Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@0x/asset-swapper
Advanced tools
Convenience package for discovering and buying assets on-chain and off-chain.
Convenience package for swapping assets represented on the Ethereum blockchain using 0x. The package helps to perform all the off-chain computations to execute a marketBuy or marketSell function execution with 0x exchange contracts, or 0x extension contracts. Given some liquidity (0x signed orders), it helps estimate the cost of buying or selling a certain asset (giving a range) and then provide varying consumable outputs to execute the buy or sell.
Asset-swapper integrates with the Standard Relayer API(in the future Mesh as well) and takes care of sourcing liquidity, order-pruning, and order-validation. The final result is a library that tells you what assets are available, provides a quote based on specified assets, and provide varying consumable metadata that can be used both on-chain in smart contracts or off-chain through web3 to swap a desired amount of ERC20 for another ERC20 asset.
yarn add @0x/asset-swapper
Import
import { SwapQuoter } from '@0x/asset-swapper';
or
var SwapQuoter = require('@0x/asset-swapper').SwapQuoter;
var SwapQuoteConsumer = require('@0x/asset-swapper').SwapQuoteConsumer;
If your project is in TypeScript, add the following to your tsconfig.json
:
"compilerOptions": {
"typeRoots": ["node_modules/@0x/typescript-typings/types", "node_modules/@types"],
}
We welcome improvements and fixes from the wider community! To report bugs within this package, please create an issue in this repository.
Please read our contribution guidelines before getting started.
If you don't have yarn workspaces enabled (Yarn < v1.0) - enable them:
yarn config set workspaces-experimental true
Then install dependencies
yarn install
To build this package and all other monorepo packages that it depends on, run the following from the monorepo root directory:
PKG=@0x/asset-swapper yarn build
Or continuously rebuild on change:
PKG=@0x/asset-swapper yarn watch
yarn clean
yarn lint
yarn test
FAQs
Convenience package for discovering and buying assets on-chain and off-chain.
The npm package @0x/asset-swapper receives a total of 45 weekly downloads. As such, @0x/asset-swapper popularity was classified as not popular.
We found that @0x/asset-swapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.