Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@celo/celo-devchain
Advanced tools
Ganache setup with core Celo contracts for local testing and development.
Ganache setup with core Celo contracts for local testing and development.
Now supports node18
.
> npm install --save-dev @celo/celo-devchain
> npx celo-devchain --port 7545
# Run sanity tests and print all core contract addresses:
> npx @celo/celo-devchain --test
NOTE: @celo/ganache-cli currently doesn't support locally signed transactions. If you send
a locally signed transaction it will throw: Error: Number can only safely store up to 53 bits
error and crash. Thus you have to make sure your ContractKit doesn't actually have the private
keys for test addresses and send transactions to be signed by ganache-cli itself.
Example code that uses this package: https://github.com/zviadm/celo-hellocontracts
Chain data in ./chains
folder is generated using steps described here: https://docs.celo.org/developer-guide/development-chain.
# Start with a fresh checkout to avoid build complications.
> git clone https://github.com/celo-org/celo-monorepo.git
> git fetch --all --tags
> git tag -l core-contracts*
> git checkout tags/core-contracts.v{version}
# Yarn commands can take a while to run.
> yarn
> yarn build
> cd packages/protocol
# NOTE: The following command is based on the number of migrations available in the protocol package.
# At some point the desired `--upto` flag can change based on changes in core-contracts,
# thus you might have to adjust it too, depending on which version of core-contracts
# you are attempting to build.
> yarn devchain generate-tar .tmp/devchain.tar.gz --migration_override ../dev-utils/src/migration-override.json --upto 28 --release_gold_contracts scripts/truffle/releaseGoldExampleConfigs.json
Contracts artifacts in ./contracts
should be updated with every contract release. They are generated by generated by building the protocol
package and copying over the contracts build
artifacts.
You can also use celo-devchain
with custom generated chain data:
> npx celo-devchain --file <path to custom chain data>
FAQs
Ganache setup with core Celo contracts for local testing and development.
The npm package @celo/celo-devchain receives a total of 607 weekly downloads. As such, @celo/celo-devchain popularity was classified as not popular.
We found that @celo/celo-devchain demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.