Developer Integration

How to build applications, extensions, and custom resolvers that integrate with Gao Browser — and how to ensure correct trust badge display in your application.

Overview#

Gao Browser exposes integration points for three types of developers:

Web developers — building sites and apps that run inside Gao Browser
Resolver implementors — building community resolver nodes that the browser can query
Protocol integrators — building applications that embed or extend Gao Browser capabilities

Web Developer Integration#

Detecting Gao Browser

// Check if running inside Gao Browser  
const isGaoBrowser = typeof window.gao !== 'undefined';  
  
if (isGaoBrowser) {  
  // Can use native .gao resolution and x402  
  const identity = await window.gao.domain.resolve('merchant.gao');  
} else {  
  // Fallback to standard Web3 or gateway URL  
}

Native Domain Resolution

// Resolve a .gao domain  
const identity = await window.gao.domain.resolve('merchant.gao');  
// Returns: { domain, trust_level, wallet, payment_proxy, content, agents }  
  
// Resolve wallet for payment  
const address = await window.gao.domain.resolveWallet('merchant.gao', 'base');  
// Returns proxy address for private domains, real address for public  
  
// Get trust badge data  
const badge = await window.gao.domain.getTrustBadge('merchant.gao');  
// Returns: { level: 2, label: "Business Verified", color: "#2563EB", icon: "✅" }

Initiating a Payment

// Request payment via the browser's payment flow  
const receipt = await window.gao.payment.request({  
  to:            'merchant.gao',  
  amount:        '50.00',  
  token:         'USDC',  
  chain:         'base',  
  memo:          'Order #1042',  
});  
  
// receipt is null if user cancelled  
if (receipt) {  
  console.log(receipt.receipt_id);    // rcpt_pay_abc123  
  console.log(receipt.tx_hash);       // on-chain tx  
}

The browser handles the full confirmation UI, trust display, and fee breakdown. The developer receives either a confirmed receipt or null (user cancelled) — there is no partial state to handle.

x402 Server-Side Integration

For payment-gated APIs, return HTTP 402 with the payment details header:

// Express.js example  
app.get('/api/premium', (req, res) => {  
  const proof = req.headers['x-gao-payment-proof'];  
  
  if (!proof) {  
    return res.status(402).json({  
      payee_domain: 'myapi.gao',  
      amount:       '0.01',  
      currency:     'USDC',  
      network:      'base',  
      expires_in:   300,  
    });  
  }  
  
  // Validate proof (see Gao Payment Layer 4 docs)  
  validateAndServe(req, res);  
});

Gao Browser detects the 402 response, parses the payment details, and manages the full x402 flow automatically. The user sees the payment confirmation UI without any additional frontend code from the developer.

Agent Invocation

// Invoke an agent on the current domain  
const result = await window.gao.agent.invoke({  
  agentDomain: 'assistant.merchant.gao',  
  action:      'schedule_appointment',  
  input:       { date: '2026-04-20', time: '14:00', service: 'manicure' },  
});  
  
// result is null if user denied the approval  
if (result) {  
  console.log(result.output);   // agent output  
  console.log(result.receipt);  // GAR receipt from Layer 8  
}

For Tier 2+ actions, the browser shows the approval UI automatically. The developer does not need to implement any approval flow.

Trust Badge Display Requirements#

Applications and integrations that display .gao identities must follow these rules:

Three Rules

Rule 1 — Always query fresh. Never display a trust level from a local cache. Always call the resolver before showing a badge. Respect the TTL.

Rule 2 — Never suppress warnings. Level 0 (Unverified) warning must always be shown before any payment or agent interaction. Never hide, minimize, or deprioritize it.

Rule 3 — Show before action. Trust badges must be visible before the user takes any consequential action.

Badge Specifications

const BADGE_SPECS = {  
  0: { icon: '⚠️', label: 'Unverified',        color: '#F59E0B' },  
  1: { icon: '✓',  label: 'Identity Verified',  color: '#6B7280' },  
  2: { icon: '✅', label: 'Business Verified',   color: '#2563EB' },  
  3: { icon: '🏛', label: 'Official',           color: '#D97706' },  
};

React Component

import { useTrustBadge } from '@gao-internet/sdk/react';  
  
function DomainBadge({ domain }: { domain: string }) {  
  const { badge, loading } = useTrustBadge(domain);  
  
  if (loading) return <span>Verifying {domain}…</span>;  
  
  return (  
    <div className={`trust-badge level-${badge.level}`}  
         style={{ color: badge.color }}>  
      <span>{badge.icon}</span>  
      <span>{domain}</span>  
      {badge.displayName && <span>{badge.displayName}</span>}  
    </div>  
  );  
}

---

### Resolver Integration

Community resolvers must conform to the `GI-DOMAIN-RESOLVER/1.0` specification. See Anchor Contract & Conformance for the full conformance test suite.

The browser queries resolvers in this priority order:

1.  Gao official resolver (default)
    
2.  User-configured resolver (settings → resolver)
    
3.  Community resolvers (automatic fallback)
    

To register as a community resolver:

GET https://resolver.gao.systems/register
Requirements:

Pass all P0 conformance tests
Maintain ≥ 99% uptime
Not log or retain query data beyond 24 hours
Implement the open resolver specification

Browser Extension API (Beta)#

For extensions that need deeper integration:

// Available in Gao Browser extension context  
chrome.gao.domain.onResolution.addListener((event) => {  
  console.log(event.domain, event.trustLevel);  
});  
  
chrome.gao.payment.onReceipt.addListener((receipt) => {  
  console.log('Payment settled:', receipt.receipt_id);  
});

Extension API documentation is in beta. See developers.gao.systemsarrow-up-right for current status.

Rate Limits#

API

Limit

window.gao.domain.resolve()

60 req/min per origin

window.gao.payment.request()

10 req/min per origin

window.gao.agent.invoke()

30 req/min per origin

Rate limit responses surface as rejected promises with a RATE_LIMITED error code.

Error Reference#

Error Code

Meaning

Resolution

GBR_001

Domain not found

Check domain name spelling

GBR_002

Resolution unavailable

Check network; try again

GBR_003

Payment cancelled by user

Handle null receipt gracefully

GBR_004

Agent action denied by user

Handle null result gracefully

GBR_005

Agent scope violation blocked

Check agent’s declared scope

GBR_006

Trust level below required minimum

Inform user; they may proceed at own risk

GBR_007

Rate limit exceeded

Reduce request frequency

GBR_008

Step-up auth required

Trigger re-authentication flow

For full SDK documentation including the Resolver API, payment intent lifecycle, and agent verification, see the Developer Guide in the Domain layer documentation.