nikicat/mcp-wallet-signer

[email protected] scope: browser-evm-signer Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 20d MCP Browser & Automation

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

ai-agent blockchain eip-6963 ethereum mcp metamask

+5 more

model-context-protocol non-custodial typescript wallet web3

Affected surfaces

auth

ReleasePort's take

Light signal

editorial:auto 13d

[email protected] validates connected wallet address on every signing request to prevent silent signing. WrongWalletAddressError exception and findWrongWalletAddressError utility support address validation.

Why it matters: Prevents silent address mismatches during signing operations. Test all transaction and message signing flows in dev using multiple connected wallets before production deployment.

Summary

AI summary

Validate connected wallet address on every signing request to prevent silent misuse.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Validate connected wallet address on every signing request, preventing silent signing. Validate connected wallet address on every signing request, preventing silent signing. Source: llm_adapter@2026-05-21 Confidence: high	—
Feature
Feature	Medium	Browser shows wrong address screen on tx/message signing with auto-retry. Browser shows wrong address screen on tx/message signing with auto-retry. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	SendTransactionParams.from and address fields added for wallet validation. SendTransactionParams.from and address fields added for wallet validation. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	WrongWalletAddressError exception type added for wallet address mismatches. WrongWalletAddressError exception type added for wallet address mismatches. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	SignerErrorCode.WrongWalletAddress enum value added for error detection. SignerErrorCode.WrongWalletAddress enum value added for error detection. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Medium	findWrongWalletAddressError helper walks error cause chain. findWrongWalletAddressError helper walks error cause chain. Source: llm_adapter@2026-05-21 Confidence: low	—
Feature	Low	UI displays a "wrong address" screen for transaction and message signing with auto-retry on account switch. UI displays a "wrong address" screen for transaction and message signing with auto-retry on account switch. Source: granite4.1:30b@2026-05-22-audit Confidence: low	—

Full changelog

Features

Validate the connected wallet against the caller's expected address on every signing request, not just connect. Previously, when a caller cached a known address and skipped connect, sendTransaction / signMessage / signTypedData silently signed with whatever account the wallet had active.
- Browser UI now shows a "wrong address" screen for tx/message signing (with auto-retry on account switch), mirroring the existing connect-time check.
- SendTransactionParams.from and the existing address field on the sign-message / sign-typed-data params are now threaded into the request so the UI can validate.

New API

WrongWalletAddressError and SignerErrorCode.WrongWalletAddress for programmatic detection.
findWrongWalletAddressError(err) helper walks the cause chain (handy when viem wraps the signer error).

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track nikicat/mcp-wallet-signer

Get notified when new releases ship.

About nikicat/mcp-wallet-signer

Non-custodial EVM wallet MCP — routes transactions to browser wallets (MetaMask, etc.) for signing. Private keys never leave the browser; every action requires explicit user approval via EIP-6963.

All releases →

Related context

Related tools

Earlier breaking changes

[email protected] Migrates from browser-tron-signer v0.3.x to mcp-wallet-signer v0.6.0.
[email protected] Removes support for browser-tron-signer v0.3.x APIs.
[email protected] API schema changed to a maximalist format, breaking compatibility.
[email protected] MCP wallet signer API schema is now maximalist and incompatible with previous versions.
[email protected] Removes deprecated `legacySigner` API, requiring updates to existing integrations.