Nonce Kit 제작자: lalit
Warn before signing durable-nonce Solana transactions.
확장 메타 데이터
정보
Nonce Kit blocks the wallet popup until you confirm, when a Solana dApp asks you to sign a durable-nonce transaction. Standard transactions pass through unchanged with a small toast notification.
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
0명이 0점으로 평가함
권한 및 데이터
추가 정보
- 부가 기능 링크
- 버전
- 0.1.0
- 크기
- 13.29 KB
- 마지막 업데이트
- 8일 전 (2026년 5월 24일)
- 관련 카테고리
- 버전 목록
- 모음집에 추가