registry  /  @hfunlabs/hypurr-connect  /  0.1.33

@hfunlabs/hypurr-connect@0.1.33

React authentication and wallet connectivity library for the [Hyperliquid](https://hyperliquid.xyz) decentralized exchange via the [Hypurr](https://hypurr.fun) gRPC backend. Provides two authentication paths — **Telegram OAuth** and **EOA wallet** (MetaMa

AI Security Review

scanned 2h ago · by lpm-firewall-ai

The package is a browser wallet-connect library. User authentication and trading actions contact Hypurr and Hyperliquid services; EOA agent approval is wallet-prompted, but agent private keys are retained in browser localStorage.

Static reason
One or more suspicious static signals were detected.
Trigger
Consumer imports and uses the provider, then authenticates or performs an L1 trading action.
Impact
A same-origin compromise could access retained agent keys; source inspection found no package-originated exfiltration or stealth execution.
Mechanism
OAuth/gRPC wallet connectivity plus locally stored delegated signing-agent keys.
Rationale
The package is not malicious by source evidence, but it implements a high-impact delegated signing capability and retains the private key in localStorage. Flag as warn for consumer risk rather than block.
Evidence
package.jsonsrc/index.tssrc/grpc.tssrc/HypurrConnectProvider.tsxsrc/agent.tssrc/privateKeySigner.tssrc/agentWallet.tsREADME.md
Network endpoints8
grpc.hypurr.funauth.hypurr.fun/loginmedia.hypurr.funapi.hyperliquid.xyz/infoapi.hyperliquid.xyz/exchangeapi.hyperliquid-testnet.xyz/infoapi.hyperliquid-testnet.xyz/exchangeapi-ui.hyperliquid-testnet.xyz/exchange

Decision evidence

public snapshot
AI called this Suspicious at 87.0% confidence as Dangerous Capability with low false-positive risk.
Evidence for warning
  • `src/agent.ts` generates 32-byte private keys and persists agent keys in `localStorage`.
  • `src/HypurrConnectProvider.tsx` can auto-provision a signing agent on first L1 action after a wallet signature prompt.
  • `src/HypurrConnectProvider.tsx` requests broad Telegram wallet/trading/agent scopes.
Evidence against
  • `package.json` has only `prepare: husky`, with no install/preinstall/postinstall hook.
  • Entrypoint `src/index.ts` only exports React/UI and transport APIs; no install-time execution found.
  • Network calls target configured Hypurr endpoints and Hyperliquid APIs for documented auth, gRPC, and exchange actions.
  • No Node filesystem access, shell execution, dynamic code loading, credential harvesting, or unrelated exfiltration found.
Behavioral surface
Source
ChildProcessNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
GitDependencyNoLicense
scanned 23 file(s), 594 KB of source, external domains: api-ui.hyperliquid-testnet.xyz, api.hyperliquid-testnet.xyz, api.hyperliquid.xyz, auth.hypurr.fun, fonts.googleapis.com, grpc.hypurr.fun, media.hypurr.fun, www.w3.org

Source & flagged code

3 flagged · loading source
src/agent.tsView file
Published source reference
Medium
Ai Review Evidence

`src/agent.ts` generates 32-byte private keys and persists agent keys in `localStorage`.

src/agent.tsView on unpkg
src/HypurrConnectProvider.tsxView file
Published source reference
Medium
Ai Review Evidence

`src/HypurrConnectProvider.tsx` can auto-provision a signing agent on first L1 action after a wallet signature prompt.

src/HypurrConnectProvider.tsxView on unpkg
Published source reference
Medium
Ai Review Evidence

`src/HypurrConnectProvider.tsx` requests broad Telegram wallet/trading/agent scopes.

src/HypurrConnectProvider.tsxView on unpkg

Findings

5 Medium5 Low
MediumNetwork
MediumGit Dependency
MediumAi Review Evidencesrc/agent.ts
MediumAi Review Evidencesrc/HypurrConnectProvider.tsx
MediumAi Review Evidencesrc/HypurrConnectProvider.tsx
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License