sneak/AutistMask
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
065f0eaa81db2fc732a051b1c04b26d4ba322910
AutistMask/README.md
sneak c2ff5d1788 Initial README for AutistMask 
Minimal Ethereum wallet browser extension for Chrome and Firefox.
GPL-3.0 licensed.
2026-02-24 09:45:05 +07:00

147 lines
5.7 KiB
Markdown
Raw Blame History

# AutistMask
AutistMask is a GPL-licensed JavaScript browser extension by
[@sneak](https://sneak.berlin) that provides a minimal Ethereum wallet for
Chrome and Firefox. It manages HD wallets derived from BIP-39 seed phrases and
supports sending and receiving ETH and ERC-20 tokens, as well as web3 site
connection and authentication via the EIP-1193 provider API.
## Getting Started
```bash
git clone https://git.eeqj.de/sneak/autistmask.git
cd autistmask
yarn install
make build
```
Load the extension:
- **Chrome**: Navigate to `chrome://extensions/`, enable "Developer mode", click
"Load unpacked", and select the `dist/chrome/` directory.
- **Firefox**: Navigate to `about:debugging#/runtime/this-firefox`, click "Load
Temporary Add-on", and select `dist/firefox/manifest.json`.
## Rationale
MetaMask has become bloated with swap UIs, portfolio dashboards, analytics,
tracking, and advertisements. It is no longer a simple wallet. Most alternatives
(Rabby, Rainbow, etc.) only support Chromium browsers, leaving Firefox users
without a usable option.
AutistMask exists to provide the absolute minimum viable Ethereum wallet
experience: manage seed phrases, derive HD addresses, send and receive ETH and
ERC-20 tokens, and connect to web3 sites. Nothing else. No swaps (that's what
the web is for), no analytics, no tracking, no ads, no portfolio views, no NFT
galleries. Just a wallet.
## Design
AutistMask is a browser extension targeting both Chrome (Manifest V3) and
Firefox (Manifest V2/V3 as supported). The codebase is shared between both
targets with platform-specific manifest files and a build step that produces
separate output directories.
### Architecture
```
src/
background/ — service worker / background script
index.js — extension lifecycle, message routing
wallet.js — wallet management (create, import, derive)
provider.js — EIP-1193 JSON-RPC provider implementation
transaction.js — transaction construction and signing
popup/ — popup UI (the main wallet interface)
index.html
index.js
components/ — UI components (account list, send form, etc.)
styles/ — CSS
content/ — content script injected into web pages
index.js — injects the provider into page context
inpage.js — the window.ethereum provider object
shared/ — shared utilities
crypto.js — BIP-39 mnemonic, HD key derivation, signing
storage.js — encrypted storage abstraction
constants.js — chain IDs, default RPC endpoints, ERC-20 ABI
rpc.js — JSON-RPC client for Ethereum nodes
manifest/
chrome.json — Manifest V3 for Chrome
firefox.json — Manifest V2/V3 for Firefox
```
### Key Decisions
- **No framework**: The popup UI is vanilla JS and HTML. The extension is small
enough that a framework adds unnecessary complexity and attack surface.
- **Encrypted storage**: Seed phrases are encrypted with a user-provided
password using AES-256-GCM before being stored in the extension's local
storage. The encryption key is derived from the password using PBKDF2 with a
high iteration count.
- **BIP-39 / BIP-44**: Standard mnemonic generation and HD key derivation
(`m/44'/60'/0'/0/n`) for Ethereum address compatibility.
- **EIP-1193 provider**: The content script injects a `window.ethereum` object
that implements the EIP-1193 provider interface, enabling web3 site
connectivity.
- **Minimal RPC**: The extension communicates with Ethereum nodes via JSON-RPC.
The default endpoint is configurable. No Infura dependency — users can point
it at any Ethereum JSON-RPC endpoint.
- **No external services**: No analytics, no tracking, no telemetry, no ads, no
phishing lists, no token price feeds. The extension only talks to the
configured Ethereum RPC endpoint.
### Supported Functionality
- Create new wallet from generated BIP-39 mnemonic
- Import wallet from existing BIP-39 mnemonic
- Derive multiple HD addresses per wallet (`m/44'/60'/0'/0/n`)
- View ETH balance
- View ERC-20 token balances (user adds token by contract address)
- Send ETH to an address
- Send ERC-20 tokens to an address
- Receive ETH/tokens (display address + copy to clipboard)
- Connect to web3 sites (EIP-1193 `eth_requestAccounts`)
- Sign transactions requested by connected sites
- Sign messages (`personal_sign`, `eth_sign`)
- Switch between wallets/accounts
- Lock/unlock with password
- Configurable RPC endpoint
### Non-Goals
- Token swaps (use a DEX in the browser)
- Portfolio/price tracking
- NFT display or management
- Multi-chain support (Ethereum mainnet only, for now)
- Analytics, telemetry, or tracking of any kind
- Advertisements or promotions
- Phishing detection (use your brain)
- Hardware wallet support (maybe later)
## TODO
- [ ] Set up build system (webpack/esbuild) for Chrome and Firefox targets
- [ ] Implement BIP-39 mnemonic generation and validation
- [ ] Implement BIP-32/BIP-44 HD key derivation for Ethereum
- [ ] Implement encrypted storage for seed phrases
- [ ] Build popup UI: lock screen, account list, send/receive views
- [ ] Implement background wallet manager
- [ ] Implement EIP-1193 provider and content script injection
- [ ] Implement ETH send/receive
- [ ] Implement ERC-20 token management (add by contract, view balance, send)
- [ ] Implement site connection approval flow
- [ ] Implement transaction signing approval flow
- [ ] Implement message signing (`personal_sign`, `eth_sign`)
- [ ] Add configurable RPC endpoint
- [ ] Test on Chrome and Firefox
- [ ] Write tests for crypto operations
- [ ] Write tests for transaction construction
- [ ] Security audit of key management
## License
GPL-3.0. See [LICENSE](LICENSE).
## Author
[@sneak](https://sneak.berlin)
Reference in New Issue View Git Blame Copy Permalink