SkillsSOL Skills

SolHunt — Solana Wallet Recovery Intelligence

Authorized publishersolanawalletrecoverydefisecurityagentmcp
npx skills add https://github.com/Hubra-labs/sol-skills --skill solhunt

Purpose

Find and recover SOL trapped in zero-balance token accounts. Revoke dangerous dApp approvals. Full wallet audit in one tool call — trustless, unsigned transactions only.

Trusted sources

Execution flow

Full recovery session

  1. Call get_wallet_report with wallet address
  2. If worth_recovering is true, call build_recovery_transaction
  3. Sign the base64 transaction bytes locally with the wallet
  4. Submit the signed transaction to any Solana RPC
  5. Repeat for subsequent batches if closeable_accounts > 15

Security audit session

  1. Call scan_token_approvals with wallet address
  2. Inspect risk_breakdown — any HIGH risk approvals?
  3. Call build_revoke_transactions with the HIGH risk token accounts
  4. Sign and submit the revocation transaction

Landing guidance

Transaction expiry

Recovery transactions expire in ~90 seconds. Build the transaction only when ready to sign immediately. If expired, call build_recovery_transaction again for fresh bytes.

Batch strategy

Each Solana transaction can close ~15 accounts (1500 CUs each). For wallets with many zero-balance accounts, repeat build_recovery_transaction with incrementing batch_number until all accounts are closed.

RPC submission

Any Solana RPC works: Helius, QuickNode, Triton, or the default public RPC. For best reliability, use Helius or QuickNode with priority fee support.

Failure handling

Wallet not found

The wallet has never made any on-chain transactions. Use a wallet with history.

Rate limited (429)

Free tier is 10 calls/day. Check X-RateLimit-Reset header for reset time, or obtain an API key from solhunt.dev for higher limits.

Stale blockhash / tx expired

Simply call build_recovery_transaction again. Each call generates fresh bytes with a current blockhash.

No recoverable accounts

The wallet has no zero-balance token accounts. Nothing to recover. Use this wallet if it has activity but no dust.

Full guide

SolHunt — Solana Wallet Recovery Intelligence

When to Apply

  • A Solana wallet has low health or lost SOL locked in closed token accounts
  • An agent needs to audit a wallet's security posture (token approvals)
  • Recoverable rent is sitting in zero-balance accounts (0.002039 SOL each)
  • User wants a full wallet report before committing to recovery

Trust Model — Why SolHunt Cannot Drain Your Wallet

  1. Unsigned transactions only — SolHunt returns raw transaction bytes. The agent signs locally. SolHunt never sees the signed transaction.
  2. Instruction-level isolation — Recovery transactions contain ONLY CloseAccount + 15% fee transfer. No generic transfers.
  3. Atomic bundling — Fee and recovery are in the same transaction. Fee only paid on success.
  4. No persistent authority — SolHunt never requests Approve, Delegate, or any persistent permission.

Recovery Flow

1. get_wallet_report        ← Full wallet analysis (health score, recoverable SOL, fee preview)
2. build_recovery_transaction  ← Build unsigned tx bytes
3. Agent signs locally      ← User/agent provides the signature  
4. Agent submits to RPC     ← Any Solana RPC or bundle

Security Audit Flow

1. scan_token_approvals     ← Find all dApp spending rights
2. build_revoke_transactions ← Build unsigned revocation txs
3. Agent signs locally

Tool Reference

get_wallet_report

Full wallet analysis. Always start here.

Input: { "wallet_address": "7nxJ...x8Lp" }

Output: health score, grade, recoverable_sol, fee_sol (15%), net_recoverable_sol, worth_recovering (boolean)

Decision: If worth_recovering is true (net > 0.001 SOL), proceed to build_recovery_transaction.

build_recovery_transaction

Build unsigned Solana transaction bytes to close zero-balance accounts and recover rent.

Input: { "wallet_address": "...", "destination_wallet": "...", "batch_number": 1 }

Output: { "unsigned_transaction": "base64...", "expires_at": "..." }

⚠️ Critical: Transactions expire in ~90 seconds. Sign and submit immediately.

scan_token_approvals

Find all dApps with permission to move the wallet's tokens.

Output: approvals by risk level (HIGH/MEDIUM/LOW), exposed value, dApp list

Decision: Any HIGH risk approvals should be revoked before recovery.

build_revoke_transactions

Build unsigned transaction to revoke dApp token approvals.

Safety: Revoking only removes permissions. It never moves funds.

Fees

  • Scan / Report: Free (10 calls/day free tier)
  • Recovery fee: 15% of recovered SOL (only on success)
  • Revoke fee: 0.001 SOL per transaction

Failure Handling

| Failure | Mitigation | |---------|------------| | INVALID_PARAMS | Validate base58, 32-44 chars before calling | | WALLET_NOT_FOUND | Wallet has no on-chain history | | RATE_LIMITED (429) | Check X-RateLimit-Reset, retry after | | Stale blockhash | Call build_recovery_transaction again for fresh bytes | | Zero closeable accounts | Wallet is clean, no recovery needed |