Asentum Wallet — Chrome Extension

TL;DR

The Asentum Wallet is a native Chrome extension that signs post-quantum transactions with your local ML-DSA-65 (Dilithium3) key. It is not a MetaMask Snap — it is a first-party Manifest V3 extension purpose-built for Asentum. It injects a window.asentum provider that any website can use, requires a password to unlock, and asks for explicit approval on every transaction.

Install the extension

When public release lands, installation will be a single click from the Chrome Web Store. Until then, testnet participants can load the extension unpacked:

1. Download the latest build from testnet.asentum.com/install/extension.zip and unzip it.
2. Open chrome://extensions and enable Developer mode in the top right.
3. Click Load unpacked and select the unzipped folder.
4. Pin the Asentum Wallet icon to the toolbar for quick access.

The extension works on any Chromium-based browser — Brave, Arc, Edge, Vivaldi — using the same Manifest V3 bundle.

First-run setup

Opening the extension for the first time walks you through creating your first account:

1. Choose a password — minimum 8 characters. This password encrypts your Dilithium3 secret key locally using scrypt (N=131072, r=8, p=1) and AES-GCM-256.
2. Your keypair is generated in the background. The secret key never exists unencrypted on disk.
3. Your address is displayed — copy it to your clipboard or fund it using the testnet faucet.

Once you're set up, the recovery phrase flow lets you back up your wallet so you can restore it on another device.

Connecting to a dapp

Any website can detect the Asentum Wallet via the injected window.asentum provider. When a dapp calls window.asentum.connect() for the first time on a given domain, the extension opens an approval popup:

• You see the origin requesting access.
• You see the address that would be shared.
• You can approve or deny — per origin.

Permissions are scoped per domain and can be revoked any time from Settings → Connected sites. The contract playground is a good place to try the connect flow end-to-end.

Sending a transaction

Whether a transaction comes from the extension UI or from a dapp, every send triggers an approval popup. Silent signing is not possible. The approval window shows:

• Transfer — recipient address + amount in ASE.
• Deploy — "Deploy contract (N bytes)" with the bytecode size.
• Call — the target contract + method name being invoked.
• A gas estimate for the current base fee.

Approved transactions are signed with Dilithium3 in the background service worker and broadcast to the configured RPC. For the full flow, see Send a Transaction.

Managing multiple accounts

The extension supports multiple independent accounts. Each account has its own Dilithium3 keypair, encrypted under the same master password.

• Add account — generates a new keypair inside the existing vault.
• Rename — label accounts for clarity ("Main", "Dev", "Cold").
• Switch — changes the active account for the provider and dapp connections.
• Delete — removes an account from the vault (irreversible without a recovery phrase).

Lock & unlock

Between sessions the extension is locked. Secret keys live encrypted in chrome.storage.local, and the unlocked keypair is cached in chrome.storage.session — which Chrome clears automatically on browser quit or extension reload.

You can manually lock the wallet from the topbar at any time. Forgot your password? The "Forgot password" flow wipes the vault and lets you restore from your recovery phrase.

Security model

• Keys are local. Your Dilithium3 secret key never leaves your machine. There are no remote signing servers.
• Password-encrypted vault. The vault uses scrypt (N=131072) plus AES-GCM-256. Brute-forcing the password requires ~128 MB of memory per attempt.
• Per-origin permissions. Websites only get access if you explicitly approve them.
• Per-transaction approval. No silent signing, ever. Every outgoing transaction shows an approval popup.
• Content script isolation. The provider runs in the page's MAIN world; its bridge to the background service worker runs in an isolated world. Dapps cannot touch secret key material directly.

For the broader security story, see Security Best Practices.