Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@celo/celo-composer
Advanced tools
Celo Composer allows you to quickly build, deploy, and iterate on decentralized applications using Celo. It provides a number of frameworks, examples, and Celo specific functionality to help you get started with your next dApp.
Celo Composer is built on Celo to make it simple to build dApps using a variety of front-end frameworks.
To build your dApp, you'll need to install the dependencies, create a new project, and run the following commands:
git clone https://github.com/celo-org/celo-composer
cd celo-composer
cd packages/hardhat
yarn install
npx hardhat create-account # prints a private key + account
packages/hardhat/.env
and paste the line containing the private key into it, so it looks something like this:PRIVATE_KEY="0xba28d5cea192f121db5f1dd7f501532170bb7bb984c4d3747df3e251e529f77d"
yarn deploy
Read more details about the hardhat package here.
cd packages/react-app
yarn install
yarn dev
npx localtunnel --port 3000
packages/hardhat/contracts
.packages/hardhat/deploy
.packages/react-app/pages/index.tsx
.You can run yarn deploy --reset
to force re-deploy your contracts to your local development chain.
This repo comes with a netlify.toml
file that makes it easy to deploy your front end using Netlify. The toml
file contains instructions for Netlify to build and serve the site, so all you need to do is create an account and connect your GitHub repo to Netlify.
You can import account account keys for the local development chain into Metamask. To print the private keys of the local chain accounts cd /packages/hardhat
and run
npx hardhat devchain-keys
If you are working on a local development blockchain, you may see errors about the tx doesn't have the correct nonce.
This is because wallets often cache the account nonce to reduce the number of RPC calls and can get out of sync when you restart your development chain. You can reset the account nonce in Metamask by going to Settings > Advanced > Reset Account
. This will clear the tx history and force Metamask to query the appropriate nonce from your development chain.
Note: You can get a local copy of mainnet by forking with Ganache. Learn more about forking mainnet with Ganache here.
The example UI in packages/react-app
uses the Next.js React framework, and react-celo Celo library to get you started with building a responsive, web3 DApp quickly. Feel free to use it as a reference and use whatever web3 packages you are familiar with.
Using the Graph is not a requirement for building a web3 application. It is more of a convenience for when your application is reading a lot of data from a blockchain.
Its suggested to only adding support for the Graph when you need it, avoid premature optimization.
The /packages/subgraphs
directory includes an example subgraph for reading data from the example Storage.sol
contract. The Graph is a blockchain data indexing service that makes it easier to read data from EVM blockchains. You can read more about how the Graph works and how to use it in the README here.
📕 Read the docs: https://docs.soliditylang.org
📧 Learn the Solidity globals and units
Join the Celo Discord server at https://chat.celo.org. Reach out on the dedicated repo channel here.
See the open issues for a full list of proposed features (and known issues).
As a contributor, you can add your own dApp to this repository and include it as a tab for others to access. Follow the steps below and reference existing files for additional details to help you get started.
If you decide to try this out and find something confusing, consider opening an pull request to make things more clear for the next developer that comes through. If you improve the user interface or create new components that you think might be useful for other developers, consider opening a PR.
We will happily compensate you for contributions. Anywhere between 5 and 50 cUSD (or more) depending on the work. This is dependent on the work that is done and is ultimately up to the discretion of the Celo Foundation developer relations team.
You can view the associated bounty on Gitcoin here.
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
packages/hardhat/contracts
.packages/hardhat/deploy/00-deploy.js
using the name of your smart contract.yarn deploy
ContractName.tsx
to packages/react-app/components
to create front end of your dApp.packages/react-app/components/index.tsx
using export * from './ContractName
packages/react-app/pages/index.tsx
by adding contract to import { ContractName } from "@/components";
packages/react-app/pages/index.tsx
and replace # with tab number.<Tab label="Contract Label" {...a11yProps(#)} />
#
with tab number and ContractName
with your smart contract name<TabPanel value={value} index={#}>
<GreeterContract contractData={contracts?.ContractName} />
</TabPanel>
You should now be able to view your new dApp from http://localhost:3000.
For M1 Mac developers who have installed nvm using brew, the server may crash. To resolve this issue, take a look here at this solution
Distributed under the MIT License. See LICENSE.txt
for more information.
FAQs
Get started building dApps on Celo
The npm package @celo/celo-composer receives a total of 21 weekly downloads. As such, @celo/celo-composer popularity was classified as not popular.
We found that @celo/celo-composer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.