
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@bosonprotocol/chat-sdk
Advanced tools
Extension of @xmtp/xmtp-js with support for chat threads and further message types.
🛠️ Tools for building on top of the Boson Protocol.
JS lib which extends @xmtp/xmtp-js, adding support for chat threads and further message types.
npm i @bosonprotocol/chat-sdk
import { BosonXmtpClient } from "@bosonprotocol/chat-sdk"; const client = await BosonXmtpClient.initialise(signer, "test");
const counterparties = ["0xabc123", "0xdef456", ...]; const threads = await client.getThreads(counterparties);
const messageObj = { threadId: { exchangeId: "1", buyerId: "2", sellerId: "3" }, contentType: MessageType.String, version: "0.0.1", content: { value: "Example message" } }; const recipient = "0xabc123..."; await client.encodeAndSendMessage(messageObj, recipient);
for await (const message of await client.monitorThread(threadId, counterparty)) { console.log(message); }
npm run build
npm run test:all npm run test:unit npm run test:integration
npm run lint npm run lint:fix
npm run prettier
FAQs
Extension of @xmtp/xmtp-js with support for chat threads and further message types.
We found that @bosonprotocol/chat-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 15 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.