1 inch integration

Hi, I trying to integrate 1inch, first step is for me to ask user to approve token spend, but when i use 1inch api it gives permission to spend token to my website, not to 1inch exchange:

Message in Metamask:

Allow Http://localhost:1234 to spend your PPAY? Do you trust this site? By granting this permission, you’re allowing Http://localhost:1234 to withdraw your PPAY and automate transactions for you.

1inch dex require that they get permission right?:

I get their address with:

        let url1 = "https://api.1inch.exchange/v3.0/1/approve/spender";
        let url2 = "https://api.1inch.exchange/v3.0/1/tokens";

        console.log(url1);

        const address_spender = await fetch(url1)`enter code here`
        .then( res => res.json() )
        .then( data => {
            console.log(data);
            return data 
        });
where address_spender is their address

I get then api call to approve/calldata:

let url3 = "https://api.1inch.exchange/v3.0/1/approve/calldata?amount="+amount+"&tokenAddress="+selected_coin;
        console.log("URL3 before tp");
        console.log(url3);
        const transactionParameters = await fetch(url3)
        .then( res => res.json() )
        .then( data1 => {
            console.log("url3 ");
            console.log(data1);
            const transactionParameters = {

                to: data1['to'], // Required except during contract publications.
                from: user_address[0], // must match user's active address.
                
                value: "0", 
                data: data1['data']
                 
            };
            return transactionParameters
        });
        try {
            const txHash = await ethereum.request({
            method: 'eth_sendTransaction',
            params: [transactionParameters],
            });
            let data = txHash.data;

        } catch (error) {
            if (error.code === 4001) {
                alert("User denied transaction signature.")
            } else {
                alert(error)
            }
        }
and send tx via metamask, but only my website get permission. So do you have any suggestions?

Thanks!

Yes, when you trade on Uniswap or 1inch you need to give them permission to withdraw funds from your wallet as that’s what happens when you trade.

You should only do this with contracts you trust.

Yeah Bro, but the trick is how to get approval from MM user who is logged on my website to approve tokens spend and give permission not for me (or my website) but for 1inch to be ready for swapping on my website using 1inch API. As in API docs 1inch claims that spender is their erc20 address which is :
0x11111112542d85b3ef69ae05771c2dccff4faa26 (address_spender in code gets it from 1inch API)

Thx!
Mario

found contract method approve(spender, amount) and i send it from my address ( or user who is logged on my website via metamask sign tx on his/her wallet, and after tx is mined, contract for specific token knows that the user = sender of the tx gave approval to spender to take amount of token from user balance. So i need to find a way in js to send approval tx like:
tx = approve(spender,amount);
signTx(tx);
confirmed_mined = await(tx_mined)
plus store info of approval in user.set(“approved_tokens”)

The best way is to ask 1inch team as this is more their field

I haven’t tried this but seems like you can get approval tx I’m 1inch api and just ask web3 to execute it https://docs.1inch.io/api/approve

And when you’ve broadcasted that approve tx you can monitor when it’s done using web3 like this https://ethereum.stackexchange.com/questions/67232/how-to-wait-until-transaction-is-confirmed-web3-js/67234

And then save to DB which tokens user approved when approve tx is confirmed

I think you should have enough info to solve this problem

Let me know how it goes

I tried to contact them but they don’t respond

This is exactly what I did, and afterwards my website (localhost) receive permission to spend tokens on behalf of user

It’s not your website it’s 1inch smart contract, websites are not a thing onchain even if it says “local host” it’s their smart contract, your site is asking the user to sign that approval so that’s why it says “localhost”

This is exactly what i’m trying Ivan to confirm If there is any contact to 1inch team please let me know

Try signing the tx and see what happens on chain you will see that their contract got approval to spend your funds

I checked in Ganache, that DAI appeared in MM and with tx of approval, data is:

0x095ea7b300000000000000000000000011111112542d85b3ef69ae05771c2dccff4faa260000000000000000000000000000000000000000000000000de0b6b3a7640000

SENDER ADDRESS

0x8F391CcA6fE6bABF9336527E0e43a10012997389

TO CONTRACT ADDRESS

0x8b0E42F366bA502d787BB134478aDfAE966C8798 LABS

so in data there is 1inch v3 address 0x11111112542d85b3ef69ae05771c2dccff4faa26 so it should work, just sending it on mainnet would be real approval, thx v much for help and time

And this is for DAI:

SENDER ADDRESS

0x8F391CcA6fE6bABF9336527E0e43a10012997389

TO CONTRACT ADDRESS

0x6B175474E89094C44Da98b954EedeAC495271d0F

CONTRACT CALL

VALUE

0.00 ETH

GAS USED

21656

GAS PRICE

20000000000

GAS LIMIT

32484

MINED IN BLOCK

58

TX DATA

0x095ea7b300000000000000000000000011111112542d85b3ef69ae05771c2dccff4faa2600000000000000000000000000000000000000000000010f0cf064dd59200000

exactly same spender 1inch v3 address

peerfect! glad it worked out

can u help me check if my data for swapping tx which im getting from 1inch is longer than this one from 1inch when i use their site directly, is it ok?

mine data received from 1inch API:
“0x7c025200000000000000000000000000fd3dfb524b2da40c8a6d703c62be36b5d854062600000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000180000000000000000000000000eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee000000000000000000000000054d64b73d3d8a21af3d764efd76bcaa774f3bb2000000000000000000000000fd3dfb524b2da40c8a6d703c62be36b5d8540626000000000000000000000000c341072fab049c0c7eb7db294ef2cd52fd52ae2f00000000000000000000000000000000000000000000000000038d7ea4c680000000000000000000000000000000000000000000000000015958fb4c29e9c622000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000001a00000000000000000000000000000000000000000000000000000000000000260000000000000000000000000000000000000000000000000000000000000036000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000064d1660f99000000000000000000000000eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009184e72a00000000000000000000000000000000000000000000000000000000000000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000384665653e00000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000004d0e30db000000000000000000000000000000000000000000000000000000000000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000044a9059cbb0000000000000000000000006e8abba440a58421f5eec9892b19c1a72c55c992000000000000000000000000000000000000000000000000000384665653e00000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000a4b757fed60000000000000000000000006e8abba440a58421f5eec9892b19c1a72c55c992000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc2000000000000000000000000054d64b73d3d8a21af3d764efd76bcaa774f3bb20000000000000000002dc6c0c341072fab049c0c7eb7db294ef2cd52fd52ae2f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000”

theirs on 1inch site:
0x2e95b6c8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000038d7ea4c680000000000000000000000000000000000000000000000000015cd5fd6adbb61dce0000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000180000000000000003b6d03406e8abba440a58421f5eec9892b19c1a72c55c992

can u help me Ivan get help from 1inch? As u see theirs data is way shorter and in mine there are some repetitions but addresses are the same in hex code

Hey this is too much out of scope for us, we can help with Moralis but can’t dive deep and debug what third party APIs do

I understand, but maybe you have some connections with 1inch?

Unfortunately we don’t have anyone from their team that can check this atm - have you tried writing in their community chat?

yeah, no answer, pretty dead forum