kora-plugins

Branch Model (Mar 18, 2026): main is the integration branch and may contain audited and unaudited commits. Audit status is tracked per commit/tag in audits/AUDIT_STATUS.md. Stable production releases are published from tagged audited snapshots.

Kora is your Solana signing infrastructure. Enable gasless transactions where users pay fees in any token—USDC, BONK, or your app's native token—or handle any transaction signing that requires a trusted signer.

Why Kora?

• Better UX: Users never need SOL
• Revenue Control: Collect fees in USDC, your token, or anything else
• Production Ready: Secure validation, rate limiting, monitoring built-in
• Easy Integration: JSON-RPC API + TypeScript SDK
• Flexible Deployment: Railway, Docker, or any cloud platform

Architecture

• Language: Rust with TypeScript SDK
• Protocol: JSON-RPC 2.0
• Signers: Solana Private Key, Turnkey, Privy
• Authentication: API Key, HMAC, or none
• Deployment: Flexible deployment options (Docker, Railway, etc.)

Features

• Configurable validation rules and allowlists
• Full Token-2022 support with extension filtering
• Redis caching for improved performance
• Rate limiting and spend protection
• Secure key management (Turnkey, Privy, Vault)
• HMAC and API key authentication
• Prometheus metrics and monitoring
• Enhanced fee payer protection policies

Quick Start

Install Kora:

cargo install kora-cli

Basic usage:

kora rpc [OPTIONS] # --help for full list of options

→ Full Documentation - Learn how Kora works

→ Quick Start Guide - Get Kora running locally minutes

→ Node Operator Guide - Run a paymaster

TypeScript SDK

Kora provides a simple JSON-RPC interface:

// Initialize Kora client
import { KoraClient } from '@solana/kora';
const kora = new KoraClient({ rpcUrl: 'http://localhost:8080' });

// Sign transaction as paymaster
const signed = await kora.signTransaction({ transaction });

→ API Reference

Local Development

Prerequisites

• Just (command runner)
• Rust 1.86+
• Solana CLI 2.2+
• Node.js 20+ and pnpm (for SDK)

Installation

git clone https://github.com/solana-foundation/kora.git
cd kora
just install

Build

just build

Running the Server

Basic usage:

kora rpc [OPTIONS]

Or for running with a test configuration, run:

just run

Local Testing

And run all tests:

just test

Repository Structure

kora/
├── crates/                   # Rust workspace
│   ├── kora-lib/             # Core library with RPC server (signers, validation, transactions)
│   └── kora-cli/             # Command-line interface and RPC server
├── sdks/                     # Client SDKs
│   └── ts/                   # TypeScript SDK
├── tests/                    # Integration tests
├── docs/                     # Documentation
│   ├── getting-started/      # Quick start guides
│   └── operators/            # Node operator documentation
├── justfile                  # Build and development commands
└── kora.toml                 # Example configuration

Security Audit

Kora has been audited by Runtime Verification. View the audit report.

Audit status, audited-through commit, and the current unaudited delta are tracked in audits/AUDIT_STATUS.md.

Note: Kora uses the solana-keychain package which has not been audited. Use at your own risk.

Community & Support