Frequently Asked Questions
Architecture & Responsibilities
Does Echo Sonar handle auth/eligibility and my project provides the onchain sale contract?
Does Echo Sonar handle auth/eligibility and my project provides the onchain sale contract?
Yes, exactly. Sonar handles:
- KYC/KYB verification and accreditation checks
- OAuth authentication and entity management
- Eligibility determination and allowlist management
- Signing purchase permits
- Smart contract implementation for token sale logic
- Frontend user experience and wallet connection
- Token economics, pricing, and vesting
How do purchase permits work and what's the recommended flow?
How do purchase permits work and what's the recommended flow?
Purchase Permit Flow:
- User authenticates with Sonar via OAuth
- Entity eligibility check: your frontend calls Sonar API to verify the connected wallet belongs to an eligible entity
- Pre-purchase validation: check if entity is ready to purchase (no liveness check needed, etc.)
- Generate permit: Sonar creates a signed permit with allocation data
- Contract call: your frontend passes the permit to your contract’s purchase function
- Signature verification: your contract verifies the permit was signed by Sonar’s authorized signer
- Permits are short-lived (10 minutes) for security
- Include allocation limits (min/max purchase amounts)
- Contain entity UUID and wallet address binding
- Prevent replay attacks with expiration and sale UUID
How should per-user caps/quotas be enforced?
How should per-user caps/quotas be enforced?
Allocation Enforcement:Sonar provides allocation data in purchase permits:Entity tracking prevents circumvention:
reservedAmount- Amount specifically reserved for this entitymaxAmount- Maximum total this entity can purchaseminAmount- Minimum purchase amount required
- Each entity can only use limited wallet addresses (configurable)
- Permits bind specific wallet addresses to entity UUIDs
- Contract tracks total purchased amount per entity UUID
Technical Implementation
Do you have a frontend SDK or template?
Do you have a frontend SDK or template?
Yes! We provide:JavaScript Libraries:
@echoxyz/sonar-core- Low-level API client@echoxyz/sonar-react- React hooks and providers
- Complete Next.js example
- Shows OAuth flow, entity checking, purchase flow
- Wagmi integration for wallet connection
- Error handling and edge cases
- React integration - Using our React hooks
- Frontend integration - Complete purchase flow
- JavaScript integration - Plain JS/TS projects
Common Issues & Solutions
OAuth Integration
OAuth callback fails with 'invalid redirect URI'
OAuth callback fails with 'invalid redirect URI'
Solution:
- Ensure redirect URI in your code exactly matches the one configured in Sonar dashboard
- Check for trailing slashes, http vs https, port numbers
- For localhost development, use exact port -
http://localhost:3000/oauth/callback
http://localhost:3000/oauth/callback/(trailing slash)https://localhost:3000/oauth/callback(https instead of http)- Using
127.0.0.1instead oflocalhost
Getting 'client not authorized' errors
Getting 'client not authorized' errors
OAuth tokens expire immediately
OAuth tokens expire immediately
Likely causes:
- System clock drift - ensure your server/client has correct time
- Token storage issues - check localStorage/sessionStorage
- CORS issues preventing token storage
- Browser privacy settings blocking storage
- Check browser dev tools → Application → Local Storage
- Verify timestamps in JWT payload
- Test in incognito mode to rule out extensions
Entity & Eligibility Issues
Getting 404 'no entity found for wallet address'
Getting 404 'no entity found for wallet address'
This means the connected wallet isn’t linked to any entity on Sonar.Solutions:
- User needs to link wallet on Sonar
- User connected wrong wallet (different from one linked on Sonar)
- Entity setup is incomplete
Entity shows as ineligible despite completing setup
Entity shows as ineligible despite completing setup
Check entity state:
- Verify KYC/KYB is fully approved (not just submitted)
- Check if entity meets sale requirements (accreditation, jurisdiction, etc.)
- Ensure wallet address isn’t flagged for risk
- Verify sale configuration allows this entity type
- Check entity compliance status
- Review sale configuration requirements
- Test with different entity types
Wallet risk errors for legitimate addresses
Wallet risk errors for legitimate addresses
Chainalysis screening can flag addresses with minimal exposure to risky entities.Solutions:
- Add specific addresses to
walletRiskAllowlistin sale configuration - Adjust
eligibilityMaxAllowedWalletRiskLeveltomediumorhigh - User can try a different wallet address
- Contact support to review specific address flags
- Use fresh wallet addresses for token sales
- Avoid addresses that received funds from exchanges or DeFi protocols
Purchase Flow Issues
Purchase permits expire before contract call
Purchase permits expire before contract call
Permits expire in 10 minutes for security.Solutions:
- Generate permit immediately before contract call, not during page load
- Implement retry logic that regenerates permits on expiration
Information to when contacting support
When contacting support@echo.xyz, include: Required:- Your Sale UUID
- Wallet addresses being tested
- Exact error messages from browser console
- Screenshots of error states
- Network tab showing API request/response
- Smart contract address (if deployed)
- Expected vs actual behavior
Community Resources
- Example Application - sonar-example-nextjs
- Integration Guides - Start with Getting Started
- API Reference - Sonar Core Documentation
Response Time - We typically respond to integration questions within 24 hours during business days. For urgent production issues, mark your email as “URGENT” in the subject line.