# Wallet API

#### Integration Overview

A key component of integrating with the Bet Brothers' platform is the `WALLET_ENDPOINT`. At the outset, the Operator must provide this endpoint, which acts as the crucial link between their system and Bet Brothers. This connection enables the efficient transfer of wallet-related data, such as balance and transaction details, ensuring a seamless gaming experience for players. Additional steps may vary based on specific requirements.

#### Game Round Communication

During game rounds, the Operator and Bet Brothers communicate through an API, employing a <mark style="color:blue;">REST</mark> interface for smooth gameplay. Data is exchanged via <mark style="color:blue;">POST</mark> requests formatted in <mark style="color:blue;">JSON</mark>. Each API call includes necessary parameters in the request body to specify the intended action.

***

### Request Signing with HMAC-SHA256

To ensure the integrity and authenticity of each API request, we use a request signing mechanism. This involves calculating a request signature using the HMAC-SHA256 algorithm. The request body is used as the message, and a platform-provided password serves as the key.

Here's a PHP example demonstrating how to generate and include the request signature:

1. **Generate the Signature:** Use HMAC-SHA256 to calculate the signature using the request body and the password.
2. **Include the Signature:** Add the generated signature to the `"X-REQUEST-SIGN"` header of the HTTP request.

This process helps secure the communication by verifying the source and ensuring the data hasn't been tampered with.

Here's a PHP example demonstrating how to calculate and include the request signature:

```php
   $data = '{
          "player_id": 6,
          "reference": "Monkey",
          "currency_code": "EUR",
          "action": "balance",
          "is_mobile": false,
          "session_token": "session_token_here"
        }';

    $password = 'password';

    $hash = hash_hmac('sha256', $data, $password);

    Http::withHeaders([
        'Content-Type'   => 'application/json',
        'X-REQUEST-SIGN' => $hash,
    ])->post($uri, $data;
```

***

`$data` refers to the <mark style="color:blue;">JSON</mark> payload of the API request.\
`$password` is the secret key provided by the platform.\
`$hash` is the HMAC-SHA256 signature of the request, calculated using the `hash_hmac` function with SHA-256. The request body (`$data`) serves as the message, and the secret key (`$password`) acts as the key.

\
The generated signature is included in the `"X-REQUEST-SIGN"` header of the HTTP request.\
This method ensures each API request is securely signed and can be verified on the server side to confirm its authenticity


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://the-bet-brothers.gitbook.io/doc/wallet-api.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.