Security News
CVE Volume Surges Past 48,000 in 2025 as WordPress Plugin Ecosystem Drives Growth
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.
By Sarah Gooding - Jan 09, 2026
@arbitrum/sdk
Advanced tools
Arbitrum SDK
Typescript library for client-side interactions with Arbitrum. Arbitrum SDK provides common helper functionaliy as well access to the underlying smart contract interfaces.
Below is an overview of the Arbitrum SDK functionality. See the tutorials for further examples of how to use these classes.
Quickstart Recipes
-
Deposit Ether Into Arbitrum
import { getL2Network, EthBridger } from '@arbitrum/sdk'
const l2Network = await getL2Network(
l2ChainID /** <-- chain id of target Arbitrum chain */
)
const ethBridger = new EthBridger(l2Network)
const ethDepositTxResponse = await ethBridger.deposit({
amount: utils.parseEther('23'),
l1Signer: l1Signer /** <-- connected ethers-js Wallet */,
l2Provider: l2Provider /** <--- ethers-js Provider */,
})
const ethDepositTxReceipt = await ethDepositTxResponse.wait()
/** check ethDepositTxReceipt.status */
-
Redeem an L1 to L2 Message
import { L1TransactionReceipt, L1ToL2MessageStatus } from '@arbitrum/sdk'
const l1TxnReceipt = new L1TransactionReceipt(
txnReceipt /** <-- ethers-js TransactionReceipt of an ethereum tx that triggered an L1 to L2 message (say depositting a token via a bridge) */
)
const l1ToL2Message = (
await l1TxnReceipt.getL1ToL2Messages(
l2Signer /** <-- connected ethers-js Wallet */
)
)[0]
const res = await l1ToL2Message.waitForStatus()
if (res.status === L1ToL2MessageStatus.FUNDS_DEPOSITED_ON_L2) {
/** Message wasn't auto-redeemed; redeem it now: */
const response = await l1ToL2Message.redeem()
const receipt = await response.wait()
} else if (res.status === L1ToL2MessageStatus.REDEEMED) {
/** Message succesfully redeeemed */
}
-
Check if sequencer has included a transaction in L1 data
import { L2TransactionReceipt } from '@arbitrum/sdk'
const l2TxnReceipt = new L2TransactionReceipt(
txnReceipt /** <-- ethers-js TransactionReceipt of an arbitrum tx */
)
/** Wait 3 minutes: */
await new Promise(resolve => setTimeout(resolve, 1000 * 60 * 3000))
// if dataIsOnL1, sequencer has posted it and it inherits full rollup/L1 security
const dataIsOnL1 = await l2TxnReceipt.isDataAvailable(l2Provider, l1Provider)
Bridging assets
Arbitrum SDK can be used to bridge assets to/from the rollup chain.The following asset bridgers are currently available:
- EthBridger
- Erc20Bridger
All asset bridgers have the following methods:
- deposit - moves assets from the L1 to the L2
- depositEstimateGas - estimates the gas required to do the deposit
- withdraw - moves assets from the L2 to the L1
- withdrawEstimateGas - estimate the gas required to do the withdrawal Which accept different parameters depending on the asset bridger type
Cross chain messages
When assets are moved by the L1 and L2 cross chain messages are sent. The lifecycles of these messages are encapsulated in the classes L1ToL2Message and L2ToL1Message. These objects are commonly created from the receipts of transactions that send cross chain messages. A cross chain message will eventually result in a transaction being executed on the destination chain, and these message classes provide the ability to wait for that finalizing transaction to occur.
Networks
Arbitrum SDK comes pre-configured for the Mainnet and Rinkeby, and their Arbitrum counterparts. However the networks functionlity can be used register networks for custom Arbitrum instances. Most of the classes in Arbitrum SDK depend on network objects so this must be configured before using other Arbitrum SDK functionlity.
Inbox tools
As part of normal operation the Arbitrum sequencer will messages into the rollup chain. However, if the sequencer is unavailable and not posting batches, the inbox tools can be used to force the inclusion of transactions into the rollup chain.
Utils
- EventFetcher - A utility to provide typing for the fetching of events
- MultiCaller - A utility for executing multiple calls as part of a single RPC request. This can be useful for reducing round trips.
- constants - A list of useful Arbitrum related constants
Run Integration tests
yarn test:integration
Defaults to rinkArby, for custom network use --network flag.
rinkArby expects env var ARB_KEY to be prefunded with at least 0.02 ETH, and env var INFURA_KEY to be set.
(see integration_test/config.ts)
FAQs
Typescript library client-side interactions with Arbitrum
The npm package @arbitrum/sdk receives a total of 28,189 weekly downloads. As such, @arbitrum/sdk popularity was classified as popular.
We found that @arbitrum/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 24 Aug 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Insecure Agents Podcast: Certified Patches, Supply Chain Security, and AI Agents
Socket CEO Feross Aboukhadijeh joins Insecure Agents to discuss CVE remediation and why supply chain attacks require a different security approach.
By Sarah Gooding - Jan 08, 2026
Security News
Tailwind CSS Announces 75% Layoffs as LLMs Reshape OSS Business Models
Tailwind Labs laid off 75% of its engineering team after revenue dropped 80%, as LLMs redirect traffic away from documentation where developers discover paid products.
By Sarah Gooding - Jan 08, 2026