Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@bitgo-beta/sdk-coin-cspr
Advanced tools
SDK coins provide a modular approach to a monolithic architecture. This and all BitGoJS SDK coins allow developers to use only the coins needed for a given project.
All coins are loaded traditionally through the bitgo
package. If you are using coins individually, you will be accessing the coin via the @bitgo/sdk-api
package.
In your project install both @bitgo/sdk-api
and @bitgo/sdk-coin-cspr
.
npm i @bitgo/sdk-api @bitgo/sdk-coin-cspr
Next, you will be able to initialize an instance of BitGoAPI through @bitgo/sdk-api
instead of via bitgo
.
import { BitGoAPI } from '@bitgo/sdk-api';
import { Cspr, Tcspr } from '@bitgo/sdk-coin-cspr';
async function init() {
const bitgoapi = new BitGoAPI({ env: 'test' });
bitgoapi.register('cspr', Cspr.createInstance);
bitgoapi.register('tcspr', Tcspr.createInstance);
return bitgoapi;
}
async function main() {
const bitgoapi = await init();
const cspr = bitgoapi.coin('cspr');
const tcspr = bitgoapi.coin('tcspr');
}
Most of the coin implementations are derived from @bitgo/sdk-core
, @bitgo/statics
, and coin specific packages. These implementations are used to interact with the BitGo API and BitGo platform services.
You will notice that the basic version of common class extensions have been provided to you and must be resolved before the package build will succeed. Upon initiation of a given SDK coin, you will need to verify that your coin has been included in the root tsconfig.packages.json
and that the linting, formatting, and testing succeeds when run both within the coin and from the root of BitGoJS.
FAQs
BitGo SDK coin library for Casper
We found that @bitgo-beta/sdk-coin-cspr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.