SolTokenBurner Whitepaper

SolTokenBurner is a non-custodial, client-side utility designed to allow Solana users to permanently burn SPL tokens and reclaim rent from unused or empty token accounts in a transparent, auditable, and user-controlled manner. The tool addresses a common ecosystem problem where users accumulate zero-balance tokens, spam tokens, or spam NFTs that are difficult or inconvenient to manage through standard wallet interfaces.

The primary goal of SolTokenBurner is to simplify these actions without introducing additional risk or abstraction. The application does not function as a protocol, does not deploy or interact with proprietary smart contracts, and does not introduce any custodial layer. Instead, it serves as a thin client that constructs standard Solana instructions and delegates full control of execution to the user’s wallet.

All sensitive operations - including token burns and associated account closures - are initiated explicitly by the user and must be reviewed and approved within the connected wallet interface. SolTokenBurner does not have the ability to execute transactions independently, modify transaction parameters after user confirmation, or perform background or automated actions of any kind.

The application has been live in production since 2023 and is actively used by thousands of Solana users. Over time, it has become part of a broader category of ecosystem utilities focused on account cleanup and asset management. Its design prioritizes clarity, minimalism, and predictability over feature complexity or automation.

By intentionally limiting scope and avoiding custom on-chain logic, SolTokenBurner reduces attack surface and systemic risk. The project favors transparent documentation, observable on-chain behavior, and explicit user consent as its primary trust and security mechanisms rather than relying on opaque logic or off-chain execution.

SolTokenBurner is implemented as a pure client-side web application running entirely within the user’s browser environment. The system does not rely on a backend service for transaction construction, signing, or submission, and there is no privileged execution context capable of initiating on-chain actions independently.

The application connects to the Solana network through public RPC endpoints and well-known third-party infrastructure providers. These connections are used exclusively to fetch read-only blockchain data, such as token accounts, balances, mint metadata, and associated account state.

All transaction logic is generated deterministically at the moment the user requests an action. When a burn is initiated, SolTokenBurner constructs standard Solana instructions in real time, including thecreateBurnCheckedinstruction from the official SPL Token Program and, where applicable, associated token account close instructions.

These instructions are passed directly to the connected wallet without modification or abstraction. The wallet is responsible for presenting the full transaction details - including affected accounts, network fees, token amounts, and balance changes - to the user for review. SolTokenBurner has no ability to alter the transaction once it has been handed to the wallet.

Importantly, the application does not deploy, invoke, or depend on any proprietary smart contracts or upgradeable on-chain programs. All interactions occur through well-established Solana system programs and the official SPL Token Program, which are widely used and extensively reviewed across the ecosystem.

This architecture intentionally prioritizes transparency and predictability. By limiting all execution to explicit wallet-approved instructions and avoiding hidden or asynchronous behavior, SolTokenBurner minimizes both operational complexity and attack surface.

SolTokenBurner follows a strictly user-driven operational flow. Every on-chain action is initiated explicitly by the user and must be approved by the connected wallet. There are no automated processes, scheduled tasks, or background executions performed by the application.

The application provides two main utilities - a token burner and a token cleaner - both of which rely on standard Solana instructions and explicit wallet confirmation.

Token Burner (Single-Token Burn)

The token burner tool is designed to burn tokens one at a time. The user manually enters an amount to burn and then initiates the action. Upon user confirmation, the application constructs a single burn instruction using the official SPL Token Program:

createBurnCheckedInstruction(
  ata,        // token account
  mint,       // token mint
  publicKey,  // token owner
  rawAmount,  // amount to burn
  decimals,
  [],         // multisig (unused)
  programId,  // SPL Token Program
)

This instruction is generated in real time based on current on-chain state and passed directly to the connected wallet for review and approval.

Cleaner Tool (Burn and Close Flow)

The cleaner tool allows users to select multiple token accounts for cleanup. For each selected account, the application follows a deterministic and transparent process:

• If the token account holds a non-zero balance, the remaining tokens are first burned using the samecreateBurnCheckedInstruction.
• After the balance is reduced to zero, acreateCloseAccountInstruction is added to the same transaction to reclaim rent.

createCloseAccountInstruction(
  ata,        // token account
  publicKey,  // destination for reclaimed rent
  publicKey,  // authority
  [],         // multisig (unused)
  programId,  // SPL Token Program
)

Both instructions are included in a single transaction where applicable and submitted to the wallet as a complete instruction set. The wallet presents all affected accounts, balance changes, and fees before the user approves the transaction.

If approved, the wallet signs the transaction and submits it to the Solana network. SolTokenBurner does not and cannot intercept, modify, or resubmit transactions after signing.

In addition to the standard token burner and cleaner flows, SolTokenBurner provides a few other advanced utilities. All features follow the same core principles: deterministic behavior, standard Solana programs, and explicit wallet approval for every on-chain action.

Burn Stuck Tokens (Incinerator Burn)

Some token accounts become inaccessible when the original owner accidentally sends tokens to the Incinerator address

Tokens can be burned from the Incinerator wallet because the token accounts are owned by a Program Derived Address (PDA), meaning no private key is associated with the address. Any user may construct and submit a burn instruction.

The burn process uses the same standard SPL Token instruction:

createBurnCheckedInstruction(
  incineratorATA, // PDA-owned token account
  mint,           // token mint
  publicKey,      // signer (you)
  rawAmount,      // amount to burn
  decimals,
  [],
  programId,      // SPL Token Program
)

The transaction is submitted to the wallet as usual, confirming that the burn is executed on-chain using official instructions only.

Create Token (New Mint Initialization)

SolTokenBurner allows users to create a brand-new SPL token from scratch. The application constructs all required instructions locally and submits them as a single transparent transaction.

Metadata is created using the official Metaplex Token Metadata Program.

const mint = Keypair.generate();
const lamports = await connection.getMinimumBalanceForRentExemption(MINT_SIZE);

const tokenProgram = TOKEN_PROGRAM_ID;

// Create mint account
const ixMintAcct = SystemProgram.createAccount({
  fromPubkey: publicKey,
  newAccountPubkey: mint.publicKey,
  space: MINT_SIZE,
  lamports,
  programId: tokenProgram,
});

// Initialize mint
const ixInitMint = createInitializeMintInstruction(
  mint.publicKey,
  decimalsNum,
  publicKey,
  publicKey,
  tokenProgram,
);

// Create associated token account
const ata = await getAssociatedTokenAddress(
  mint.publicKey,
  publicKey,
  false,
  tokenProgram,
);

const ixATA = createAssociatedTokenAccountInstruction(
  publicKey,
  ata,
  publicKey,
  mint.publicKey,
  tokenProgram,
);

// Mint initial supply
const amount = BigInt(Number(supply) * 10 ** decimalsNum);

const ixMintTo = createMintToInstruction(
  mint.publicKey,
  ata,
  publicKey,
  amount,
  [],
  tokenProgram,
);

const [metadataPda] = PublicKey.findProgramAddressSync(
  [
    Buffer.from("metadata"),
    TOKEN_METADATA_PROGRAM_ID.toBuffer(),
    mint.publicKey.toBuffer(),
  ],
  TOKEN_METADATA_PROGRAM_ID,
);

const ixMetadata = createCreateMetadataAccountV3Instruction(
  {
    metadata: metadataPda,
    mint: mint.publicKey,
    mintAuthority: publicKey,
    payer: publicKey,
    updateAuthority: publicKey,
  },
  {
    createMetadataAccountArgsV3: {
      data: {
        name,
        symbol,
        uri: metadataUrl,
        sellerFeeBasisPoints: 0,
        creators: null,
        uses: null,
        collection: null,
      },
      isMutable: true,
      collectionDetails: null,
    },
  },
);

Mint Additional Tokens

If the mint authority is retained, users can mint additional tokens to an associated token account using the standard SPL Token instruction.

createMintToInstruction(
  mintPK,
  ata,
  publicKey,
  mintRaw,
  [],
  programId,
)

Revoke Token Authorities

To make a token trustless and immutable, SolTokenBurner allows users to revoke critical authorities. Once revoked, these actions cannot be undone.

Revoke Freeze Authority

createSetAuthorityInstruction(
  mintPK,
  publicKey,
  AuthorityType.FreezeAccount,
  null,
  [],
  programId,
);

Revoke Mint Authority

createSetAuthorityInstruction(
  mintPK,
  publicKey,
  AuthorityType.MintTokens,
  null,
  [],
  programId,
);

All authority changes are included as explicit instructions in a wallet-approved transaction, ensuring complete user control and on-chain verification.

A small per-transaction service fee is included as part of the instruction set and transferred on-chain to a publicly visible address at

This operational model ensures users retain full control, clear visibility, and deterministic behavior at every step of the process.

SolTokenBurner is designed around a strict non-custodial security model. The application never requests private keys, seed phrases or recovery secrets, and never signs or submits transactions on behalf of users. All cryptographic signing is performed exclusively within the user’s chosen wallet environment.

The scope of the application is intentionally limited to reduce attack surface. SolTokenBurner does not maintain user sessions, run background services, schedule automated transactions, or execute privileged code. All actions require direct user interaction and explicit wallet approval.

On-chain interactions are constrained to well-established and widely used Solana programs, including the Solana System Program and the official SPL Token Program. The application does not deploy, invoke, or depend on any proprietary smart contracts, upgradeable logic, or opaque on-chain code paths.

Because all critical execution occurs through wallet-confirmed transactions, users are presented with full transaction previews before any on-chain state changes occur. This includes affected accounts, token amounts, and balance changes. SolTokenBurner cannot suppress, alter, or bypass these wallet confirmations.

Traditional smart-contract audits provide limited guarantees for applications whose logic resides entirely client-side. As such, SolTokenBurner emphasizes transparency, minimalism, and verifiability as its primary security controls. Any potentially malicious behavior would be immediately visible in the wallet’s transaction preview and on-chain transaction history.

Additional risk considerations include token-specific behavior. Some SPL tokens may implement extensions, transfer hooks, or custom program logic that affect burnability or account closure. SolTokenBurner does not attempt to override or bypass such mechanisms and relies on the Solana runtime and wallet to enforce protocol rules.

Overall security assurance is achieved through explicit user consent, reliance on mature Solana programs, public on-chain observability, and a deliberately narrow operational scope rather than through implicit trust or custodial controls.

SolTokenBurner does not collect, store, or process personal data of any kind.

We do not store wallet addresses, IP addresses, device identifiers, or usage analytics.

We do not use cookies, analytics, or tracking tools.

All interactions occur directly between your wallet and the Solana blockchain. Token data is fetched in real time from public RPC endpoints or third-party APIs.

SolTokenBurner is maintained by an independent developer operating under KitKat. The project is not operated by a company or custodial entity and does not involve administrative control over user funds or on-chain state.

Maintenance includes ensuring compatibility with Solana and SPL Token updates, addressing bugs, and keeping public documentation accurate and up to date.

While the maintainer operates pseudonymously, accountability is provided through transparency, explicit wallet approvals, and publicly verifiable on-chain behavior.

Token behavior may vary due to custom programs, SPL extensions, transfer hooks, or protocol-level restrictions. As a result, some tokens may be non-burnable or behave differently than expected.

SolTokenBurner is provided on an “as is” and “as available” basis. The application does not provide financial, legal, or investment advice, and users remain fully responsible for all transactions they approve.