Nonce Kit от lalit
Warn before signing durable-nonce Solana transactions.
Метаданные расширения
Об этом расширении
Nonce Kit blocks the wallet popup until you confirm, when a Solana dApp asks you to sign a durable-nonce transaction. Standard transactions pass through unchanged with a small toast notification.
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
WHY IT MATTERS
A normal Solana transaction expires in about 60 seconds when its recent blockhash rotates. A durable-nonce transaction does not — its first instruction is SystemProgram.AdvanceNonceAccount, which keeps the same signed bytes valid for days or weeks after you sign.
That flexibility is useful for offline signing and multisig. On a random dApp, it's a footgun:
• A phishing site can collect your signature today and submit it next week at a worse price.
• A "harmless" approval can be held until a token unlock or governance vote.
• Bytes can be replayed against a wallet long after you sign.
WHAT IT DOES
When the dApp calls signTransaction, signAllTransactions, signAndSendTransaction, or sendTransaction with a durable-nonce transaction, Nonce Kit intercepts the call BEFORE the wallet popup opens and shows a hard modal with:
• The wallet name making the request
• Fee payer, nonce account, nonce authority
• Instruction count, signer count, program IDs
You choose Block (the dApp gets a rejection, wallet is never prompted) or Sign anyway (your wallet popup opens normally).
Standard recent-blockhash transactions get a small top-right toast and pass straight through. Nothing slows down for normal use.
WALLETS COVERED
• Phantom, Solflare, Backpack, Glow (legacy window.solana and named globals)
• Any Wallet Standard wallet (registers via wallet-standard:register-wallet)
• Late-injected wallets via MutationObserver
PRIVACY AND PERMISSIONS
• No data collection. No telemetry. No analytics.
• No network access. No storage. No background script.
• Single content script, ~12 KB, zero runtime dependencies.
• Modal renders in a closed shadow DOM so hostile pages cannot programmatically dismiss it.
• Fail-closed: if the page tries to remove the modal, or you don't respond within 90 seconds, the transaction is blocked.
LIMITATIONS
• signMessage (off-chain message signing) is not gated.
• Wallets that route signing through methods outside the four hooked above will bypass silently — your wallet's own approval popup is the last line of defense there.
Source: https://github.com/lalitcap23/nonce-kit
Оценено 0 рецензентами на 0
Разрешения и данные
Требуемые разрешения:
- Получать доступ к вашим данных на всех сайтах
Сбор данных:
- Разработчик сообщает, что это расширение не требует сбора данных.
Больше сведений
- Ссылки дополнения
- Версия
- 0.1.0
- Размер
- 13,29 КБ
- Последнее обновление
- 5 дней назад (24 мая 2026 г.)
- Связанные категории
- Лицензия
- Публичная лицензия Mozilla 2.0
- История версий
- Добавить в подборку