The best email for support requests.

Suggested fields for asset issuers:

  • ORG_GITHUB Your organization’s official Github account.
  • ORG_KEYBASE Your organization’s official Keybase account. Your Keybase account should contain proof of ownership of any public online accounts you list here, including your organization’s domain.
  • ORG_TWITTER Your organization’s official Twitter handle.
  • ORG_DESCRIPTION A description of your organization. This is fairly open-ended, and you can write as much as you want. It’s a great place to distinguish yourself by describing what it is that you do.

Issuers that list verified information including phone/address attestations and Keybase verifications are prioritized by Stellar clients.

3. Point of Contact Documentation

Information about the primary point(s) of contact for your organization goes into a TOML array of tables called [[PRINCIPALS]]. You need to put contact information for at least one person in your organization. If you don’t, exchanges can’t verify your offering, and it is unlikely that buyers will be interested. Multiple principals can be added with additional [[PRINCIPALS]] entries.

Required field for all asset issuers:

  • name The name of the primary contact.
  • email The primary contact’s official email address. This should be hosted at the same domain as your organization’s official website.

Suggested fields for asset issuers:

  • github The personal Github account of the point of contact.
  • twitter The personal Twitter handle of the point of contact.
  • keybase The personal Keybase account for the point of contact. This account should contain proof of ownership of any public online accounts listed here and may contain proof of ownership of your organization’s domain.

4. Currency Documentation

Information about the asset(s) you issue goes into a TOML array of tables called [[CURRENCIES]]. If you issue multiple assets, you can include them all in one stellar.toml. Each asset should have its own [[CURRENCIES]] entry.

(These entries are also used for assets you support but don’t issue, but as this section focuses on issuing assets the language will reflect that.)

Required field for all asset issuers:

  • code The asset code. This is one of two key pieces of information that identify your token. Without it, your token cannot be listed anywhere.
  • issuer The Stellar public key of the issuing account. This is the second key piece of information that identifies your token. Without it, your token cannot be listed anywhere.
  • is_asset_anchored An indication of whether your token is anchored or native: true if your token can be redeemed for an asset outside the Stellar network, false if it can’t. Exchanges use this information to sort tokens by type in listings. If you fail to provide it, your token is unlikely to show up in filtered market views.

If you’re issuing anchored (tethered, stablecoin, asset-backed) tokens, there are several additional required fields:

  • anchor_asset_type The type of asset your token represents. The possible categories are fiat, crypto, stock, bond, commodity, realestate, and other.
  • anchor_asset The name of the asset that serves as the anchor for your token.
  • redemption_instructions Instructions to redeem your token for the underlying asset.
  • attestation_of_reserve A URL to attestation or other proof, evidence, or verification of reserves, such as third-party audits, which all issuers of stablecoins should offer to adhere to best practices.

Suggested fields for asset issuers:

  • desc A description of your token and what it represents. This is a good place to clarify what your token does and why someone might want to own it.
  • conditions Any conditions you place on the redemption of your token.
  • image A URL to a PNG or GIF image with a transparent background representing your token. Without it, your token will appear blank on many exchanges.

How to publish your Stellar info file

After you’ve followed the steps above to complete your Stellar info file, post it at the following location: https://YOUR_DOMAIN/.well-known/stellar.toml

Enable CORS so people can access this file from other sites, and set the following header for an HTTP response for a /.well-known/stellar.toml file request.

Access-Control-Allow-Origin: *

Set a text/plain content type so that browsers render the contents rather than prompting for a download.

content-type: text/plain

You should also use the set_options operation to set the home domain on your issuing account.

Configure stellar.toml for nginx:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

server {

        server_name my.example.com;
        root /var/www/my.example.com;

        location = /.well-known/stellar.toml {
                types { } default_type "text/plain; charset=utf-8";
                allow all;
                if ($request_method = 'OPTIONS') {
                        add_header 'Access-Control-Allow-Origin' '*';
                        add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
                        add_header 'Content-Length' 0;
                        return 204;
                }
                if ($request_method = 'GET') {
                        add_header 'Access-Control-Allow-Origin' '*';
                        add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
                        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
                }
        }

    // CertBot SSL configuration
    // ...
}

Testing CORS

  1. Run a curl command in your terminal similar to the following (replace xdbchain.com with the hosting location of your stellar.toml file):
1

  curl --head https://xdbchain.com/.well-known/stellar.toml
  1. Verify the Access-Control-Allow-Origin header is present as shown below.
1
2
3
4
5
6

  curl --head https://xdbchain.com.io/.well-known/stellar.toml
  HTTP/1.1 200 OK
  Accept-Ranges: bytes
  Access-Control-Allow-Origin: *
  Content-length: 482
  ...
  1. Also run the command on a page that should not have it and verify the Access-Control-Allow-Origin header is missing.

stellar.toml example

This file is UTF-8 with Dos-, UNIX-, or Mac-style end of lines. Blank lines and lines beginning with ‘#’ are ignored. Undefined sections are reserved. All sections are optional. Many of these sections reflect what would be listed in your stellar-core.cfg

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

# Sample stellar.toml

NETWORK_PASSPHRASE="Public Global Stellar Network ; September 2015"
FEDERATION_SERVER="https://api.domain.com/federation"
AUTH_SERVER="https://api.domain.com/auth"
TRANSFER_SERVER="https://api.domain.com"
SIGNING_KEY="GBBHQ7H4V6RRORKYLHTCAWP6MOHNORRFJSDPXDFYDGJB2LPZUFPXUEW3"
HORIZON_URL="https://horizon.domain.com"
ACCOUNTS=[
"GD5DJQDDBKGAYNEAXU562HYGOOSYAEOO6AS53PZXBOZGCP5M2OPGMZV3",
"GAENZLGHJGJRCMX5VCHOLHQXU3EMCU5XWDNU4BGGJFNLI2EL354IVBK7",
"GAOO3LWBC4XF6VWRP5ESJ6IBHAISVJMSBTALHOQM2EZG7Q477UWA6L7U"
]
VERSION="2.0.0"

[DOCUMENTATION]
ORG_NAME="Organization Name"
ORG_DBA="Organization DBA"
ORG_URL="https://www.domain.com"
ORG_LOGO="https://www.domain.com/awesomelogo.png"
ORG_DESCRIPTION="Description of issuer"
ORG_PHYSICAL_ADDRESS="123 Sesame Street, New York, NY 12345, United States"
ORG_PHYSICAL_ADDRESS_ATTESTATION="https://www.domain.com/address_attestation.jpg"
ORG_PHONE_NUMBER="1 (123)-456-7890"
ORG_PHONE_NUMBER_ATTESTATION="https://www.domain.com/phone_attestation.jpg"
ORG_KEYBASE="accountname"
ORG_TWITTER="orgtweet"
ORG_GITHUB="orgcode"
ORG_OFFICIAL_EMAIL="support@domain.com"

[[PRINCIPALS]]
name="Jane Jedidiah Johnson"
email="jane@domain.com"
keybase="crypto_jane"
twitter="crypto_jane"
github="crypto_jane"
id_photo_hash="be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09"
verification_photo_hash="016ba8c4cfde65af99cb5fa8b8a37e2eb73f481b3ae34991666df2e04feb6c038666ebd1ec2b6f623967756033c702dde5f423f7d47ab6ed1827ff53783731f7"

[[CURRENCIES]]
code="USD"
issuer="GCZJM35NKGVK47BB4SPBDV25477PZYIYPVVG453LPYFNXLS3FGHDXOCM"
display_decimals=2

[[CURRENCIES]]
code="BTC"
issuer="GAOO3LWBC4XF6VWRP5ESJ6IBHAISVJMSBTALHOQM2EZG7Q477UWA6L7U"
display_decimals=7
anchor_asset_type="crypto"
anchor_asset="BTC"
redemption_instructions="Use SEP6 with our federation server"
collateral_addresses=["2C1mCx3ukix1KfegAY5zgQJV7sanAciZpv"]
collateral_address_signatures=["304502206e21798a42fae0e854281abd38bacd1aeed3ee3738d9e1446618c4571d10"]

# asset with meta info
[[CURRENCIES]]
code="GOAT"
issuer="GD5T6IPRNCKFOHQWT264YPKOZAWUMMZOLZBJ6BNQMUGPWGRLBK3U7ZNP"
display_decimals=2
name="goat share"
desc="1 GOAT token entitles you to a share of revenue from Elkins Goat Farm."
conditions="There will only ever be 10,000 GOAT tokens in existence. We will distribute the revenue share annually on Jan. 15th"
image="https://static.thenounproject.com/png/2292360-200.png"
fixed_number=10000

# optional extra information for humans
# Useful place for anchors to detail various policies and required info

###################################
# Required compliance fields:
#      name=<recipient name>
#      addr=<recipient address>
# Federation Format:  
#        <phone number>*anchor.com
#        Forwarding supported by sending to: forward*anchor.com
#           forward_type=bank_account
#           swift=<swift code of receiving bank>
#           acct=<recipient account number at receiving bank>
# Minimum Amount Forward: $2 USD
# Maximum Amount Forward: $10000 USD
Concepts
This post is licensed under CC BY 4.0 by the author.