New PaySwarm Alpha Launched for Developers

In May of last year, we launched the first public PaySwarm system for developers. The system implemented the open standards-based, patent-and-royalty free, PaySwarm specifications that enable developers to perform Web Payments. We have learned quite a bit from that deployment, which resulted in core changes to the specification and developer website. Today, we are pleased to announce a new PaySwarm Alpha for developers. This is a public sandbox — a developer test ground — that implements some of the newest PaySwarm REST API features.

The OAuth Change

The biggest change was replacing the authentication mechanism that we were using for PaySwarm. We had implemented the system last year using the OAuth protocol only to find out that it made things more complicated than they need to be for the use cases that we were trying to cover. Some developers have asked why OAuth didn’t work for PaySwarm when it works for large sites like Facebook and Twitter. The core of the issue has to do with the scope of PaySwarm. Typically, developers that implement OAuth only need to perform secure API authorization. PaySwarm needs to perform secure API authorization as well as digital signatures on messages and data. The fundamental lesson that we learned last year was that if you need to support digital signatures, then you basically have a secure API authorization mechanism, and thus adding OAuth unnecessarily complicates the overall system.

The biggest problem we faced was that there was no digital-signature based API authorization standard for the Web. In fact, no standards-based Public Key Infrastructure system for the Web exists… so we created one called Web Keys. The Web Keys specification is still very much in the development phase, but the release today demonstrates that building such a system is feasible. Keep in mind that this mechanism is not a replacement for Transport Layer Security, which is used for most secure communication on the Web today, but is intended to be used along-side it in many cases.

As anticipated, the switch to Web Keys made the entire system simpler. There was a reduction in complexity for the WordPress PaySwarm plugin as well as the PaySwarm Authority software.

The Front-end Change

The entire website front-end has been rewritten with responsive design in mind so that it works on mobile devices, tablets and desktop computers. We are depending on jquery, bootstrap, and the Monarch templating engine to generate the pages for the website. We are currently using a combination of HTML5, CSS3, JavaScript, RDFa and JSON-LD for the markup languages. There are still a few layout bugs that need to be fixed, this is an alpha launch after all, but we’re fairly happy with the new direction of the front end technologies. This release will eventually culminate in a commercial release of the PaySwarm system, so expect many of the technologies in use today to be used in the commercial release.

Trying It Out

Give the new PaySwarm Alpha a spin and tell us what you think about it. Once you get an account, try the WordPress PaySwarm demo. If you had an account from before, your login information hasn’t changed and you can still use the same profile and password that you did back then. We automatically deposit $10 (sorry, it’s fake money for now) into your account so that you don’t have to go through the deposit process before trying out the demo.

We will be discussing the next steps on the Web Payments mailing list, so if you would like to keep up to date with what is going on with PaySwarm, you might want to join the list.


We're not around right now. But you can send us an email and we'll get back to you, asap.


© 2022 Digital Bazaar, Inc. All rights reserved.

Log in with your credentials

Forgot your details?