# device SDK

## Introduction

\
The Device SDK is designed to prevent cheating from non-BitBoy devices. When used in conjunction with backend device verification services, it can verify whether the source is a legitimate BitBoy device, thereby ensuring a trusted dApp running environment and maintaining the security of the ecosystem.

## Main Features

* **Device SDK signs device information**
* **Device Verify validates signatures**

## Main Steps

<figure><img src="/files/ZKOwisglfHCUsyPRMf1J" alt=""><figcaption><p>Process diagram for dAPP to verify that a device request is trusted</p></figcaption></figure>

### Step Description

1. When a dApp needs to verify if the device is a genuine BitBoy device (such as preventing requests from virtual machines or maliciously forged requests from non-BitBoy terminals), call the integrated device SDK in the dApp to obtain device signature and other information;
2. When sending requests, the dApp can include the device signature information obtained in step 1 and send it to the business backend server (maintained by developers);
3. The business backend server constructs specific requests and calls the BitBoy Device Verification Service API to obtain verification results.

{% hint style="danger" %}
These steps are only necessary when device identity verification is required (to avoid resource waste and occupation, the BitBoy Device Verification Service has call limitations and should not be called arbitrarily. It is recommended to **use it only during necessary business processes**).
{% endhint %}

## Detailed Instructions&#x20;

### Usage Guide

1. **Apply and obtain app\_key from the** [**BitBoy Developer Application Management Console**](/bitboy-os-development-guide/getting-started/introduction/developer-console.md)**.**
2. **Initialize SDK**&#x20;

Before using the SDK, you need to obtain an APP\_KEY from the Developer Console. This is your application's unique identifier.

```java
//sample code
BitboySDK sdk = new BitboySDK(context, "YOUR_APP_KEY");
```

3. **Generate Signature**&#x20;

When signature operation is needed, call the SDK's signing method:

```java
//sample code
String signature = sdk.signMessage();
```

This method will return a signature string containing all necessary information.

{% hint style="info" %}
Signatures cannot be reused. A new signature must be generated each time verification is required.
{% endhint %}

4. **Sending Signature to Verification Server**&#x20;

When sending requests to the BitBoy server, add the signature to the request header:

```java
// sample code
HttpURLConnection connection = (HttpURLConnection) url.openConnection(); 
connection.setRequestProperty("message", signature); 
connection.setRequestProperty("sign", sdk.getSignature());
```

{% hint style="success" %}
Please refer to [the code example of Device SDK integration using React Native ](/bitboy-os-development-guide/sdks/device-sdk/example-react-native-integration-with-device-sdk.md)as an example
{% endhint %}

## Important Notes

* Please keep your **APP\_KEY** secure and do not expose it or hard-code it in your application.
* The signature verification service has usage limits and doesn't need to be called every time. **Avoid frequent calls** - it's recommended to use it only when necessary or cache results for a certain period.
* The signature result includes timestamp information to prevent replay attacks. **Please ensure to use the generated signature promptly.**

## Error Handling

The SDK may throw the following exceptions:

* **InvalidAppKeyException:** Thrown when the provided app\_key is invalid.
* **SignatureFailedException:** Thrown when the signature process fails.\
  Please ensure proper handling of these exceptions when using the SDK.

## Support

If you encounter any issues while using the SDK, please contact the BitBoy Developer Support Team.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bitboy-1.gitbook.io/bitboy-os-development-guide/sdks/device-sdk.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.