From 26274cc8b7749aafba5fbdb4fd7f2902c42599e5 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 00:41:07 +0200
Subject: [PATCH 1/7] Improve validation

---
 src/utils/__tests__/addressValidation.test.ts | 93 ++++++++++++++++++-
 src/utils/addressValidation.ts                |  6 +-
 2 files changed, 96 insertions(+), 3 deletions(-)

diff --git a/src/utils/__tests__/addressValidation.test.ts b/src/utils/__tests__/addressValidation.test.ts
index 408e0f2..1c4ee49 100644
--- a/src/utils/__tests__/addressValidation.test.ts
+++ b/src/utils/__tests__/addressValidation.test.ts
@@ -1,5 +1,9 @@
 import { describe, it, expect } from 'vitest';
-import { validateLtcAddress } from '../addressValidation';
+import {
+  validateBtcAddress,
+  validateDgbAddress,
+  validateLtcAddress,
+} from '../addressValidation';
 
 describe('addressValidation', () => {
   describe('validateLtcAddress', () => {
@@ -80,4 +84,91 @@ describe('addressValidation', () => {
       });
     });
   });
+
+  describe('validateBtcAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept P2PKH addresses starting with 1', () => {
+        expect(validateBtcAddress('1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2')).toBe(true);
+      });
+
+      it('should accept P2SH addresses starting with 3', () => {
+        expect(validateBtcAddress('3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy')).toBe(true);
+      });
+
+      it('should accept Bech32 P2WPKH addresses (bc1q...)', () => {
+        expect(validateBtcAddress('bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq')).toBe(true);
+      });
+
+      it('should accept Bech32 addresses containing 0 and l (valid Bech32 charset)', () => {
+        // '0' and 'l' are valid Bech32 characters and must not be rejected
+        expect(validateBtcAddress('bc1q9kk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(true);
+      });
+
+      it('should accept Bech32 P2WSH addresses (bc1q... longer)', () => {
+        expect(
+          validateBtcAddress('bc1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3qccfmv3')
+        ).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateBtcAddress('')).toBe(false);
+        expect(validateBtcAddress('   ')).toBe(false);
+      });
+
+      it('should reject Bech32 addresses with invalid characters (1, b, i, o)', () => {
+        expect(validateBtcAddress('bc1q9kk1zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // '1'
+        expect(validateBtcAddress('bc1qbkk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // 'b'
+        expect(validateBtcAddress('bc1qikk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // 'i'
+        expect(validateBtcAddress('bc1qokk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // 'o'
+      });
+
+      it('should reject addresses with uppercase in Bech32 part', () => {
+        expect(validateBtcAddress('bc1Qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq')).toBe(false);
+      });
+
+      it('should reject LTC Bech32 addresses', () => {
+        expect(validateBtcAddress('ltc1q9kk0zvwglnw6twj7xj2j5qt94afc42l5pm7aj9')).toBe(false);
+      });
+    });
+  });
+
+  describe('validateDgbAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept P2PKH addresses starting with D', () => {
+        expect(validateDgbAddress('DMguqG5busEUvCg85sQBxUqUBmE7huM6xy')).toBe(true);
+      });
+
+      it('should accept P2SH addresses starting with S', () => {
+        expect(validateDgbAddress('SUngTA1vaC2E62mbnc81Mdos3TcKXMHkcy')).toBe(true);
+      });
+
+      it('should accept Bech32 P2WPKH addresses (dgb1q...)', () => {
+        expect(validateDgbAddress('dgb1qar0srrr7xfkvy5l643lydnw9re59gtzz9zw2cf')).toBe(true);
+      });
+
+      it('should accept Bech32 addresses containing 0 and l (regression)', () => {
+        // Regression: '0' was previously excluded from the dgb1 charset, rejecting valid addresses
+        expect(validateDgbAddress('dgb1q9kk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateDgbAddress('')).toBe(false);
+        expect(validateDgbAddress('   ')).toBe(false);
+      });
+
+      it('should reject Bech32 addresses with invalid characters (1, b, i, o)', () => {
+        expect(validateDgbAddress('dgb1q9kk1zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // '1'
+        expect(validateDgbAddress('dgb1qbkk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // 'b'
+        expect(validateDgbAddress('dgb1qokk0zvwglnw6twj7xj2j5qt94afc42l5h6kdsm')).toBe(false); // 'o'
+      });
+
+      it('should reject addresses with uppercase in Bech32 part', () => {
+        expect(validateDgbAddress('dgb1Qar0srrr7xfkvy5l643lydnw9re59gtzz9zw2cf')).toBe(false);
+      });
+    });
+  });
 });
diff --git a/src/utils/addressValidation.ts b/src/utils/addressValidation.ts
index 010eb8a..8352b32 100644
--- a/src/utils/addressValidation.ts
+++ b/src/utils/addressValidation.ts
@@ -4,10 +4,11 @@ import { EMPTY_STRING } from '../common/constants';
 /**
  * Validate Bitcoin (BTC) address format
  * Supports P2PKH (1...), P2SH (3...), and Bech32 (bc1...) addresses
+ * Bech32 uses charset: qpzry9x8gf2tvdw0s3jn54khce6mua7l (excludes 1, b, i, o)
  */
 export const validateBtcAddress = (address: string): boolean => {
   const pattern =
-    /^(1[1-9A-HJ-NP-Za-km-z]{33}|3[1-9A-HJ-NP-Za-km-z]{33}|bc1[02-9A-HJ-NP-Za-z]{39})$/;
+    /^(1[1-9A-HJ-NP-Za-km-z]{33}|3[1-9A-HJ-NP-Za-km-z]{33}|bc1[ac-hj-np-z02-9]{39,59})$/;
   return pattern.test(address.trim());
 };
 
@@ -43,10 +44,11 @@ export const validateRvnAddress = (address: string): boolean => {
 /**
  * Validate Digibyte (DGB) address format
  * Supports P2PKH (D...), P2SH (S...), and Bech32 (dgb1...) addresses
+ * Bech32 uses charset: qpzry9x8gf2tvdw0s3jn54khce6mua7l (excludes 1, b, i, o)
  */
 export const validateDgbAddress = (address: string): boolean => {
   const pattern =
-    /^(D[1-9A-HJ-NP-Za-km-z]{33}|S[1-9A-HJ-NP-Za-km-z]{33}|dgb1[2-9A-HJ-NP-Za-z]{39})$/;
+    /^(D[1-9A-HJ-NP-Za-km-z]{33}|S[1-9A-HJ-NP-Za-km-z]{33}|dgb1[ac-hj-np-z02-9]{39,59})$/;
   return pattern.test(address.trim());
 };
 

From 18a6e39ad2b5c2204d6a42c38fdb718377576584 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 00:49:25 +0200
Subject: [PATCH 2/7] Add validation tests

---
 src/utils/__tests__/addressValidation.test.ts | 139 ++++++++++++++++++
 1 file changed, 139 insertions(+)

diff --git a/src/utils/__tests__/addressValidation.test.ts b/src/utils/__tests__/addressValidation.test.ts
index 1c4ee49..5988963 100644
--- a/src/utils/__tests__/addressValidation.test.ts
+++ b/src/utils/__tests__/addressValidation.test.ts
@@ -1,8 +1,12 @@
 import { describe, it, expect } from 'vitest';
 import {
+  validateArrrAddress,
   validateBtcAddress,
   validateDgbAddress,
+  validateDogeAddress,
   validateLtcAddress,
+  validateQortAddress,
+  validateRvnAddress,
 } from '../addressValidation';
 
 describe('addressValidation', () => {
@@ -171,4 +175,139 @@ describe('addressValidation', () => {
       });
     });
   });
+
+  describe('validateDogeAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept P2PKH addresses starting with D', () => {
+        expect(validateDogeAddress('DH5yaieqoZN36fDVciNyRueRGvGLR3mr7L')).toBe(true);
+        expect(validateDogeAddress('DBXu2kgc3xtvCUWFcxFE3r9hEYgmuaaCyD')).toBe(true);
+      });
+
+      it('should accept addresses with leading/trailing whitespace', () => {
+        expect(validateDogeAddress('  DH5yaieqoZN36fDVciNyRueRGvGLR3mr7L  ')).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateDogeAddress('')).toBe(false);
+        expect(validateDogeAddress('   ')).toBe(false);
+      });
+
+      it('should reject addresses with an invalid prefix', () => {
+        expect(validateDogeAddress('AH5yaieqoZN36fDVciNyRueRGvGLR3mr7L')).toBe(false);
+        expect(validateDogeAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enQ8')).toBe(false); // RVN
+      });
+
+      it('should reject base58-ambiguous characters (0, O, I, l)', () => {
+        expect(validateDogeAddress('DH5yaieqoZN36fDVciNyRueRGvGLR3mr0L')).toBe(false); // '0'
+        expect(validateDogeAddress('DH5yaieqoZN36fDVciNyRueRGvGLR3mrlL')).toBe(false); // 'l'
+      });
+
+      it('should reject addresses that are too short or too long', () => {
+        expect(validateDogeAddress('DH5yaieqoZN36fDVciNyRueRGvGLR3mr')).toBe(false);
+        expect(validateDogeAddress('DH5yaieqoZN36fDVciNyRueRGvGLR3mr7Lextra')).toBe(false);
+      });
+    });
+  });
+
+  describe('validateRvnAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept P2PKH addresses starting with R', () => {
+        expect(validateRvnAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enQ8')).toBe(true);
+      });
+
+      it('should accept addresses with leading/trailing whitespace', () => {
+        expect(validateRvnAddress('\tRXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enQ8\n')).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateRvnAddress('')).toBe(false);
+        expect(validateRvnAddress('   ')).toBe(false);
+      });
+
+      it('should reject addresses with an invalid prefix', () => {
+        expect(validateRvnAddress('DXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enQ8')).toBe(false); // DOGE/DGB
+      });
+
+      it('should reject base58-ambiguous characters (0, O, I, l)', () => {
+        expect(validateRvnAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87en0Q')).toBe(false); // '0'
+        expect(validateRvnAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enlQ')).toBe(false); // 'l'
+      });
+
+      it('should reject addresses that are too short or too long', () => {
+        expect(validateRvnAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87en')).toBe(false);
+        expect(validateRvnAddress('RXissCG2jZTNd6Mp8x3Jpvw8Gqgj87enQ8extra')).toBe(false);
+      });
+    });
+  });
+
+  describe('validateArrrAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept Sapling shielded addresses (zs1...)', () => {
+        expect(
+          validateArrrAddress('zs1z7rejlpsa98s2rrrfkwmaxu53e4ue0ulcrw0h4x5g8jl04tak0d3mm47vdtahatqrlkngh9sla5')
+        ).toBe(true);
+      });
+
+      it('should accept addresses with leading/trailing whitespace', () => {
+        expect(
+          validateArrrAddress('  zs1z7rejlpsa98s2rrrfkwmaxu53e4ue0ulcrw0h4x5g8jl04tak0d3mm47vdtahatqrlkngh9sla5  ')
+        ).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateArrrAddress('')).toBe(false);
+        expect(validateArrrAddress('   ')).toBe(false);
+      });
+
+      it('should reject addresses with an invalid prefix', () => {
+        expect(
+          validateArrrAddress('zt1z7rejlpsa98s2rrrfkwmaxu53e4ue0ulcrw0h4x5g8jl04tak0d3mm47vdtahatqrlkngh9sla5')
+        ).toBe(false);
+      });
+
+      it('should reject addresses that are too short or too long', () => {
+        expect(
+          validateArrrAddress('zs1z7rejlpsa98s2rrrfkwmaxu53e4ue0ulcrw0h4x5g8jl04tak0d3mm47vdtahatqrlkngh9sla')
+        ).toBe(false);
+        expect(
+          validateArrrAddress('zs1z7rejlpsa98s2rrrfkwmaxu53e4ue0ulcrw0h4x5g8jl04tak0d3mm47vdtahatqrlkngh9sla5gg')
+        ).toBe(false);
+      });
+    });
+  });
+
+  describe('validateQortAddress', () => {
+    describe('valid addresses', () => {
+      it('should accept base58 addresses', () => {
+        expect(validateQortAddress('QgV4s3xnzLhVBEJxcYui4u4q11yhUHsd9v')).toBe(true);
+      });
+
+      it('should accept names (minimum 3 characters)', () => {
+        expect(validateQortAddress('Bob')).toBe(true);
+        expect(validateQortAddress('alice')).toBe(true);
+      });
+
+      it('should accept addresses with leading/trailing whitespace', () => {
+        expect(validateQortAddress('  Bob  ')).toBe(true);
+      });
+    });
+
+    describe('invalid addresses', () => {
+      it('should reject empty strings', () => {
+        expect(validateQortAddress('')).toBe(false);
+        expect(validateQortAddress('   ')).toBe(false);
+      });
+
+      it('should reject values shorter than 3 characters', () => {
+        expect(validateQortAddress('ab')).toBe(false);
+        expect(validateQortAddress(' a ')).toBe(false);
+      });
+    });
+  });
 });

From 4148485524f74f6e2fb574fc76f1eb1c4055c9e6 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 01:11:13 +0200
Subject: [PATCH 3/7] Improve maxSendable feature

---
 src/common/constants.ts                 |  6 +++
 src/pages/arrr/index.tsx                | 35 ++++++++------
 src/pages/btc/index.tsx                 | 43 ++++++++---------
 src/pages/dgb/index.tsx                 | 48 +++++++++----------
 src/pages/doge/index.tsx                | 41 ++++++++--------
 src/pages/ltc/index.tsx                 | 43 ++++++++---------
 src/pages/qort/index.tsx                | 17 +++----
 src/pages/rvn/index.tsx                 | 50 ++++++++++---------
 src/utils/__tests__/maxSendable.test.ts | 64 +++++++++++++++++++++++++
 src/utils/maxSendable.ts                | 50 +++++++++++++++++++
 10 files changed, 260 insertions(+), 137 deletions(-)
 create mode 100644 src/utils/__tests__/maxSendable.test.ts
 create mode 100644 src/utils/maxSendable.ts

diff --git a/src/common/constants.ts b/src/common/constants.ts
index bc9d706..e37fe88 100644
--- a/src/common/constants.ts
+++ b/src/common/constants.ts
@@ -11,6 +11,12 @@ export const DECIMAL_ROUND_UP: number = 8;
 // QORT section
 export const QORT_1_UNIT: number = 100000000;
 
+// Satoshis held back by "SEND MAX" so the prefilled amount stays strictly
+// within the spendable balance (absorbs fee-estimate / serialization slack).
+// 1000 sats = 0.00001 coin — negligible to the user, enough to clear the
+// host's "Insufficient funds" boundary check.
+export const SEND_MAX_SAFETY_BUFFER_SATS: number = 1000;
+
 // Fees
 export const ARRR_FEE: number = 0.0001;
 export const BTC_FEE: number = 500;
diff --git a/src/pages/arrr/index.tsx b/src/pages/arrr/index.tsx
index a6305c2..28107d1 100644
--- a/src/pages/arrr/index.tsx
+++ b/src/pages/arrr/index.tsx
@@ -67,6 +67,7 @@ import {
   ARRR_FEE,
   DECIMAL_ROUND_UP,
   EMPTY_STRING,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_2,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
@@ -88,6 +89,7 @@ import {
 } from '../../styles/page-styles';
 import { Coin } from 'qapp-core';
 import { validateArrrAddress } from '../../utils/addressValidation';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 
 interface TablePaginationActionsProps {
   count: number;
@@ -204,18 +206,14 @@ export default function PirateWallet() {
   const [openArrrAddressBook, setOpenArrrAddressBook] = useState(false);
   const [_retry, setRetry] = useState(false);
 
-  const maxSendableArrrCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceArrr - ARRR_FEE).toString();
-    const [integer, decimal = ''] = value.split('.');
-    const truncated = decimal
-      .substring(0, DECIMAL_ROUND_UP)
-      .padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableArrrCoin: number = parseFloat(
-      `${integer}.${truncated}`
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableArrrCoin = () =>
+    calculateMaxSendable(
+      walletBalanceArrr,
+      ARRR_FEE,
+      SEND_MAX_SAFETY_BUFFER_SATS
     );
-    return truncatedMaxSendableArrrCoin;
-  };
 
   const emptyRows =
     page > 0
@@ -258,7 +256,10 @@ export default function PirateWallet() {
   };
 
   const disableCanSendArrr = () =>
-    arrrAmount <= 0 || arrrRecipient === EMPTY_STRING || addressFormatError;
+    arrrAmount <= 0 ||
+    arrrRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    arrrAmount > maxSendableArrrCoin();
 
   const handleRecipientChange = (e: ChangeEvent<HTMLInputElement>) => {
     const value = e.target.value.trim();
@@ -329,6 +330,12 @@ export default function PirateWallet() {
   };
 
   const sendArrrRequest = async () => {
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (arrrAmount <= 0 || arrrAmount > maxSendableArrrCoin()) {
+      setOpenSendArrrError(true);
+      return;
+    }
     setOpenTxArrrSubmit(true);
     try {
       const sendRequest = await qortalRequest({
@@ -1158,7 +1165,7 @@ export default function PirateWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(walletBalanceArrr - ARRR_FEE).toFixed(DECIMAL_ROUND_UP) + ' ARRR'}
+            {maxSendableArrrCoin() + ' ARRR'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -1197,7 +1204,7 @@ export default function PirateWallet() {
             {...({ label: 'Amount (ARRR)' } as any)}
             fullWidth
             isAllowed={(values) => {
-              const maxArrrCoin = walletBalanceArrr - ARRR_FEE;
+              const maxArrrCoin = maxSendableArrrCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/pages/btc/index.tsx b/src/pages/btc/index.tsx
index 64fa583..976e1ab 100644
--- a/src/pages/btc/index.tsx
+++ b/src/pages/btc/index.tsx
@@ -61,6 +61,7 @@ import {
   BTC_FEE,
   DECIMAL_ROUND_UP,
   EMPTY_STRING,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
   TIME_SECONDS_2,
@@ -79,6 +80,7 @@ import {
 } from '../../styles/page-styles';
 import { Coin } from 'qapp-core';
 import { validateBtcAddress } from '../../utils/addressValidation';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 import { AddressBookDialog } from '../../components/AddressBook/AddressBookDialog';
 
 interface TablePaginationActionsProps {
@@ -192,18 +194,14 @@ export default function BitcoinWallet() {
   const btcFeeCalculated = +(+inputFee / 1000 / 1e8).toFixed(DECIMAL_ROUND_UP);
   const estimatedFeeCalculated = +btcFeeCalculated * BTC_FEE;
 
-  const maxSendableBtcCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceBtc - estimatedFeeCalculated).toString();
-    const [integer, decimal = ''] = value.split('.');
-    const truncated = decimal
-      .substring(0, DECIMAL_ROUND_UP)
-      .padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableBtcCoin: number = parseFloat(
-      `${integer}.${truncated}`
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableBtcCoin = () =>
+    calculateMaxSendable(
+      walletBalanceBtc,
+      estimatedFeeCalculated,
+      SEND_MAX_SAFETY_BUFFER_SATS
     );
-    return truncatedMaxSendableBtcCoin;
-  };
 
   const emptyRows =
     page > 0
@@ -238,7 +236,10 @@ export default function BitcoinWallet() {
   };
 
   const disableCanSendBtc = () =>
-    btcAmount <= 0 || btcRecipient === EMPTY_STRING || addressFormatError;
+    btcAmount <= 0 ||
+    btcRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    btcAmount > maxSendableBtcCoin();
 
   const handleRecipientChange = (
     e: React.ChangeEvent<HTMLInputElement | HTMLTextAreaElement>
@@ -417,6 +418,12 @@ export default function BitcoinWallet() {
 
   const sendBtcRequest = async () => {
     if (!btcFeeCalculated) return;
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (btcAmount <= 0 || btcAmount > maxSendableBtcCoin()) {
+      setOpenSendBtcError(true);
+      return;
+    }
     setOpenTxBtcSubmit(true);
     try {
       const sendRequest = await qortalRequest({
@@ -911,15 +918,7 @@ export default function BitcoinWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(() => {
-              const newMaxBtcAmount =
-                +walletBalanceBtc - estimatedFeeCalculated;
-              if (newMaxBtcAmount < 0) {
-                return Number(0.0) + ' BTC';
-              } else {
-                return newMaxBtcAmount + ' BTC';
-              }
-            })()}
+            {maxSendableBtcCoin() + ' BTC'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -958,7 +957,7 @@ export default function BitcoinWallet() {
             label="Amount (BTC)"
             fullWidth
             isAllowed={(values) => {
-              const maxBtcCoin = +walletBalanceBtc - estimatedFeeCalculated;
+              const maxBtcCoin = maxSendableBtcCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/pages/dgb/index.tsx b/src/pages/dgb/index.tsx
index 91fa60f..7007d2b 100644
--- a/src/pages/dgb/index.tsx
+++ b/src/pages/dgb/index.tsx
@@ -57,6 +57,7 @@ import {
   DECIMAL_ROUND_UP,
   DGB_FEE,
   EMPTY_STRING,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
   TIME_SECONDS_2,
@@ -75,6 +76,7 @@ import {
 } from '../../styles/page-styles';
 import { Coin } from 'qapp-core';
 import { validateDgbAddress } from '../../utils/addressValidation';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 
 interface TablePaginationActionsProps {
   count: number;
@@ -204,19 +206,17 @@ export default function DigibyteWallet() {
   const [openSendDgbError, setOpenSendDgbError] = useState(false);
   const [openDgbAddressBook, setOpenDgbAddressBook] = useState(false);
 
-  const maxSendableDbgCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceDgb - (dgbFee * 1000) / 1e8)
-      .toFixed(DECIMAL_ROUND_UP);
-    const [integer, decimal = ''] = value.split('.');
-    const truncated = decimal
-      .substring(0, DECIMAL_ROUND_UP)
-      .padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableDgbCoin: number = parseFloat(
-      `${integer}.${truncated}`
+  // Estimated fee in whole coins (fee rate applied to a ~1000-byte tx).
+  const estimatedDgbFee = (dgbFee * 1000) / 1e8;
+
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableDbgCoin = () =>
+    calculateMaxSendable(
+      walletBalanceDgb,
+      estimatedDgbFee,
+      SEND_MAX_SAFETY_BUFFER_SATS
     );
-    return truncatedMaxSendableDgbCoin;
-  };
 
   const emptyRows =
     page > 0
@@ -251,7 +251,10 @@ export default function DigibyteWallet() {
   };
 
   const disableCanSendDgb = () =>
-    dgbAmount <= 0 || dgbRecipient === EMPTY_STRING || addressFormatError;
+    dgbAmount <= 0 ||
+    dgbRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    dgbAmount > maxSendableDbgCoin();
 
   const handleRecipientChange = (
     e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>
@@ -433,6 +436,12 @@ export default function DigibyteWallet() {
   };
 
   const sendDgbRequest = async () => {
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (dgbAmount <= 0 || dgbAmount > maxSendableDbgCoin()) {
+      setOpenSendDgbError(true);
+      return;
+    }
     setOpenTxDgbSubmit(true);
     const dgbFeeCalculated = Number(dgbFee / 1e8).toFixed(DECIMAL_ROUND_UP);
     try {
@@ -915,16 +924,7 @@ export default function DigibyteWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(() => {
-              const newMaxDgbAmount = parseFloat(
-                (walletBalanceDgb - (dgbFee * 1000) / 1e8).toFixed(DECIMAL_ROUND_UP)
-              );
-              if (newMaxDgbAmount < 0) {
-                return Number(0.0) + ' DGB';
-              } else {
-                return newMaxDgbAmount + ' DGB';
-              }
-            })()}
+            {maxSendableDbgCoin() + ' DGB'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -963,7 +963,7 @@ export default function DigibyteWallet() {
             label="Amount (DGB)"
             fullWidth
             isAllowed={(values) => {
-              const maxDgbCoin = walletBalanceDgb - (dgbFee * 1000) / 1e8;
+              const maxDgbCoin = maxSendableDbgCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/pages/doge/index.tsx b/src/pages/doge/index.tsx
index 1ff6c8c..4827f33 100644
--- a/src/pages/doge/index.tsx
+++ b/src/pages/doge/index.tsx
@@ -56,6 +56,7 @@ import {
   DECIMAL_ROUND_UP,
   DOGE_FEE,
   EMPTY_STRING,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
   TIME_SECONDS_2,
@@ -75,6 +76,7 @@ import {
 import { FeeManager } from '../../components/FeeManager';
 import { Coin } from 'qapp-core';
 import { validateDogeAddress } from '../../utils/addressValidation';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 
 interface TablePaginationActionsProps {
   count: number;
@@ -189,14 +191,14 @@ export default function DogecoinWallet() {
   const dogeFeeCalculated = +(+inputFee / 1000 / 1e8).toFixed(DECIMAL_ROUND_UP);
   const estimatedFeeCalculated = +dogeFeeCalculated * DOGE_FEE;
 
-  const maxSendableDogeCoin = () => {
-      // manage the correct round up
-      const value = (walletBalanceDoge - estimatedFeeCalculated).toString();
-      const [integer, decimal = ''] = value.split('.');
-      const truncated = decimal.substring(0, DECIMAL_ROUND_UP).padEnd(DECIMAL_ROUND_UP, '0');
-      let truncatedMaxSendableDogeCoin: number = parseFloat(`${integer}.${truncated}`);
-      return truncatedMaxSendableDogeCoin;
-    };
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableDogeCoin = () =>
+    calculateMaxSendable(
+      walletBalanceDoge,
+      estimatedFeeCalculated,
+      SEND_MAX_SAFETY_BUFFER_SATS
+    );
 
   const emptyRows =
     page > 0
@@ -229,7 +231,10 @@ export default function DogecoinWallet() {
   };
 
   const disableCanSendDoge = () =>
-    dogeAmount <= 0 || dogeRecipient === EMPTY_STRING || addressFormatError;
+    dogeAmount <= 0 ||
+    dogeRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    dogeAmount > maxSendableDogeCoin();
 
   const handleRecipientChange = (
     e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>
@@ -407,6 +412,12 @@ export default function DogecoinWallet() {
 
   const sendDogeRequest = async () => {
     if (!dogeFeeCalculated) return;
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (dogeAmount <= 0 || dogeAmount > maxSendableDogeCoin()) {
+      setOpenSendDogeError(true);
+      return;
+    }
 
     setOpenTxDogeSubmit(true);
     try {
@@ -887,15 +898,7 @@ export default function DogecoinWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(() => {
-              const newMaxDogeAmount =
-                +walletBalanceDoge - estimatedFeeCalculated;
-              if (newMaxDogeAmount < 0) {
-                return Number(0.0) + ' DOGE';
-              } else {
-                return newMaxDogeAmount + ' DOGE';
-              }
-            })()}
+            {maxSendableDogeCoin() + ' DOGE'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -934,7 +937,7 @@ export default function DogecoinWallet() {
             label="Amount (DOGE)"
             fullWidth
             isAllowed={(values) => {
-              const maxDogeCoin = +walletBalanceDoge - estimatedFeeCalculated;
+              const maxDogeCoin = maxSendableDogeCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/pages/ltc/index.tsx b/src/pages/ltc/index.tsx
index de2769e..ff03b30 100644
--- a/src/pages/ltc/index.tsx
+++ b/src/pages/ltc/index.tsx
@@ -60,6 +60,7 @@ import {
   DECIMAL_ROUND_UP,
   EMPTY_STRING,
   LTC_FEE,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
   TIME_SECONDS_2,
@@ -79,6 +80,7 @@ import {
 import { FeeManager } from '../../components/FeeManager';
 import { Coin } from 'qapp-core';
 import { validateLtcAddress } from '../../utils/addressValidation';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 import { AddressBookDialog } from '../../components/AddressBook/AddressBookDialog';
 
 interface TablePaginationActionsProps {
@@ -193,18 +195,14 @@ export default function LitecoinWallet() {
   const ltcFeeCalculated = +(+inputFee / 1000 / 1e8).toFixed(DECIMAL_ROUND_UP);
   const estimatedFeeCalculated = +ltcFeeCalculated * LTC_FEE;
 
-  const maxSendableLtcCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceLtc - estimatedFeeCalculated).toString();
-    const [integer, decimal = ''] = value.split('.');
-    const truncated = decimal
-      .substring(0, DECIMAL_ROUND_UP)
-      .padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableLtcCoin: number = parseFloat(
-      `${integer}.${truncated}`
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableLtcCoin = () =>
+    calculateMaxSendable(
+      walletBalanceLtc,
+      estimatedFeeCalculated,
+      SEND_MAX_SAFETY_BUFFER_SATS
     );
-    return truncatedMaxSendableLtcCoin;
-  };
 
   const emptyRows =
     page > 0
@@ -241,7 +239,10 @@ export default function LitecoinWallet() {
   };
 
   const disableCanSendLtc = () =>
-    ltcAmount <= 0 || ltcRecipient === EMPTY_STRING || addressFormatError;
+    ltcAmount <= 0 ||
+    ltcRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    ltcAmount > maxSendableLtcCoin();
 
   const handleRecipientChange = (
     e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>
@@ -421,6 +422,12 @@ export default function LitecoinWallet() {
 
   const sendLtcRequest = async () => {
     if (!ltcFeeCalculated) return;
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (ltcAmount <= 0 || ltcAmount > maxSendableLtcCoin()) {
+      setOpenSendLtcError(true);
+      return;
+    }
     setOpenTxLtcSubmit(true);
 
     try {
@@ -916,15 +923,7 @@ export default function LitecoinWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(() => {
-              const newMaxLtcAmount =
-                +walletBalanceLtc - estimatedFeeCalculated;
-              if (newMaxLtcAmount < 0) {
-                return Number(0.0) + ' LTC';
-              } else {
-                return newMaxLtcAmount + ' LTC';
-              }
-            })()}
+            {maxSendableLtcCoin() + ' LTC'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -963,7 +962,7 @@ export default function LitecoinWallet() {
             label="Amount (LTC)"
             fullWidth
             isAllowed={(values) => {
-              const maxLtcCoin = +walletBalanceLtc - estimatedFeeCalculated;
+              const maxLtcCoin = maxSendableLtcCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/pages/qort/index.tsx b/src/pages/qort/index.tsx
index f920c7a..1a765ce 100644
--- a/src/pages/qort/index.tsx
+++ b/src/pages/qort/index.tsx
@@ -60,7 +60,6 @@ const NumericFormat = _NumericFormat as React.FC<React.ComponentProps<typeof _Nu
 import QRCode from 'react-qr-code';
 import coinLogoQORT from '../../assets/qort.png';
 import {
-  DECIMAL_ROUND_UP,
   EMPTY_STRING,
   QORT_1_UNIT,
   TIME_MINUTES_1,
@@ -87,6 +86,7 @@ import {
   WalletCard,
 } from '../../styles/page-styles';
 import { SearchTransactionsResponse } from '../../utils/Types.tsx';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 import { AddressBookDialog } from '../../components/AddressBook/AddressBookDialog';
 
 interface TablePaginationActionsProps {
@@ -269,14 +269,11 @@ export default function QortalWallet() {
   const [recipientTouched, setRecipientTouched] = useState(false);
   const userName = useGlobal().auth.name;
   
-  const maxSendableQortCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceQort - qortTxFee).toString();
-    const [integer, decimal = EMPTY_STRING] = value.split('.');
-    const truncated = decimal.substring(0, DECIMAL_ROUND_UP).padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableQortCoin: number = parseFloat(`${integer}.${truncated}`);
-    return truncatedMaxSendableQortCoin;
-  };
+  // Safely-spendable max via integer-satoshi math (avoids the floating-point
+  // boundary error). QORT has a deterministic on-chain fee and an account
+  // model, so no extra safety buffer is needed.
+  const maxSendableQortCoin = () =>
+    calculateMaxSendable(walletBalanceQort, qortTxFee);
   
   const emptyRowsPayment =
     page > 0
@@ -3348,7 +3345,7 @@ export default function QortalWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(walletBalanceQort - qortTxFee).toFixed(DECIMAL_ROUND_UP) + ' QORT'}
+            {maxSendableQortCoin() + ' QORT'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
diff --git a/src/pages/rvn/index.tsx b/src/pages/rvn/index.tsx
index 470891d..9e25a8d 100644
--- a/src/pages/rvn/index.tsx
+++ b/src/pages/rvn/index.tsx
@@ -61,6 +61,7 @@ import {
   DECIMAL_ROUND_UP,
   EMPTY_STRING,
   RVN_FEE,
+  SEND_MAX_SAFETY_BUFFER_SATS,
   TIME_MINUTES_3,
   TIME_MINUTES_5,
   TIME_SECONDS_2,
@@ -79,6 +80,7 @@ import {
 } from '../../styles/page-styles';
 import { Coin } from 'qapp-core';
 import { AddressBookDialog } from '../../components/AddressBook/AddressBookDialog';
+import { calculateMaxSendable } from '../../utils/maxSendable';
 
 interface TablePaginationActionsProps {
   count: number;
@@ -208,19 +210,17 @@ export default function RavencoinWallet() {
   const [openSendRvnError, setOpenSendRvnError] = useState(false);
   const [openRvnAddressBook, setOpenRvnAddressBook] = useState(false);
 
-  const maxSendableRvnCoin = () => {
-    // manage the correct round up
-    const value = (walletBalanceRvn - (rvnFee * 1000) / 1e8)
-      .toFixed(DECIMAL_ROUND_UP);
-    const [integer, decimal = ''] = value.split('.');
-    const truncated = decimal
-      .substring(0, DECIMAL_ROUND_UP)
-      .padEnd(DECIMAL_ROUND_UP, '0');
-    let truncatedMaxSendableRvnCoin: number = parseFloat(
-      `${integer}.${truncated}`
+  // Estimated fee in whole coins (fee rate applied to a ~1000-byte tx).
+  const estimatedRvnFee = (rvnFee * 1000) / 1e8;
+
+  // Safely-spendable max: integer-satoshi math plus a small safety buffer so
+  // the prefilled amount never lands on/above the host's spendable cutoff.
+  const maxSendableRvnCoin = () =>
+    calculateMaxSendable(
+      walletBalanceRvn,
+      estimatedRvnFee,
+      SEND_MAX_SAFETY_BUFFER_SATS
     );
-    return truncatedMaxSendableRvnCoin;
-  };
 
   const emptyRows =
     page > 0
@@ -259,7 +259,10 @@ export default function RavencoinWallet() {
   };
 
   const disableCanSendRvn = () =>
-    rvnAmount <= 0 || rvnRecipient === EMPTY_STRING || addressFormatError;
+    rvnAmount <= 0 ||
+    rvnRecipient === EMPTY_STRING ||
+    addressFormatError ||
+    rvnAmount > maxSendableRvnCoin();
 
   const handleRecipientChange = (
     e: ChangeEvent<HTMLInputElement | HTMLTextAreaElement>
@@ -445,6 +448,12 @@ export default function RavencoinWallet() {
   };
 
   const sendRvnRequest = async () => {
+    // Conservative revalidation: never submit more than the safely-spendable
+    // max, even if state changed (e.g. balance refresh) after input.
+    if (rvnAmount <= 0 || rvnAmount > maxSendableRvnCoin()) {
+      setOpenSendRvnError(true);
+      return;
+    }
     setOpenTxRvnSubmit(true);
     const rvnFeeCalculated = Number(rvnFee / 1e8).toFixed(DECIMAL_ROUND_UP);
     try {
@@ -941,18 +950,7 @@ export default function RavencoinWallet() {
             align="center"
             sx={{ color: 'text.primary', fontWeight: 700 }}
           >
-            {(() => {
-              const newMaxRvnAmount = parseFloat(
-                (walletBalanceRvn - (rvnFee * 1000) / 1e8).toFixed(
-                  DECIMAL_ROUND_UP
-                )
-              );
-              if (newMaxRvnAmount < 0) {
-                return Number(0.0) + ' RVN';
-              } else {
-                return newMaxRvnAmount + ' RVN';
-              }
-            })()}
+            {maxSendableRvnCoin() + ' RVN'}
           </Typography>
           <Box style={{ marginInlineStart: '15px' }}>
             <Button
@@ -991,7 +989,7 @@ export default function RavencoinWallet() {
             label="Amount (RVN)"
             fullWidth
             isAllowed={(values) => {
-              const maxRvnCoin = walletBalanceRvn - (rvnFee * 1000) / 1e8;
+              const maxRvnCoin = maxSendableRvnCoin();
               const { formattedValue, floatValue } = values;
               return (
                 formattedValue === EMPTY_STRING ||
diff --git a/src/utils/__tests__/maxSendable.test.ts b/src/utils/__tests__/maxSendable.test.ts
new file mode 100644
index 0000000..1a8e812
--- /dev/null
+++ b/src/utils/__tests__/maxSendable.test.ts
@@ -0,0 +1,64 @@
+import { describe, it, expect } from 'vitest';
+import { calculateMaxSendable } from '../maxSendable';
+
+describe('calculateMaxSendable', () => {
+  it('subtracts the fee from the balance', () => {
+    expect(calculateMaxSendable(1, 0.0005)).toBe(0.9995);
+  });
+
+  it('holds back the safety buffer when provided', () => {
+    // 1000 sats buffer = 0.00001 coin
+    expect(calculateMaxSendable(1, 0.0005, 1000)).toBe(0.99949);
+  });
+
+  it('never returns more than balance minus fee plus buffer (round-trips within balance)', () => {
+    const balance = 1.1;
+    const fee = 0.00005;
+    const max = calculateMaxSendable(balance, fee, 1000);
+    // amount + fee, recomputed in satoshis, must stay within the balance
+    const amountSats = Math.round(max * 1e8);
+    const feeSats = Math.round(fee * 1e8);
+    expect(amountSats + feeSats).toBeLessThanOrEqual(Math.round(balance * 1e8));
+  });
+
+  it('keeps amount + fee strictly within balance across many values (with buffer)', () => {
+    const fee = 0.00005;
+    for (let i = 1; i <= 500; i++) {
+      const balance = i / 100; // 0.01 .. 5.00
+      const max = calculateMaxSendable(balance, fee, 1000);
+      // Recompute the host-side boundary in satoshi space.
+      const totalSats = Math.round(max * 1e8) + Math.round(fee * 1e8);
+      expect(totalSats).toBeLessThan(Math.round(balance * 1e8));
+    }
+  });
+
+  it('returns 0 when the fee meets or exceeds the balance', () => {
+    expect(calculateMaxSendable(0.0005, 0.0005)).toBe(0);
+    expect(calculateMaxSendable(0.0001, 0.0005)).toBe(0);
+  });
+
+  it('returns 0 when the buffer pushes the result to zero or below', () => {
+    // balance - fee = 1000 sats, buffer = 1000 sats -> 0
+    expect(calculateMaxSendable(0.0000_2, 0.000_01, 1000)).toBe(0);
+  });
+
+  it('returns 0 for a zero balance', () => {
+    expect(calculateMaxSendable(0, 0.0005)).toBe(0);
+  });
+
+  it('returns 0 for non-finite inputs', () => {
+    expect(calculateMaxSendable(NaN, 0.0005)).toBe(0);
+    expect(calculateMaxSendable(1, NaN)).toBe(0);
+    expect(calculateMaxSendable(Infinity, 0.0005)).toBe(0);
+  });
+
+  it('truncates to 8 decimal places', () => {
+    const result = calculateMaxSendable(0.123456789, 0);
+    expect(result).toBe(0.12345679); // rounded at satoshi precision
+    expect(result.toString().split('.')[1].length).toBeLessThanOrEqual(8);
+  });
+
+  it('ignores negative buffers (treats them as zero)', () => {
+    expect(calculateMaxSendable(1, 0.0005, -1000)).toBe(0.9995);
+  });
+});
diff --git a/src/utils/maxSendable.ts b/src/utils/maxSendable.ts
new file mode 100644
index 0000000..c55a9e3
--- /dev/null
+++ b/src/utils/maxSendable.ts
@@ -0,0 +1,50 @@
+import { DECIMAL_ROUND_UP } from '../common/constants';
+
+/**
+ * Number of satoshis (smallest units) in one whole coin for the UTXO coins
+ * used in this app (BTC, LTC, DOGE, DGB, RVN, ARRR).
+ */
+const SATS_PER_COIN = 1e8;
+
+/**
+ * Compute the maximum safely-spendable amount for a "SEND MAX" action.
+ *
+ * The naive `balance - fee` expression is computed in JS floating point on an
+ * exact boundary value, so the prefilled amount can land right on — or a hair
+ * above — the spendable cutoff. The host `SEND_COIN` check then rejects it as
+ * "Insufficient funds", even though sending slightly less succeeds.
+ *
+ * To avoid this we:
+ *  1. Do the subtraction in integer satoshi math (no float boundary error).
+ *  2. Hold back a small safety buffer so the result stays strictly within the
+ *     balance, absorbing fee-estimate and serialization slack.
+ *
+ * @param balance    Wallet balance, in whole coins.
+ * @param fee        Estimated fee to reserve, in whole coins.
+ * @param bufferSats Extra satoshis to hold back as a safety margin (default 0).
+ * @returns The max sendable amount in whole coins (never negative), truncated
+ *          to {@link DECIMAL_ROUND_UP} decimal places.
+ */
+export const calculateMaxSendable = (
+  balance: number,
+  fee: number,
+  bufferSats: number = 0
+): number => {
+  if (!Number.isFinite(balance) || !Number.isFinite(fee)) {
+    return 0;
+  }
+
+  const balanceSats = Math.round(balance * SATS_PER_COIN);
+  const feeSats = Math.round(fee * SATS_PER_COIN);
+  const buffer = Math.max(0, Math.trunc(bufferSats));
+
+  const maxSats = balanceSats - feeSats - buffer;
+  if (maxSats <= 0) {
+    return 0;
+  }
+
+  // maxSats is an integer count of satoshis, so dividing by SATS_PER_COIN and
+  // truncating to DECIMAL_ROUND_UP places yields an exact, safely-spendable
+  // value that round-trips back to <= balanceSats when the fee is re-added.
+  return +(maxSats / SATS_PER_COIN).toFixed(DECIMAL_ROUND_UP);
+};

From 3fad913e7743f1724f3e190f8686e4c43e24f9b1 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 01:15:55 +0200
Subject: [PATCH 4/7] Add changes

---
 CHANGELOG.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 405855e..2293ae3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,27 @@
 
 All notable changes to Q-Wallets will be documented in this file.
 
+## [Unreleased]
+
+### Added
+
+- `calculateMaxSendable` utility that computes the "SEND MAX" amount in integer satoshi math and holds back a small safety buffer, avoiding floating-point boundary errors that triggered false "Insufficient funds" rejections from the host
+- `SEND_MAX_SAFETY_BUFFER_SATS` constant (1000 sats) used as the SEND MAX safety margin
+
+### Fixed
+
+- BTC and DGB Bech32 address validation: corrected the regex charset to the bech32 alphabet (excludes `1`, `b`, `i`, `o`) and allowed variable address length (39–59 chars) so longer Bech32 addresses (e.g. P2WSH) validate correctly
+- SEND MAX no longer prefills an amount that lands on or just above the spendable cutoff
+
+### Changed
+
+- All coin send pages (ARRR, BTC, DGB, DOGE, LTC, QORT, RVN) refactored to use the shared `calculateMaxSendable` utility
+
+### Tests
+
+- Added tests for `calculateMaxSendable`
+- Expanded address validation tests covering BTC/DGB Bech32 charset and length cases
+
 ## [1.3.2] - 2026-03-06
 
 ### Fixed

From 68dfdfd097d85689cc92ad00e2cc0f70d9cdbe5c Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 01:17:35 +0200
Subject: [PATCH 5/7] Increase patch version

---
 package-lock.json | 4 ++--
 package.json      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 33e3789..b8aeebe 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "q-wallets",
-  "version": "1.3.2",
+  "version": "1.3.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "q-wallets",
-      "version": "1.3.2",
+      "version": "1.3.3",
       "dependencies": {
         "@emotion/react": "^11.14.0",
         "@emotion/styled": "^11.14.0",
diff --git a/package.json b/package.json
index 07e60c0..2c652f2 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "q-wallets",
   "private": true,
-  "version": "1.3.2",
+  "version": "1.3.3",
   "type": "module",
   "scripts": {
     "build": "tsc -b && vite build && cp CHANGELOG.md dist/",

From f246ba299c67b1e0f406351e557c4d48076ce1f1 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 01:18:17 +0200
Subject: [PATCH 6/7] Set version

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2293ae3..b809598 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 All notable changes to Q-Wallets will be documented in this file.
 
-## [Unreleased]
+## [1.3.3]
 
 ### Added
 

From 13854416abc485250109ef7ec846333cbdf52964 Mon Sep 17 00:00:00 2001
From: Nic <gitnub.6q580@simplelogin.com>
Date: Tue, 2 Jun 2026 12:33:07 +0200
Subject: [PATCH 7/7] maxSendable.ts now coerces with Number() before the
 finite check, and accepts number | string

---
 src/utils/__tests__/maxSendable.test.ts | 12 ++++++++++++
 src/utils/maxSendable.ts                | 18 ++++++++++++------
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/src/utils/__tests__/maxSendable.test.ts b/src/utils/__tests__/maxSendable.test.ts
index 1a8e812..2a8d4fc 100644
--- a/src/utils/__tests__/maxSendable.test.ts
+++ b/src/utils/__tests__/maxSendable.test.ts
@@ -52,6 +52,18 @@ describe('calculateMaxSendable', () => {
     expect(calculateMaxSendable(Infinity, 0.0005)).toBe(0);
   });
 
+  it('coerces numeric-string inputs (host returns balance as a string)', () => {
+    // Regression: Number.isFinite('700') === false, so an un-coerced guard
+    // would wrongly return 0 for a string balance.
+    expect(calculateMaxSendable('700', '0.0001', 1000)).toBe(699.99989);
+    expect(calculateMaxSendable('1', '0.0005')).toBe(0.9995);
+  });
+
+  it('returns 0 for non-numeric-string inputs', () => {
+    expect(calculateMaxSendable('abc', 0.0005)).toBe(0);
+    expect(calculateMaxSendable('', 0.0005)).toBe(0);
+  });
+
   it('truncates to 8 decimal places', () => {
     const result = calculateMaxSendable(0.123456789, 0);
     expect(result).toBe(0.12345679); // rounded at satoshi precision
diff --git a/src/utils/maxSendable.ts b/src/utils/maxSendable.ts
index c55a9e3..01e7664 100644
--- a/src/utils/maxSendable.ts
+++ b/src/utils/maxSendable.ts
@@ -19,23 +19,29 @@ const SATS_PER_COIN = 1e8;
  *  2. Hold back a small safety buffer so the result stays strictly within the
  *     balance, absorbing fee-estimate and serialization slack.
  *
- * @param balance    Wallet balance, in whole coins.
+ * @param balance    Wallet balance, in whole coins. The host
+ *                   `GET_WALLET_BALANCE` request returns this as a numeric
+ *                   string, so string inputs are coerced to a number.
  * @param fee        Estimated fee to reserve, in whole coins.
  * @param bufferSats Extra satoshis to hold back as a safety margin (default 0).
  * @returns The max sendable amount in whole coins (never negative), truncated
  *          to {@link DECIMAL_ROUND_UP} decimal places.
  */
 export const calculateMaxSendable = (
-  balance: number,
-  fee: number,
+  balance: number | string,
+  fee: number | string,
   bufferSats: number = 0
 ): number => {
-  if (!Number.isFinite(balance) || !Number.isFinite(fee)) {
+  // Coerce first: the wallet balance arrives as a numeric string, and
+  // Number.isFinite() does not coerce (Number.isFinite('700') === false).
+  const balanceNum = Number(balance);
+  const feeNum = Number(fee);
+  if (!Number.isFinite(balanceNum) || !Number.isFinite(feeNum)) {
     return 0;
   }
 
-  const balanceSats = Math.round(balance * SATS_PER_COIN);
-  const feeSats = Math.round(fee * SATS_PER_COIN);
+  const balanceSats = Math.round(balanceNum * SATS_PER_COIN);
+  const feeSats = Math.round(feeNum * SATS_PER_COIN);
   const buffer = Math.max(0, Math.trunc(bufferSats));
 
   const maxSats = balanceSats - feeSats - buffer;