reown-com
diff --git a/‎.cspell.json‎
Lines changed: 1 addition & 1 deletion b/‎.cspell.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎advanced/multichain/rpc-reference/bitcoin-rpc.mdx‎
Lines changed: 4 additions & 0 deletions b/‎advanced/multichain/rpc-reference/bitcoin-rpc.mdx‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎advanced/multichain/rpc-reference/sui-rpc.mdx‎
Lines changed: 3 additions & 5 deletions b/‎advanced/multichain/rpc-reference/sui-rpc.mdx‎
Lines changed: 3 additions & 5 deletions
diff --git a/‎advanced/multichain/rpc-reference/tron-rpc.mdx‎
Lines changed: 155 additions & 57 deletions b/‎advanced/multichain/rpc-reference/tron-rpc.mdx‎
Lines changed: 155 additions & 57 deletions
diff --git a/‎advanced/security/content-security-policy.mdx‎
Lines changed: 8 additions & 1 deletion b/‎advanced/security/content-security-policy.mdx‎
Lines changed: 8 additions & 1 deletion
@@ -39,7 +39,7 @@
       "nosocial", "bitget", "leather", "binance", "uniswap", "safepal", "bybit", "phantom", "ledger", "timeless-x", "safe", "zerion", "oneinch", "crypto-com", "imtoken", "kraken", "ronin", "robinhood", "exodus", "argent", "tokenpocket", "Contractaddress", 
       "executionreverted", "FATF", "VASP", "LLMSTXT", "Frontmatter", "CASP", "DKMS", "hydradx", "phala", "astar", "mangata", "polkadotjs", "Dogecoin", "Blockbook", "vuejs", "xsmall", "rgba", "mintlify", "filteredwallets",
       "tnum","minmax","toolkits", "autoplay", "Litoshi", "Litoshis", "encryptor's", "Everscale", "Bitcore", "satoshis", "Parachain", "Bitcore", "walletlist", "Userflow", "retryable", "USDS", "Arbitrum", "Wolfswap", "Halborn", "Pentest", "Spearbit", "valtio",
-      "reshare", "microstacks", "Prebuild", "APKT", "offchain", "Bitgpt", "Restaking", "Synthetix", "lamports", "mmkv", "Windscribe", "nanotons", "nanoton"
+      "reshare", "microstacks", "Prebuild", "APKT", "offchain", "tabnabbing", "Bitgpt", "Restaking", "Synthetix", "lamports", "mmkv", "Windscribe", "Dappkit", "nanotons", "nanoton"
     ]
   }
 
@@ -181,6 +181,10 @@ Assuming the dapp monitors all returned addresses for balance changes, a new req
 
 The example below specifies a response from a static wallet. The returned address is used for both change and payments. It's the only address with UTXOs.
 
+<Note>
+  Hardware wallets utilizing `bip32` are also supported. 
+</Note>
+
 ```javascript
 // Request
 {
 
@@ -5,10 +5,6 @@ description: Sui JSON-RPC Methods
 
 These are the methods that wallets should implement to handle Sui transactions and messages via WalletConnect.
 
-<Note type="warning">
-**Please note:** The SUI RPC standard is still under review and specifications may change. Implementation details and method signatures are subject to updates.
-</Note>
-
 ## sui_getAccounts
 
 This method returns an Array of public keys and addresses available to sign from the wallet.
@@ -47,7 +43,9 @@ This method returns an Array of public keys and addresses available to sign from
 ### Session Properties
 In a connection request, it is recommended to serialize the response to `getAccounts` in `session.sessionProperties.sui_getAccounts`. This allows dapps to consume an active session without requiring a context switch to re-request all addresses and associated public keys from the wallet.
 
-
+:::warning
+This method is **required** for all wallets to implement in order to connect to applications using Sui Dappkit. Wallets that do not implement `sui_getAccounts` will not be able to establish connections with dapps using the Sui Dappkit SDK.
+:::
 
 ## sui_signTransaction
 
 
@@ -5,65 +5,81 @@ description: Tron JSON-RPC Methods
 
 These are the methods that wallets should implement to handle Tron transactions and messages via WalletConnect.
 
-<Note type="warning">
-**Please note:** The TRON RPC standard is still under review and specifications may change. Implementation details and method signatures are subject to updates.
-</Note>
+## Session Properties
+
+To enable the new simplified transaction structure, wallets should include `tron_method_version: "v1"` in their `sessionProperties` during the connection handshake:
+
+```json
+{
+  "sessionProperties": {
+    "tron_method_version": "v1"
+  }
+}
+```
+
+When `tron_method_version` is set to `"v1"`, the transaction structure is simplified to remove the nested `transaction.transaction` format. If not set, the legacy nested format is used for backward compatibility.
 
 ### tron_signTransaction
 
 Sign a Tron transaction without executing it.
 
 #### Parameters
 
-1. `transaction` (object) - The transaction to sign:
+- The transaction to sign:
    - `address` (string) - The sender's Tron address
    - `transaction` (object) - The transaction object to sign
 
 #### Returns
 
-`object` - The signed transaction:
-- `txID` (string) - The transaction ID (deterministically derived from raw transaction)
-- `signature` (array) - Array of signature strings
-- `raw_data` (object) - The raw transaction data
-- `raw_data_hex` (string) - The hex-encoded raw transaction data
-- `visible` (boolean) - Whether addresses are in visible format
+- The signed transaction:
+  - `txID` (string) - The transaction ID (deterministically derived from raw transaction)
+  - `signature` (array) - Array of signature strings
+  - `raw_data` (object) - The raw transaction data
+  - `raw_data_hex` (string) - The hex-encoded raw transaction data
+  - `visible` (boolean) - Whether addresses are in visible format
 
-#### Example
+<AccordionGroup>
+  <Accordion title="Legacy Format">
+#### Example (Legacy Format)
 
+- Request with the nested `transaction.transaction` format
 ```javascript
-// Request
 {
   "jsonrpc": "2.0",
   "id": 1,
   "method": "tron_signTransaction",
   "params": {
     "address": "TLyqzVGLV1srkB7dToTAEqgDSfPtXRJZYH",
     "transaction": {
-      "raw_data": {
-        "contract": [
-          {
-            "parameter": {
-              "value": {
-                "data": "095ea7b30000000000000000000000001cb0b7348eded93b8d0816bbeb819fc1d7a51f310000000000000000000000000000000000000000000000000000000000000000",
-                "owner_address": "411cb0b7348eded93b8d0816bbeb819fc1d7a51f31",
-                "contract_address": "41a614f803b6fd780986a42c78ec9c7f77e6ded13c"
+      "transaction": {
+        "raw_data": {
+          "contract": [
+            {
+              "parameter": {
+                "value": {
+                  "data": "095ea7b30000000000000000000000001cb0b7348eded93b8d0816bbeb819fc1d7a51f310000000000000000000000000000000000000000000000000000000000000000",
+                  "owner_address": "411cb0b7348eded93b8d0816bbeb819fc1d7a51f31",
+                  "contract_address": "41a614f803b6fd780986a42c78ec9c7f77e6ded13c"
+                },
+                "type_url": "type.googleapis.com/protocol.TriggerSmartContract"
               },
-              "type_url": "type.googleapis.com/protocol.TriggerSmartContract"
-            },
-            "type": "TriggerSmartContract"
-          }
-        ],
-        "ref_block_bytes": "885b",
-        "ref_block_hash": "baa1c278fd0a309f",
-        "expiration": 1745849082000,
-        "fee_limit": 200000000,
-        "timestamp": 1745849022978
+              "type": "TriggerSmartContract"
+            }
+          ],
+          "ref_block_bytes": "885b",
+          "ref_block_hash": "baa1c278fd0a309f",
+          "expiration": 1745849082000,
+          "fee_limit": 200000000,
+          "timestamp": 1745849022978
+        }
       }
     }
   }
 }
+```
 
-// Response
+- Response:
+```javascript
 {
   "jsonrpc": "2.0",
   "result": {
@@ -97,68 +113,146 @@ Sign a Tron transaction without executing it.
   "id": 1
 }
 ```
+</Accordion>
+</AccordionGroup>
+
+#### Example (New Format with tron_method_version: "v1")
+
+Request with the simplified format:
+```javascript
+{
+  "request": {
+    "method": "tron_signTransaction",
+    "params": {
+      "address": "TKZRPqoV7WLFvjhT4cEyBLv27Rvv1RNWGj",
+      "transaction": {
+        "visible": false,
+        "txID": "539f218871fdd87e94eb03a0dd617107ba722005f37a5ddb82cb65aa4f3b73b0",
+        "raw_data": {
+          "contract": [
+            {
+              "parameter": {
+                "value": {
+                  "data": "095ea7b300000000000000000000000069319ea845b1c35a1f7b0e1429f4f303e8f791330000000000000000000000000000000000000000000000000000000000000000",
+                  "owner_address": "4169319ea845b1c35a1f7b0e1429f4f303e8f79133",
+                  "contract_address": "41eca9bc828a3005b9a3b909f2cc5c2a54794de05f"
+                },
+                "type_url": "type.googleapis.com/protocol.TriggerSmartContract"
+              },
+              "type": "TriggerSmartContract"
+            }
+          ],
+          "ref_block_bytes": "7803",
+          "ref_block_hash": "16138f9255a1db91",
+          "expiration": 1756201572000,
+          "fee_limit": 200000000,
+          "timestamp": 1756201512720
+        },
+        "raw_data_hex": "0a027803220816138f9255a1db9140a0ad95ae8e335aae01081f12a9010a31747970652e676f6f676c65617069732e636f6d2f70726f746f636f6c2e54726967676572536d617274436f6e747261637412740a154169319ea845b1c35a1f7b0e1429f4f303e8f79133121541eca9bc828a3005b9a3b909f2cc5c2a54794de05f2244095ea7b300000000000000000000000069319ea845b1c35a1f7b0e1429f4f303e8f79133000000000000000000000000000000000000000000000000000000000000000007090de91ae8e3390018084af5f"
+      }
+    },
+    "expiryTimestamp": 1756201811
+  },
+  "chainId": "tron:0xcd8690dc"
+}
+```
+
+- Response:
+```javascript
+{
+  "visible": false,
+  "txID": "539f218871fdd87e94eb03a0dd617107ba722005f37a5ddb82cb65aa4f3b73b0",
+  "raw_data": {
+    "contract": [
+      {
+        "parameter": {
+          "value": {
+            "data": "095ea7b300000000000000000000000069319ea845b1c35a1f7b0e1429f4f303e8f791330000000000000000000000000000000000000000000000000000000000000000",
+            "owner_address": "4169319ea845b1c35a1f7b0e1429f4f303e8f79133",
+            "contract_address": "41eca9bc828a3005b9a3b909f2cc5c2a54794de05f"
+          },
+          "type_url": "type.googleapis.com/protocol.TriggerSmartContract"
+        },
+        "type": "TriggerSmartContract"
+      }
+    ],
+    "ref_block_bytes": "7803",
+    "ref_block_hash": "16138f9255a1db91",
+    "expiration": 1756201572000,
+    "fee_limit": 200000000,
+    "timestamp": 1756201512720
+  },
+  "raw_data_hex": "0a027803220816138f9255a1db9140a0ad95ae8e335aae01081f12a9010a31747970652e676f6f676c65617069732e636f6d2f70726f746f636f6c2e54726967676572536d617274436f6e747261637412740a154169319ea845b1c35a1f7b0e1429f4f303e8f79133121541eca9bc828a3005b9a3b909f2cc5c2a54794de05f2244095ea7b300000000000000000000000069319ea845b1c35a1f7b0e1429f4f303e8f79133000000000000000000000000000000000000000000000000000000000000000007090de91ae8e3390018084af5f",
+  "signature": [
+    "1c2dd921c15fd83ca1dec4fd999b801f08c8bb073702f4bfafa4132a6e129421ed6267ec81c7dd2e4ef04ce077b101186ec2cda86d69f9f44255c216398cc9c601"
+  ]
+}
+```
 
 ### tron_signMessage
 
 Sign a personal message.
 
 #### Parameters
 
-1. `message` (object) - The message to sign:
+The message to sign:
    - `message` (string) - The message to sign (plain text)
    - `address` (string) - The account address to sign with
 
 #### Returns
 
-`object` - The signed message:
+The signed message:
 - `signature` (string) - The signature string
 
 #### Example
 
+- Request:
 ```javascript
-// Request
-{
-  "jsonrpc": "2.0",
-  "id": 1,
-  "method": "tron_signMessage",
-  "params": {
-    "message": "This is a message to be signed for TRON",
-    "address": "TLyqzVGLV1srkB7dToTAEqgDSfPtXRJZYH"
-  }
-}
-
-// Response
 {
-  "jsonrpc": "2.0",
-  "result": {
-    "signature": "7e760cef94bc82a7533bc1e8d4ab88508c6e13224cd50cc8da62d3f4d4e19b99514f..."
+  "request": {
+    "method": "tron_signMessage",
+    "params": {
+      "address": "TXUEmLr...",
+      "message": "This is a message to be signed for Tron"
+    },
+    "expiryTimestamp": 1758269816
   },
-  "id": 1
+  "chainId": "tron:0xcd8690dc"
 }
 ```
 
-### tron_sendTransaction
+- dApp result (what client.request(...) resolves to):
+```javascript
+{ "signature": "0x1ec623ee6e4716f5a116d0a2755b158ac05dfbc3e9118cca..." }
+```
+<Note>
+The methods below are not part of the required wallet surface in the Reown official Tron Wallet example. 
+dApps may perform these directly against a Tron node or gateway. Wallets may implement them for convenience, but they’re not required.
+</Note>
+
+### tron_sendTransaction (optional)
 
 Broadcast a signed transaction to the Tron network.
 
 #### Parameters
 
-1. `signedTransaction` (object) - The signed transaction object:
+The signed transaction object:
    - `txID` (string) - The transaction ID
    - `signature` (array) - Array of signature strings
    - `raw_data` (object) - The raw transaction data
    - `raw_data_hex` (string) - The hex-encoded raw transaction data
 
 #### Returns
 
-`object` - The transaction result:
+The transaction result:
 - `result` (boolean) - Whether the transaction was successfully broadcast
 - `txid` (string) - The transaction ID that can be used to look up the transaction
 
 #### Example
 
+- Request:
 ```javascript
-// Request
+
 {
   "jsonrpc": "2.0",
   "id": 1,
@@ -173,8 +267,10 @@ Broadcast a signed transaction to the Tron network.
     }
   }
 }
+```
 
-// Response
+- Response:
+```javascript
 {
   "jsonrpc": "2.0",
   "result": {
@@ -185,7 +281,7 @@ Broadcast a signed transaction to the Tron network.
 }
 ```
 
-### tron_getBalance
+### tron_getBalance (optional)
 
 Get the TRX balance of a Tron address.
 
@@ -200,7 +296,7 @@ Get the TRX balance of a Tron address.
 #### Example
 
 ```javascript
-// Request
+- Request:
 {
   "jsonrpc": "2.0",
   "id": 1,
@@ -209,8 +305,10 @@ Get the TRX balance of a Tron address.
     "address": "TLyqzVGLV1srkB7dToTAEqgDSfPtXRJZYH"
   }
 }
+```
 
-// Response
+- Response:
+```javascript
 {
   "jsonrpc": "2.0",
   "result": 1000000000,
 
@@ -17,9 +17,10 @@ default-src 'self';
 script-src 'self';
 style-src https://fonts.googleapis.com;
 img-src * 'self' data: blob: https://walletconnect.org https://walletconnect.com https://secure.walletconnect.com https://secure.walletconnect.org https://tokens-data.1inch.io https://tokens.1inch.io https://ipfs.io https://cdn.zerion.io;
-font-src 'self' https://fonts.gstatic.com;
+font-src 'self' https://fonts.gstatic.com https://fonts.reown.com;
 connect-src 'self' https://rpc.walletconnect.com https://rpc.walletconnect.org https://relay.walletconnect.com https://relay.walletconnect.org wss://relay.walletconnect.com wss://relay.walletconnect.org https://pulse.walletconnect.com https://pulse.walletconnect.org https://api.web3modal.com https://api.web3modal.org https://keys.walletconnect.com https://keys.walletconnect.org https://notify.walletconnect.com https://notify.walletconnect.org https://echo.walletconnect.com https://echo.walletconnect.org https://push.walletconnect.com https://push.walletconnect.org wss://www.walletlink.org https://cca-lite.coinbase.com;
 frame-src 'self' https://verify.walletconnect.com https://verify.walletconnect.org https://secure.walletconnect.com https://secure.walletconnect.org;
+Cross-Origin-Opener-Policy: same-origin-allow-popups;
 ```
 
 <Note>
@@ -30,6 +31,12 @@ For a full of list of RPC sources used by `wagmi/viem`, please refer to [Viem's
 
 </Note>
 
+<Note>
+
+**Cross-Origin-Opener-Policy for Social Login Security**: The `Cross-Origin-Opener-Policy: same-origin-allow-popups` header is essential when using AppKit's social login features (Google, X, GitHub, Discord, Apple, Facebook, Farcaster). This header helps prevent tabnabbing attacks during OAuth flows by controlling how popup windows can interact with your application. Without this header, malicious sites could potentially hijack the authentication flow and redirect users to phishing pages.
+
+</Note>
+
 ## Testing and Deploying Your CSP
 
 ### Test Your CSP in a Staging Environment
Original file line number	Diff line number	Diff line change
`@@ -39,7 +39,7 @@`
`39`	`39`	`"nosocial", "bitget", "leather", "binance", "uniswap", "safepal", "bybit", "phantom", "ledger", "timeless-x", "safe", "zerion", "oneinch", "crypto-com", "imtoken", "kraken", "ronin", "robinhood", "exodus", "argent", "tokenpocket", "Contractaddress",`
`40`	`40`	`"executionreverted", "FATF", "VASP", "LLMSTXT", "Frontmatter", "CASP", "DKMS", "hydradx", "phala", "astar", "mangata", "polkadotjs", "Dogecoin", "Blockbook", "vuejs", "xsmall", "rgba", "mintlify", "filteredwallets",`
`41`	`41`	`"tnum","minmax","toolkits", "autoplay", "Litoshi", "Litoshis", "encryptor's", "Everscale", "Bitcore", "satoshis", "Parachain", "Bitcore", "walletlist", "Userflow", "retryable", "USDS", "Arbitrum", "Wolfswap", "Halborn", "Pentest", "Spearbit", "valtio",`
`42`		`- "reshare", "microstacks", "Prebuild", "APKT", "offchain", "Bitgpt", "Restaking", "Synthetix", "lamports", "mmkv", "Windscribe", "nanotons", "nanoton"`
	`42`	`+ "reshare", "microstacks", "Prebuild", "APKT", "offchain", "tabnabbing", "Bitgpt", "Restaking", "Synthetix", "lamports", "mmkv", "Windscribe", "Dappkit", "nanotons", "nanoton"`
`43`	`43`	`]`
`44`	`44`	`}`
`45`	`45`
Original file line number	Diff line number	Diff line change
`@@ -181,6 +181,10 @@ Assuming the dapp monitors all returned addresses for balance changes, a new req`
`181`	`181`
`182`	`182`	`The example below specifies a response from a static wallet. The returned address is used for both change and payments. It's the only address with UTXOs.`
`183`	`183`
	`184`	`+<Note>`
	`185`	+ Hardware wallets utilizing `bip32` are also supported.
	`186`	`+</Note>`
	`187`	`+`
`184`	`188`	```javascript
`185`	`189`	`// Request`
`186`	`190`	`{`