Nonce Kit de lalit
Warn before signing durable-nonce Solana transactions.
Metadate extensie
Despre această extensie
Nonce Kit blocks the wallet popup until you confirm, when a Solana dApp asks you to sign a durable-nonce transaction. Standard transactions pass through unchanged with a small toast notification.
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
Evaluat cu 0 de către 0 recenzori
Permisiuni și date
Permisiuni necesare:
- Să îți acceseze datele pentru toate site-urile web
Colectare de date:
- Dezvoltatorul spune că extensia nu necesită colectarea de date.
Mai multe informații
- Linkurile suplimentului
- Versiune
- 0.1.0
- Mărime
- 13,29 KB
- Ultima actualizare
- 6 zile în urmă (24 mai 2026)
- Categorii conexe
- Licență
- Mozilla Public License 2.0
- Istoricul versiunilor
- Adaugă în colecție