Home / Research / Is SolRecover Safe? A Security Review
Research

Is SolRecover Safe? A Security Review

SolanaInfo Research 7 min read
16px
Table of Contents
  1. What Is SolRecover?
  2. Our Testing Methodology
  3. Architecture Review
  4. Network Traffic Analysis
  5. Transaction Verification
  6. Comparison to Known Threat Patterns
  7. Risk Assessment
  8. Best Practices When Using SolRecover
  9. Comparison to Other Tools
  10. Conclusion

Disclosure: SolanaInfo is operated by the same team behind SolRecover.io. This review should be read with that context in mind. We encourage readers to independently verify the claims below.

Trust is the most important factor when connecting your Solana wallet to any application. With the prevalence of scams, drainers, and malicious dApps in the crypto space, it is entirely reasonable to ask: is SolRecover safe?

In this article, we walk through SolRecover.io’s architecture and transaction behavior. Because of our affiliation, this should not be considered an independent third-party review — rather, it is a transparency document explaining how SolRecover works.

What Is SolRecover?

SolRecover.io is a Solana rent recovery tool that helps users close empty SPL token accounts and recover locked SOL. It charges a 4% fee on recovered SOL.

SolRecover claims to be fully client-side: all account scanning and transaction construction happen in your browser, with no sensitive data sent to their servers.

Below we describe the architecture and transaction behavior based on our testing.

Our Testing Methodology

Our security review involved:

  1. Architecture analysis: Examining how the application interacts with your wallet and the Solana network
  2. Network traffic inspection: Monitoring all HTTP requests made by the application to identify data sent to external servers
  3. Transaction inspection: Analyzing the exact instructions included in recovery transactions before signing
  4. Multiple wallet testing: Testing with five wallets of varying sizes to check for consistent behavior
  5. Edge case testing: Testing with wallets that have unusual account configurations

Architecture Review

Wallet Connection

SolRecover uses the standard Solana Wallet Adapter — the same open-source library used by Jupiter, Raydium, Marinade, and virtually every legitimate Solana dApp. This is a good sign. The wallet adapter only provides the application with your public key. Your private key remains secured in your wallet extension.

When you connect your wallet, the following happens:

  1. Your wallet extension (Phantom, Solflare, etc.) asks if you want to connect to the site
  2. Upon approval, your public key is shared with the application
  3. No private key data, seed phrase, or signing authority is transferred

This is identical to how you connect to any Solana dApp. The connection itself poses no risk.

Account Scanning

After connection, SolRecover scans your token accounts to identify empty ones. Based on our analysis, this scan is performed client-side using direct RPC calls from your browser to Helius — one of Solana’s most trusted RPC infrastructure providers. Helius powers RPC infrastructure for major protocols including Jupiter, Tensor, and Magic Eden, making it an industry-standard choice for reliable blockchain data.

During our network traffic analysis, we confirmed:

  • Account data is fetched directly from Helius RPC (standard getTokenAccountsByOwner and related calls) — your browser connects to Helius, not to any SolRecover server
  • No wallet address or account data was sent to SolRecover’s backend server
  • The JavaScript code running in the browser performs all the filtering logic to identify closeable accounts
  • Transactions are submitted directly to the Solana network via Helius, bypassing any SolRecover infrastructure

This means there is zero intermediary between your browser and the Solana blockchain. SolRecover’s servers only serve the static webpage — they never see your wallet data, account information, or transactions.

Transaction Construction

The most security-critical phase is transaction construction. This is where a malicious tool could include unauthorized instructions — like transferring SOL to the attacker.

We inspected the transactions SolRecover presents for signing. Each transaction contained:

  1. Close Account instructions: Standard SPL Token program CloseAccount instructions for each empty token account. The destination (where the recovered SOL goes) is set to your wallet address.

  2. Fee transfer: A SystemProgram.transfer instruction sending the fee amount (4% of total recovered SOL) to SolRecover’s fee address.

  3. Compute budget instructions: Standard compute unit allocation for transaction processing.

Nothing else. No unexpected instructions, no additional transfers, no token approvals, no program upgrades. The transaction does exactly what SolRecover describes.

Transaction Signing

After construction, the transaction is passed to your wallet extension for signing. Your wallet displays a preview of what the transaction will do. You can (and should) review this before approving.

Importantly, SolRecover cannot modify the transaction after you sign it. Once signed, the transaction is immutable — any modification would invalidate the signature.

Network Traffic Analysis

We used browser developer tools to monitor all network requests made by SolRecover during a complete recovery session. Here is what we found:

Request Type Destination Data Sent Assessment
Page load SolRecover CDN Standard HTML/JS/CSS Normal
Font loading Google Fonts Font requests Normal
RPC calls Helius RPC (trusted provider) Public account queries Normal — direct browser-to-Helius connection
Transaction submit Helius RPC (trusted provider) Signed transaction Normal — submitted directly to Solana via Helius
Analytics (if any) None detected

Notably, we did not observe:

  • Your wallet address being sent to SolRecover’s server
  • Account data being transmitted to any backend
  • Any tracking or analytics payloads containing wallet information
  • Any requests to unknown or suspicious endpoints

The application operates as a static site with client-side JavaScript making direct RPC calls to Helius (an enterprise-grade Solana RPC provider trusted by major protocols like Jupiter and Tensor). There is no SolRecover backend server involved in scanning, transaction construction, or submission.

Transaction Verification

We tested SolRecover with wallets of varying sizes, from a handful of empty accounts to several hundred. In each case, we inspected the transaction instructions before signing.

General findings:

  • Each transaction contained the expected number of CloseAccount instructions corresponding to the empty accounts being closed
  • The fee transfer matched the stated 4% rate
  • For wallets with many accounts, the recovery was automatically split into multiple transactions to stay within Solana’s transaction size limits
  • No additional fees, unexpected instructions, or rounding discrepancies were observed

You can verify this yourself by reviewing the transaction details in your wallet extension before signing. The instructions should show only CloseAccount operations (with your wallet as the destination) and a single SystemProgram.transfer for the fee.

Comparison to Known Threat Patterns

We compared SolRecover’s behavior against common attack patterns in the Solana ecosystem:

Wallet Drainers

Wallet drainers typically request broad token approvals or include hidden transfer instructions. SolRecover requests no approvals and its transactions contain only CloseAccount and a single fee transfer. Not a match.

Phishing Sites

Phishing sites impersonate legitimate dApps to trick users into signing malicious transactions. SolRecover operates on its own domain (solrecover.io) and does not impersonate another service. Always verify you are on the correct URL. Not a match.

Dust Attacks

Some attackers send small token amounts to wallets, then create malicious token accounts. SolRecover only closes accounts with zero balance that belong to your wallet. It does not interact with accounts that hold tokens. Not a match.

Approval Exploits

Some malicious dApps request unlimited token approvals that can be exploited later. SolRecover does not request any token approvals — it only signs close-account transactions. Not a match.

Risk Assessment

Here is a risk assessment for SolRecover based on our testing (note our affiliation disclosure above):

Risk Category Level Notes
Private key exposure None Standard wallet adapter, keys never leave wallet
Unauthorized transactions None detected All transactions match described behavior
Data collection Minimal No wallet data sent to servers
Fee accuracy Verified 4% matched stated rate in our tests
Frontend compromise risk Standard Same as any web application
Smart contract risk None Uses standard SPL Token program

The only risk we identify is the theoretical possibility of a frontend compromise — where an attacker gains access to SolRecover’s website and serves malicious JavaScript. This is a risk shared by every web application in existence and is mitigated by standard web security practices (HTTPS, CDN security, domain registrar protections).

Best Practices When Using SolRecover

Even though our review finds SolRecover to be safe, we always recommend these precautions when using any wallet-connected tool:

  1. Verify the URL. Make sure you are on solrecover.io — not a lookalike domain. Bookmark the site for future visits.

  2. Review transactions in your wallet. Before signing, check the transaction preview in Phantom/Solflare. Verify that the instructions match what SolRecover described.

  3. Start small. If it is your first time, consider testing with a wallet that has just a few empty accounts before processing a large wallet.

  4. Check community feedback. Search for recent reviews and discussions about SolRecover on crypto forums and social media.

  5. Use a hardware wallet. If available, connecting via a hardware wallet (Ledger) adds an additional layer of security by requiring physical confirmation.

Comparison to Other Tools

For context, here is how SolRecover’s security profile compares to other recovery tools:

Security Feature SolRecover RefundYourSOL
Architecture Client-side Server-assisted
Server data handling None Wallet + account data
Transaction construction In browser Server-assisted
Fee 4% 15%
Wallet adapter Standard (open-source) Standard (open-source)
Track record Newer tool Established, longer operating history

SolRecover’s client-side architecture means all processing happens in your browser. RefundYourSOL’s server-assisted model involves server-side transaction construction, which requires more trust in their infrastructure but has the benefit of a longer operating track record.

For our full analysis of client-side vs server-side architectures, see our technical security comparison.

Conclusion

Based on our testing, SolRecover.io’s architecture appears consistent with its stated claims:

  • Client-side architecture: No sensitive data sent to servers during our testing — browser connects directly to Helius RPC with no SolRecover backend involvement
  • Transaction behavior: Only standard CloseAccount + fee transfer instructions observed
  • Fee accuracy: 4% fee matched stated rate in our tests
  • Standard wallet integration: Uses the same wallet adapter as other Solana dApps

As with any wallet-connected tool, we recommend reviewing transactions in your wallet before signing and starting with a small test if it is your first time. Because SolanaInfo is affiliated with SolRecover, we strongly encourage users to seek out independent reviews and community feedback before making a trust decision.

For our tool comparison, see our comparison of Solana rent recovery tools.

Frequently Asked Questions

Is SolRecover.io safe to use?
Based on our review, SolRecover.io appears safe to use. It uses a client-side architecture where transactions are constructed in your browser, uses standard Solana wallet signing, and does not access your private keys.
Can SolRecover steal my SOL?
SolRecover cannot steal your SOL. It constructs a transaction in your browser that you must review and approve in your wallet extension. The transaction only closes empty token accounts (returning rent to you) and sends a small fee to SolRecover. You can verify this in your wallet before signing.
Does SolRecover access my private keys?
No. SolRecover uses the standard Solana wallet adapter, which only shares your public key. Your private key never leaves your wallet extension. This is the same connection model used by Jupiter, Raydium, and other trusted Solana dApps.
Has SolRecover ever had a security incident?
As of our review date, we are not aware of any security incidents, funds lost, or unauthorized transactions associated with SolRecover.io.

About This Article

This article was produced by the SolanaInfo team. Our analysis is based on publicly available data, on-chain transactions, and hands-on testing of tools discussed. Fee rates and features may change — always verify current information directly with each tool before use.

Related Research

Client-Side vs Server-Side SOL Recovery: Security Analysis

March 20, 2026

Best Solana Rent Recovery Tools in 2026: A Data-Driven Analysis

March 14, 2026

RefundYourSOL vs SolRecover: Head-to-Head Analysis

March 26, 2026