Sui Wallet Safety Patterns

Reference implementation demonstrating Sui-specific safety patterns. Object ownership, PTB inspection, and zkLogin — leveraging Move's type system for compile-time guarantees.

Why Sui Safety Is Different

Sui (Move)

Objects have typed ownership — enforced by compiler
PTBs batch up to 1024 operations atomically
Object mutations are explicit and auditable
zkLogin eliminates wallet install friction

Solana (Rust)

Account ownership checked at runtime
Transactions are single-instruction focused
Balance changes require simulation to predict
Wallet extensions required for all users

Wallet Connection

Standard Wallet

zkLogin (No Extension)

No wallet extension needed. Sign in with your existing account.

Connection Patterns

Complete

Standard wallet connection via dapp-kit + zkLogin for frictionless Web2 onboarding. ConnectionGuard + SponsoredSession.

View Pattern →

Transaction Safety

Complete

PTB Inspector: visualize all commands, object mutations, and gas costs before signing.

View Pattern →

Destructive Operations

Complete

Ownership verification + NuclearWarningDialog for irreversible object operations.

View Pattern →

Object Audit

Complete

DataTable of all owned objects with type filtering, search, balance overview, value-at-risk, and pre-destruction inventory.

View Pattern →

Asset Operations

Complete

Safe object transfer, coin split/merge, cooldown-gated transfers, and Kiosk marketplace integration.

View Pattern →

Sui Safety Principles

!
Object ownership is enforced by the Move type system
Unlike account-based chains, Sui objects have typed ownership. The compiler prevents unauthorized access — no runtime checks needed.
!
PTBs make complex operations atomic and inspectable
Programmable Transaction Blocks batch multiple operations. Dry-run shows exactly what will happen before signing.
!
zkLogin removes the biggest onboarding barrier
Users sign in with Google/Apple — no wallet extension, no seed phrase. ZK proofs derive a Sui address from OAuth credentials.
!
Shared components work across all chains
NuclearWarningDialog, TypedConfirmationInput, and CountdownButton are chain-agnostic. Same safety UX, different chain primitives.

Why Sui Safety Is Different

Sui (Move)

Objects have typed ownership — enforced by compiler
PTBs batch up to 1024 operations atomically
Object mutations are explicit and auditable
zkLogin eliminates wallet install friction

Solana (Rust)

Account ownership checked at runtime
Transactions are single-instruction focused
Balance changes require simulation to predict
Wallet extensions required for all users

Sui Safety Principles

Object ownership is enforced by the Move type system

Unlike account-based chains, Sui objects have typed ownership. The compiler prevents unauthorized access — no runtime checks needed.

PTBs make complex operations atomic and inspectable

Programmable Transaction Blocks batch multiple operations. Dry-run shows exactly what will happen before signing.

zkLogin removes the biggest onboarding barrier

Users sign in with Google/Apple — no wallet extension, no seed phrase. ZK proofs derive a Sui address from OAuth credentials.

Shared components work across all chains

NuclearWarningDialog, TypedConfirmationInput, and CountdownButton are chain-agnostic. Same safety UX, different chain primitives.