For the complete documentation index, see llms.txt
Wallet reference
Reference material for the community wallets covered in the overview: the full functionality matrix, troubleshooting, a security checklist, broader ecosystem compatibility, and a glossary.
Functionality matrix
These are the granular tie-breakers, for once the matrix and the per-wallet profiles have narrowed your choice. Legend: Yes; No; Partial (caveats below); Not documented (not publicly documented as of June 2026); and n/a.
Platforms and availability
| Wallet | Browser extension | Mobile app | Midnight-native | Open source |
|---|---|---|---|---|
| Lace | Yes (Chrome/Edge) | No (Midnight) | No | Yes |
| 1AM | Yes (Chrome, Firefox) | Yes (beta) | Yes | No |
| Kuira | No | Yes (Android, alpha) | Yes | Partial (source jars; repo private) |
| urble | No | Yes | Yes | Not documented |
| Dynamic | No (SDK) | Via SDK | No | No |
| Ctrl | Yes (Chrome) | Yes | No | No |
| Gero | Yes | Yes | No | No |
Privacy and assets
| Wallet | NIGHT | DUST | Shielded txns | Unshielded txns | Shielded by default | Selective disclosure |
|---|---|---|---|---|---|---|
| Lace | Yes | Yes | Yes | Yes | No | Not documented |
| 1AM | Yes | Yes | Yes | Yes | Yes | Yes |
| Kuira | Yes | Yes | Yes | Yes | Not documented | Not documented |
| urble | Not documented | Not documented | Yes | Not documented | Yes | Yes |
| Dynamic | No | No | No | No | No | No |
| Ctrl | Yes | Not documented | Not documented | Not documented | No | Not documented |
| Gero | Yes | Not documented | Not documented | Not documented | Not documented | Not documented |
Proving and fees
| Wallet | In-browser / on-device proving | Local prover needed | getProvingProvider | Gas sponsorship |
|---|---|---|---|---|
| Lace | No | Yes | No | No |
| 1AM | Yes (WASM; Halo2/BLS12-381) | No | Yes | Not documented |
| Kuira | Yes (on-device, mobile) | No | n/a | Not documented |
| urble | Not documented | Not documented | Not documented | Not documented |
| Dynamic | No | n/a | Not documented | Yes (non-Midnight) |
| Ctrl | Not documented | Not documented | Not documented | Not documented |
| Gero | Not documented | Not documented | Not documented | Not documented |
Developer integration
| Wallet | DApp Connector | signData | Dedicated SDK | DApp browser | Hardware wallet | Cardano / multi-chain | Staking |
|---|---|---|---|---|---|---|---|
| Lace | Yes (mnLace) | No | No | n/a | Yes (Cardano) | Yes | Yes (Cardano) |
| 1AM | Yes ('1am') | Not documented | Announced / Not documented | Yes | Not documented | No | Not documented |
| Kuira | Not documented | Not documented | Yes (Android, public docs) | n/a | Not documented | No | Not documented |
| urble | No | Not documented | No | No | Not documented | No | No |
| Dynamic | No | Not documented | Yes (non-Midnight) | n/a | No | No (other chains) | No |
| Ctrl | Partial | Not documented | No | Yes | Yes (Ledger/Trezor) | Yes | Yes |
| Gero | Not documented | Not documented | No | Not documented | Not documented | Yes | Not documented |
Notes:
- Ctrl's DApp Connector is Partial: a connector the vendor states, so feature-detect it at runtime.
- Gero's cells are Not documented and vendor-stated, pending public documentation; Gero is a valid Cardano-side NIGHT claim wallet.
- Dynamic's cells reflect its lack of documented Midnight support.
- 1AM gas sponsorship is not documented (see the note in 1AM).
- 1AM announced a dedicated SDK but has not documented it. The advertised "Proof Station SDK" has no published package or docs (see 1AM), so integrate 1AM through the standard connector.
- Kuira's proving is on-device on Android, counted in the proving column above, not browser WASM.
- Kuira's dedicated SDK is the one mobile SDK with public docs (see Kuira).
Developer experience
While building, the daily question is which wallet gives the best development loop. The table below scores four capabilities:
- a local network (
undeployed, a disposable Midnight-in-Docker stack with no faucets); - custom servers;
- reproducible test wallets from a known seed;
- headless CI runs, with no human clicking approve.
| Wallet | Local network (undeployed) | Custom servers | Reproducible test wallets | Headless / CI |
|---|---|---|---|---|
| wallet CLI | Yes (localnet up) | Yes (config set) | Yes (seed-based wallet generate) | Yes (serve --approve-all) |
| Lace | Partial (local proof server) | Partial (proof-server URL) | No (UI-generated seed) | No (manual pop-up approval) |
| 1AM | Not documented | Not documented | No | No (manual approval) |
| Kuira | Not documented | Not documented | Partial (wallet-seed module) | No (mobile, biometric approval) |
For the inner development loop, the wallet CLI covers every column: a local network, reproducible fixtures, and no human in the way (see Develop and test without a wallet). The browser and mobile wallets are end-user surfaces. Build and test against the CLI, then let users connect with Lace or 1AM, or ship Kuira embedded.
Troubleshooting and error reference
Symptom, then cause, then fix. The ledger and connector errors come first, then the CLI JSON error contract (--json returns {error, code, message, exitCode}).
| Symptom / error | Likely cause | Fix |
|---|---|---|
BalanceCheckOverspend (138) | Not enough DUST for fees | Wait for DUST (about 12 hours on a fresh Lace; about 5 minutes locally) or designate more NIGHT; read getDustBalance() first |
| Authorize pop-up never appears, or connect hangs | connect() not called synchronously on click | Call connect() directly in the click handler; do not await or setTimeout before it |
window.midnight is undefined | Extension not installed or enabled, or injected after load | Prompt to install, then refresh; for auto-reconnect, poll before connecting |
getProvingProvider is not a function (Lace) | Lace does not implement it | Feature-detect and use a local proof server (forum) |
signData "Method not implemented" (Lace) | Unimplemented on Lace | Avoid signature-based auth on Lace; feature-detect first (Lace issues) |
| Proof generation fails, or prover unreachable | Local proof server down, or Brave Shields blocking it | Start it on localhost:6300; disable Brave Shields for the origin |
| Network mismatch | DApp and wallet on different networks | Reconcile to getConnectionStatus().networkId via setNetworkId(...) |
| 1AM first proof very slow | A few MB of WASM cold-start | Pre-warm, or show a "loading prover" state |
| Deploy fails before it starts | Wallet not fully synced | Wait for wallet sync to complete before deploying |
CLI DUST_REQUIRED (exit 5) | No DUST | midnight dust register, then retry once DUST generates |
CLI INSUFFICIENT_BALANCE (exit 5) | Not enough NIGHT | Fund the wallet (faucet on testnets; airdrop only on undeployed) |
CLI NETWORK_ERROR (exit 4) | Connection refused, timeout, or DNS | Check node and indexer endpoints |
CLI PROOF_TIMEOUT (exit 6) | ZK proof timed out | Ensure the proof server is healthy; retry; reduce circuit complexity |
CLI STALE_UTXO (exit 6) | UTXOs consumed by another transaction | midnight cache clear, then rebuild |
CLI TX_REJECTED (exit 6) | Node rejected the transaction (TTL or validity) | Inspect the message and rebuild with current state |
CLI codes are a documented contract (see the CLI's JSON-output reference). For canonical Midnight error and status codes, use the midnight-status-codes reference.
Security checklist
The connector hands your page data from an untrusted extension, so treat it accordingly:
- Sanitize the wallet
name, and render theiconwith<img src>, neverinnerHTML(XSS). - Validate
networkId: reconcile togetConnectionStatus().networkIdand refuse mismatches. - Do not trust injected data as authority:
rdnsandnameare for display and selection, not security decisions. Match the expectedrdns, and tell users to install only from official stores. - Keep witness data local: prefer in-browser proving (1AM) or a local proof server (Lace). If you ever use a hosted prover, say so.
- Confirm fee sponsorship: not all wallets sponsor fees, so verify on your target network before you promise a "no DUST needed" experience.
- Guard agent (MCP) access hard: scope tools, cap spend per action and per day, allowlist destinations, and require human confirmation for anything irreversible. An agent with unbounded signing authority is the highest-risk cell on the grid.
Broader ecosystem compatibility
Beyond the wallets profiled in the overview, more Cardano wallets announced Midnight and NIGHT compatibility around the token generation event (TGE) and Glacier Drop. Most target claiming and holding NIGHT rather than deep DApp integration, adding entries to the self-custody browser and mobile cells:
- Announced self-custody (pre-mainnet): Lace, SubWallet, NuFi, Vespr, Gero, Tokeo, Keystone, Yoroi, and Begin Wallet. These are forward-looking, so treat them as announced. (Midnight blog)
- Glacier Drop claim wallets (Cardano side): Yoroi, Typhon, Gero, Vespr, Eternl (desktop), and NuFi. (compatibility)
- Embedded / Wallet-as-a-Service: Dynamic (social and passkey login, TSS-MPC keys, gas sponsorship) lists EVM, Solana, Bitcoin, and Sui, but does not list Midnight or Cardano. It appears as
dynamic_xyzin the catalog with no first-party Midnight support as of June 2026. Treat Midnight support as unconfirmed; for passkey onboarding on Midnight, use Wallet-IaaS or Smart Custody. (dynamic.xyz, TSS-MPC) - Institutional / MPC: Fireblocks for institutional custody of NIGHT, the MPC console and API cell. (Midnight and Fireblocks)
For the authoritative current list, see the ecosystem catalog (use the institutional-custody tag for the custody and MPC slice).
Glossary
Wallet-relevant terms.
- Custody model: who controls the keys; the matrix rows (self-custody, custodial, account abstraction, and MPC).
- Self-custody / custodial: keys on your device, where no third party can sign, versus a provider that holds the keys and signs.
- Account abstraction (AA): the account is on-chain code with programmable authorization. Not native to Midnight as of June 2026.
- MPC / threshold (TSS): the protocol splits the key into shares, and an m-of-n quorum signs without reconstructing a full key. The basis of institutional custody (Fireblocks for NIGHT).
- Interface: how you reach the wallet; the matrix columns (browser, mobile, CLI, and MCP).
- MCP (Model Context Protocol): a standard by which AI agents call tools, either wallet tools (move funds) or developer tools (help you build).
- Midnight Passport: an announced first-party seedless, QR-onboarded consumer wallet (browser and mobile) from Input Output, with per-device hardware-resident keys and trusted-helper recovery. Input Output has not yet publicly detailed the exact scheme (MPC versus secure-enclave) (see Midnight Passport).
- Sigil: Kuira's identity primitive, a passkey-derived DID minted by one biometric, with no seed phrase. The SDK exposes it as a swappable
SigilIdentityProvider, and Kuira names Midnight Passport as a planned future backend. - On-device proving: generating a transaction's ZK proof on your phone (Kuira, Android) in seconds. No local proof server runs, and nothing leaves the device. The mobile counterpart to 1AM's in-browser WASM proving.
- NIGHT / DUST: the native value token (public, and the source of DUST) versus a shielded, non-transferable, decaying fee resource with a
balanceand acap. - Shielded vs unshielded: Midnight's dual ledger, private versus public state. 1AM and urble default to shielded; Lace is opt-in.
- Selective disclosure / viewing key: reveal specific facts without exposing full data; a read-only key for auditors.
- DApp Connector / CAIP-372: the standard by which a wallet injects an API under
window.midnight. - rdns: the reverse-DNS wallet id used for discovery (
mnLace,'1am'). - Intent: an often unbalanced set of inputs and outputs; the building block for transfers and swaps.
- Sealed vs unsealed tx: ready-to-submit (proofs plus binding) versus pre-binding.
- Relayer: submits a transaction and pays its fees on your behalf; the basis of "gas sponsorship".
- Proving provider: the abstraction (
getProvingProvider) for delegating ZK proving to the wallet. - Bech32m: the address encoding the connector returns.
- Local proof server: the native binary (
localhost:6300) that generates ZK proofs for wallets that do not prove in-browser. - Wallet-IaaS / Smart Custody: Midnight infrastructure for delegated or embedded wallet provisioning, also called Wallet-as-a-Service (WaaS); the route for social and passkey onboarding.
- DID (decentralized identifier): a self-owned identifier (for example
did:key:…) not issued by a central authority. In Kuira, the wallet derives a DID from a passkey to form the Sigil.
Sources
DApp Connector and standard
- DApp Connector API reference
- Connector repo and specification
@midnight-ntwrk/dapp-connector-apion npm (v4.0.1)- React wallet-connect guide
- CAIP-372 draft
- Midnight ecosystem catalog (institutional-custody tag)
- Reference DApp (Lace and 1AM): Edda Labs midnight-starter-template
- Video: Lace and 1AM with the DApp Connector
Custody models and institutional
Midnight Passport: announced by Input Output; follow Midnight's official channels for updates.
Developer, AI, and agent tooling (MCP)
- Wallet CLI on npm (commands,
midnight serve, MCP server) - Wallet CLI repo (v0.4.1)
- CLI connector client on npm
- Video: Multi-Language Dev Session #22, midnight-wallet-cli
- Video: Midnight for Developers, Midnight MCP
- Midnight Expert marketplace
- Edda Labs marketplace
Lace
- Lace Midnight page; Lace wallet guide
- Lace GitHub repo and issue tracker
- Forum: Lace doesn't implement getProvingProvider
- Forum: Unable to get wallet address from Lace
1AM
Kuira
- Kuira Android SDK docs
- Maven Central:
io.github.kuiralabs:dapp-ui:0.1.0-alpha02
urble, Dynamic, Ctrl, Gero
- urble (Brick Towers)
- Dynamic website; Dynamic embedded wallets (TSS-MPC)
- Ctrl website; Scavenger Mine by Ctrl
- Gero Midnight wallet page
Broader compatibility and dev workflow
- Looking ahead to Midnight self-custody wallet integrations
- Glacier Drop wallets and address-type compatibility
The Edda Labs midnight-starter-template (the wallet-widget module) implements the connect and discovery patterns from the integration guide, wiring Lace and 1AM through @midnight-ntwrk/dapp-connector-api v4.0.1.