npmpackage.info

Gathering detailed insights and metrics for @hot-labs/near-connect

@hot-labs/near-connect - 0.2.15 | npmpackage.info

@hot-labs/near-connect

[Work in progress] An easily upgradeable, secure and lightweight wallet connector for the NEAR blockchain

0.2.15

TypeScript

385.75 kB

Installations

npm install @hot-labs/near-connect

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

23.11.0

NPM Version

11.4.2 Pull Requests

Open

0

Total

6

Closed

0

Merged

6

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

TypeScript

CSS

Sass

JavaScript

HTML

TypeScript (87.35%)

CSS (6.81%)

Sass (5.38%)

JavaScript (0.26%)

HTML (0.19%)

Developer

hot-dao

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

3 Stars

75 Commits

1 Forks

1 Watchers

5 Branches

3 Contributors

Updated on Jul 14, 2025

Maintainers

View All 3 Contributors

Package Meta Information

Latest Version

0.2.15

Package Id

@hot-labs/near-connect@0.2.15

Unpacked Size

385.75 kB

Size

67.40 kB

File Count

198

NPM Version

11.4.2

Node Version

23.11.0

Published on

Jul 09, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

preact

Dev Dependencies

@here-wallet/core @hot-wallet/sdk @meteorwallet/sdk @near-wallet-selector/core @near-wallet-selector/ledger @near-wallet-selector/modal-ui-js @peersyst/near-mobile-signer @vitejs/plugin-react borsh qr-code-styling react react-dom typescript vite vite-plugin-node-polyfills

NEAR Connect

Zero-dependenices (only preact for UI), robust, secure and lightweight wallet connector for the NEAR blockchain with easily updatable wallets code

yarn add @hot-labs/near-selector

How it works

Unlike near-wallet-selector, this library provides a secure execution environment for integrating wallets. This eliminates the need for a single registry of code for all wallets.

Dapp integration

1import { WalletSelector, WalletSelectorUI } from "@hot-labs/near-connect";
2import "@hot-labs/near-connect/modal-ui.css";
3
4const selector = new WalletSelector({ network: "mainnet" });
5const modal = new WalletSelectorUI(selector);
6
7selector.on("wallet:signOut", async () => {});
8selector.on("wallet:signIn", async (t) => {
9  const wallet = await selector.wallet(); // api like near-wallet-selector
10  const address = t.accounts[0].accountId;
11  wallet.signMessage(); // all methods like near-wallet-selector
12});

Wallet integration

The developer writes a self-hosted script that implements the integration of their wallet and adds a description to the common manifest:

1{
2  "id": "hot-wallet",
3  "version": "1.0.0",
4  "name": "HOT Wallet",
5  "description": "Secure Multichain wallet. Manage assets, refuel gas, and mine $HOT on any device with HOT Wallet",
6  "icon": "https://app.hot-labs.org/images/hot/hot-icon.png",
7  "website": "https://hot-labs.org/wallet",
8
9  "executor": "https://raw.githubusercontent.com/hot-dao/near-selector/refs/heads/main/repository/hotwallet.js",
10  "type": "sandbox",
11
12  "platform": {
13    "android": "https://play.google.com/store/apps/details?id=app.herewallet.hot&hl=en",
14    "ios": "https://apps.apple.com/us/app/hot-wallet/id6740916148",
15    "chrome": "https://chromewebstore.google.com/detail/hot-wallet/mpeengabcnhhjjgleiodimegnkpcenbk",
16    "firefox": "https://addons.mozilla.org/en-US/firefox/addon/hot-wallet",
17    "tga": "https://t.me/hot_wallet"
18  },
19
20  "features": {
21    "signMessage": true,
22    "signTransaction": true,
23    "signAndSendTransaction": true,
24    "signAndSendTransactions": true,
25    "signInWithoutAddKey": true,
26    "verifyOwner": false,
27    "testnet": false
28  },
29
30  "permissions": {
31    "storage": true,
32    "open": {
33      "allows": [
34        "https://hot-labs.org",
35        "https://t.me/hot_wallet",
36        "https://play.google.com",
37        "https://apps.apple.com",
38        "hotwallet://"
39      ]
40    }
41  }
42}

The executor endpoint called in a standalone iframe if the user decides to use this wallet on the site. The script implements the NearWallet wallet class and registers it in a special object window.selector.ready(yourNearWallet)

After that, the library delegates user requests directly to yourNearWallet via iframe.postMessage communication. In addition, the script has the ability to draw any UI in the area allocated for the iframe that is necessary for interaction with the wallet.

Sandbox limitations

For security, the wallet script runs in a sandboxed iframe, which has many limitations. It cannot call modals or access an external page or use localStorage. The window.selector implements some features for this:

1interface NearSelector {
2  location: string; // initial dapp location href
3  ready: (wallet: any) => void; // must call executor script for register wallet
4  open: (url: string, newTab = false) => void; // used for my-near-wallet
5
6  // use instead of localStorage
7  storage: {
8    set: (key: string, value: string) => Promise<void>;
9    get: (key: string) => Promise<string>;
10    remove: (key: string) => Promise<void>;
11    keys: () => Promise<string[]>;
12  };
13}

Manifest permissions

{ "storage": true }: Use window.selector.storage in execution script
{ "open": { allows: ["https://wallet.app"] } } Use window.selector.open for allow domains
{ "location": true }: Use window.selector.location for initial url from dapp
{ "usb": true }: Use usb in execution script (use for Ledger)
{ "hid": true }: Use hid in execution script (use for Ledger)

Manifest features

Each wallet must specify in the manifest a list of features that are supported. This will help dApps filter wallets by the required features. As soon as the wallet starts supporting the required feature -- it simply adds it to the manifest and updates its execution script, all dapps automatically download the updates without the need to update the frontend.

1const selector = new WalletSelector({
2  // Show wallets that support signMessage and testnet env
3  features: { signMessage: true, testnet: true },
4});

Injected wallets

Like Ethereum Multi Injected Provider Standart this library supports injected wallets for extenstions and in-app browsers. Your injection script can dispatch custom event with your wallet:

1class NearWallet {
2  manifest: { ... };
3  signIn() {}
4  // all implementation
5}
6
7window.addEventListener("near-selector-ready", () => {
8  window.dispatchEvent(new CustomEvent("near-wallet-injected", { detail: new NearWallet() }));
9});

Background

Maintaining the current near-wallet-selector takes a lot of time and effort, wallet developers wait a long time to get an update to their connector inside a monolithic code base. After which they can wait months for applications to integrate their wallet into their site or update their frontend to update the wallet connector. This requires a lot of work on the review side of the near-wallet-selector team and STILL does not ensure the security of internal packages that will be installed in applications (for example, RHEA Finance or Near Intents). All these problems prompted us to write a new solution that will:

safely and isolatedly execute the code for connecting to wallets
quickly and conveniently update wallets on all sites
Save the internal near-wallet-selector team from endlessly maintaining a huge code base, because now only the wallet itself is responsible for the connection of each wallet and hosts its script wherever it wants.

Milestones

Support all near-wallet-selector wallets
Custom manifests for debugging mode
Full backward compatibility with near-wallet-selector

No vulnerabilities found.

No security vulnerabilities found.