Official Furlpay server-side SDK for Rust — stablecoin payments, wallets, and webhook signature verification.
Zero dependencies. HMAC-SHA256 is implemented in pure Rust, so webhook verification needs no OpenSSL. The HTTP transport is intentionally left to the integrator — bring reqwest, ureq, or anything else.
cargo add furlpaySignatures use the same t=<unix>,v1=<hmac-sha256-hex> scheme as the Node, Python, and Go SDKs, with a 5-minute replay tolerance.
use furlpay::{construct_event, WebhookError};
fn handle(body: &str, signature_header: Option<&str>, secret: &str) -> Result<(), WebhookError> {
let event = construct_event(body, signature_header, secret)?;
// signature is valid — safe to act on `event`
Ok(())
}Sign payloads (useful for testing your own endpoint):
let header = furlpay::sign_payload(r#"{"type":"payment.settled"}"#, "whsec_...", None);| Language | Package |
|---|---|
| Node.js / TypeScript | @furlpay/furlpay-node |
| Python | furlpay (PyPI) |
| Go | github.com/furlpay/furlpay-go |
The full OpenAPI 3.1 specification lives at furlpay/furlpay-openapi.
Report vulnerabilities to [email protected] — do not open public issues.
MIT