Nonce Kit von lalit
Warn before signing durable-nonce Solana transactions.
Metadaten zur Erweiterung
Über diese Erweiterung
Nonce Kit blocks the wallet popup until you confirm, when a Solana dApp asks you to sign a durable-nonce transaction. Standard transactions pass through unchanged with a small toast notification.
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
Bewertet mit 0 von 0 Bewertern
Berechtigungen und Daten
Benötigte Berechtigungen:
- Auf Ihre Daten für diverse Websites zugreifen
Datenerfassung:
- Der Entwickler sagt, dass diese Erweiterung keine Datenerhebung benötigt.
Weitere Informationen
- Add-on-Links
- Version
- 0.1.0
- Größe
- 13,29 KB
- Zuletzt aktualisiert
- vor 7 Tagen (24. Mai 2026)
- Verwandte Kategorien
- Versionsgeschichte
- Zur Sammlung hinzufügen