diff --git a/core/src/all_modules.py b/core/src/all_modules.py
index ee0c5e24a..7162c284a 100644
--- a/core/src/all_modules.py
+++ b/core/src/all_modules.py
@@ -332,8 +332,6 @@ apps.homescreen.homescreen
 import apps.homescreen.homescreen
 apps.homescreen.lockscreen
 import apps.homescreen.lockscreen
-apps.management
-import apps.management
 apps.management.apply_flags
 import apps.management.apply_flags
 apps.management.apply_settings
@@ -348,6 +346,8 @@ apps.management.change_wipe_code
 import apps.management.change_wipe_code
 apps.management.get_next_u2f_counter
 import apps.management.get_next_u2f_counter
+apps.management.get_nonce
+import apps.management.get_nonce
 apps.management.recovery_device
 import apps.management.recovery_device
 apps.management.recovery_device.homescreen
diff --git a/core/src/apps/management/__init__.py b/core/src/apps/management/__init__.py
deleted file mode 100644
index e69de29bb..000000000
diff --git a/core/src/apps/management/get_nonce.py b/core/src/apps/management/get_nonce.py
new file mode 100644
index 000000000..3f255975f
--- /dev/null
+++ b/core/src/apps/management/get_nonce.py
@@ -0,0 +1,10 @@
+from storage import cache
+from trezor import wire
+from trezor.crypto import random
+from trezor.messages import GetNonce, Nonce
+
+
+async def get_nonce(ctx: wire.Context, msg: GetNonce) -> Nonce:
+    nonce = random.bytes(32)
+    cache.set(cache.APP_COMMON_NONCE, nonce)
+    return Nonce(nonce=nonce)
diff --git a/core/src/storage/cache.py b/core/src/storage/cache.py
index f3225e731..d4544aced 100644
--- a/core/src/storage/cache.py
+++ b/core/src/storage/cache.py
@@ -18,11 +18,12 @@ _SESSION_ID_LENGTH = 32
 APP_COMMON_SEED = 0
 APP_COMMON_AUTHORIZATION_TYPE = 1
 APP_COMMON_AUTHORIZATION_DATA = 2
+APP_COMMON_NONCE = 3
 if not utils.BITCOIN_ONLY:
-    APP_COMMON_DERIVE_CARDANO = 3
-    APP_CARDANO_ICARUS_SECRET = 4
-    APP_CARDANO_ICARUS_TREZOR_SECRET = 5
-    APP_MONERO_LIVE_REFRESH = 6
+    APP_COMMON_DERIVE_CARDANO = 4
+    APP_CARDANO_ICARUS_SECRET = 5
+    APP_CARDANO_ICARUS_TREZOR_SECRET = 6
+    APP_MONERO_LIVE_REFRESH = 7
 
 # Keys that are valid across sessions
 APP_COMMON_SEED_WITHOUT_PASSPHRASE = 0 | _SESSIONLESS_FLAG
@@ -95,12 +96,14 @@ class SessionCache(DataCache):
                 64,  # APP_COMMON_SEED
                 2,  # APP_COMMON_AUTHORIZATION_TYPE
                 128,  # APP_COMMON_AUTHORIZATION_DATA
+                32,  # APP_COMMON_NONCE
             )
         else:
             self.fields = (
                 64,  # APP_COMMON_SEED
                 2,  # APP_COMMON_AUTHORIZATION_TYPE
                 128,  # APP_COMMON_AUTHORIZATION_DATA
+                32,  # APP_COMMON_NONCE
                 1,  # APP_COMMON_DERIVE_CARDANO
                 96,  # APP_CARDANO_ICARUS_SECRET
                 96,  # APP_CARDANO_ICARUS_TREZOR_SECRET