repositories
loading repo index
repositories
loading repo index
repository
loading code, commits, and activity
public Clawd ADK gateway launch mirror
stars
latest
clone command
git clone gitlawb://did:key:z6Mkq5mY...iFZ5/my-project-publ...git clone gitlawb://did:key:z6Mkq5mY.../my-project-publ...2fa351d6docs: add automaton and perps launch sources16d ago| #1 | --- |
| #2 | name: pump-solana-wallet |
| #3 | description: "Secure Solana wallet generation using official Solana Labs libraries — Ed25519 keypairs, memory zeroization, vanity address generation, offline-only operation, and multi-language implementations (Rust, TypeScript, Bash)." |
| #4 | metadata: |
| #5 | openclaw: |
| #6 | homepage: https://github.com/nirholas/pump-fun-sdk |
| #7 | requires: |
| #8 | bins: |
| #9 | - solana-keygen |
| #10 | --- |
| #11 | |
| #12 | # Solana Wallet — Key Generation & Security |
| #13 | |
| #14 | Secure Solana wallet generation using official Solana Labs libraries with Ed25519 keys, memory zeroization, and offline-only operation. Three implementations: Rust (production), TypeScript (educational), and Bash (wrappers). |
| #15 | |
| #16 | ## Approved Crypto Libraries |
| #17 | |
| #18 | | Context | Library | Role | |
| #19 | |---------|---------|------| |
| #20 | | Rust | `solana-sdk` | `Keypair::new()`, `Signer` trait, Base58 encoding | |
| #21 | | TypeScript | `@solana/web3.js` | `Keypair.generate()`, `Keypair.fromSecretKey()` | |
| #22 | | Shell | `solana-keygen` | `grind` (vanity), `new` (random), `verify` | |
| #23 | | MCP Server | `@solana/web3.js` | Session keypair management in `SolanaWalletMCPServer` | |
| #24 | |
| #25 | ## Address Format |
| #26 | |
| #27 | - 32-byte Ed25519 public key encoded as Base58 |
| #28 | - Length: 32–44 characters (typically 43–44) |
| #29 | - Case-sensitive alphabet: `123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz` |
| #30 | |
| #31 | ## Vanity Address Difficulty |
| #32 | |
| #33 | | Prefix Length | Expected Attempts | Time (100K/sec) | |
| #34 | |---------------|-------------------|-----------------| |
| #35 | | 1 char | ~58 | < 1 sec | |
| #36 | | 2 chars | ~3,364 | < 1 sec | |
| #37 | | 3 chars | ~195,112 | ~2 sec | |
| #38 | | 4 chars | ~11.3M | ~2 min | |
| #39 | | 5 chars | ~656M | ~2 hours | |
| #40 | |
| #41 | ## Security Model (6 Defense Layers) |
| #42 | |
| #43 | 1. **CSPRNG only** — `OsRng` (Rust), `crypto.getRandomValues` (Node.js) |
| #44 | 2. **Official libraries** — No third-party crypto |
| #45 | 3. **Memory zeroization** — `Zeroize` trait (Rust), `buffer.fill(0)` (TypeScript) |
| #46 | 4. **File permissions** — `0o600` owner-only |
| #47 | 5. **Offline operation** — No network calls during key generation |
| #48 | 6. **Post-generation verification** — Re-derive public key from secret and compare |
| #49 | |
| #50 | ## Memory Zeroization by Language |
| #51 | |
| #52 | | Language | Mechanism | |
| #53 | |----------|-----------| |
| #54 | | Rust | `Zeroize` trait + `Drop` impl, `zeroize_on_drop` | |
| #55 | | TypeScript | `secretKey.fill(0)` + `Buffer.alloc(0)` (best-effort, GC may relocate) | |
| #56 | | Shell | `shred -u` or `rm -P` for file cleanup | |
| #57 | |
| #58 | ## Patterns to Follow |
| #59 | |
| #60 | - ONLY use `solana-sdk`, `@solana/web3.js`, or `solana-keygen` for crypto operations |
| #61 | - Zero all key material as soon as it is no longer needed |
| #62 | - Set file permissions to `0o600` immediately after writing keypair files |
| #63 | - Never make network calls during key generation |
| #64 | - Verify every generated keypair: re-derive public key from secret and compare |
| #65 | |
| #66 | ## Common Pitfalls |
| #67 | |
| #68 | - JavaScript GC may copy/relocate buffers — `fill(0)` is best-effort, not guaranteed |
| #69 | - `solana-keygen` output is [u8; 64] JSON array (32-byte secret + 32-byte public) |
| #70 | - Base58 is NOT the same as Base64 — Solana uses a specific alphabet without `0OIl` |
| #71 | - Vanity matching must use raw Base58 — case-sensitive, no regex anchoring errors |
| #72 | |
| #73 |