You need to add a
stellar.toml on your website at
https://yourdomain.com/.well-known/stellar.toml. This must be served on a valid SSL certificate or Stellar will not accept it. If you do not have HTTPS enabled on your website, we invite you to look at solutions from LetsEncrypt.
You must also be able to serve this file with CORS headers or some browser based tools and wallets might not be able to translate your address to a Stellar public key.
Stellar.sui.li provides a good Stellar TOML checker to help you verify the validity of your file.
The address is composed of two parts:
usernamecan be composed of any UTF-8 character apart from spaces and <*,> which lets you have email addresses for username like
email@example.com*stellar.orgas a valid address.
domainmust be a valid RFC 1035 domain name that you control. It can be a subdomain so that
bob*stellar.rocks.comis valid as long as you put the
The Stellar federation protocol lets federation responses define a target account id (public key) but also a memo for an address. When a memo is defined for
bob*yourdomain.com, the client/wallet must add that memo to any transaction it sends to that address. The receiver will be able to see that reference in the received transaction and act on it (see a good explanation on Lumenauts.com).
There are three types of memos you can set on your address:
We also implemented the federation standard with a little hack also used in emails: if you've registered
jack*yourdomain.com on StellarID.io without a specific memo, you can send a transaction to
jack+beer_money*yourdomain.com and we'll dynamically add
beer_money as the memo for that address.
You can test this on our Federation Tester page. We'll let you think of all the possibilities for your business.
The Stellar Federation protocol defines a few types of federation queries, c.f. SEP-2. However StellarID.io only implements two of them:
type=nameis the standard federation where the client looks for the account id corresponding to an address such as
type=idis a reverse federation request where the client looks for the address corresponding to an account id such as
GDSRO6H2YM6MC6ZO7KORPJXSTUMBMT3E7MZ66CFVNMUAULFG6G2OP32I. This only works if the account has a home domain registered and there is only one address pointing to it (federation queries can only reply with a single matching address/account).
Yes, using StellarID.io to point
bob*yourdomain.com to your Stellar account does not tie this account to our service. You can have
jack*yourdomain.com point to the same account or use another service like FedCloud.info to point
bob*fedcloud.info still to the same account.
You cannot however have two different federation servers serve the same domain name.
We do not hold the secret key to your Stellar account (actually, we've made it impossible for you to even input it by mistake) so we cannot touch your funds. Please keep your secret key safe and never communicate it to anyone. We will never ask you for it.
Your Stellar account ownership stays private. Some other federation services require you to send a transaction with the requested address as the memo which makes these addresses publicly visible on the ledger. With StellarID.io your addresses stay private.
Funds sent to your federated address do not transit through our accounts. All we do is provide a translation from
bob*yourdomain.com to a Stellar public you've setup. We do not track or authorize transactions made to your address. The Stellar transaction protocol works only on public keys, when a transaction is sent to a federated address the client/wallet translates the address before building the transaction.
While using our service or any other federation services, you do reliquinsh control of the federated address. So an evil service (I assure you we are not evil though ♥) or a hacker taking control of our servers could potentially re-route the addresses to another Stellar account and receive the funds sent to
bob*yourdomain.com. If you do a transaction for a large amount (for example offloading from an exchange), I recommend you send funds directly to your public key.
We do strive to keep the service as secure as possible: using only the best providers, activating two-factor authentication wherever possible and monitoring service health to catch any issues without delay.
StellarID.io is completetely free for the moment until we are feature complete. The only missing functionality as of now is an API to allow users to programmatically manage their addresses.
Once completed, we plan on implementing a subscription service while keeping a generous free tier with a limited number of addresses/domains.
Just removing the
stellar.toml file from your website or changing the federation server address inside the file will deactivate StellarID.io services. You can then remove your domains and addresses from your account and are free to use another service or setup your own federation server.