Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@chromia/ft4
Advanced tools
@chromia/ft4
FT4 Library is a library for Rell modules (Chromia smart contract language). It can be imported and used as a token provider and manager. It allows several operations, among them: creation of different assets (type of tokens), allocation of tokens, transf
FT4 Library: Asset and Account Management for Chromia's Rell and TypeScript Environments
Introduction
The FT4 library is a toolkit to help dApp developers build real world applications within the Chromia ecosystem by providing out of the box support for things such as account creation and access management and interaction with external signature solutions already familiar to the user. It also provides asset management. Allowing issuance, allocation and transfers and tracing of asset activities, both within a chain as well as across other chains within the Chromia ecosystem.
Features
- Asset Management: Facilitate the creation, allocation, and management of assets.
- Asset Allocation and Transfers: Perform secure and efficient asset transfers.
- Cross-Chain Transfers: Enable the movement of assets between distinct blockchains.
- Account Registration and Management: Create and oversee user accounts independently of asset activities.
A full documentation on how to use the various features of the library can be found on the official docs page.
Repository Overview
This repository contains the FT4 library and a comprehensive suite of tests written in Node.js and Jest. The current testing setup serves as a temporary measure, as a Rell-based testing suite is in development.
Getting Started
Prerequisites
- Node.js
- Chromia CLI
- Docker
- [Optional] PostgreSQL for database sessions
Installation
Clone the repository and install the dependencies:
git clone git@gitlab.com:chromaway/ft4-lib.git
cd ft4-lib
npm install
chr install
Build
Build TypeScript library into dist/:
npm run build
How to Run Tests
Comprehensive Test Suite
Run the complete set of Rell and TypeScript tests:
npm run test
Run only Rell or TypeScript tests:
npm run test:rell
npm run test:js
The TypeScript tests can be run with even more granularity:
npm run test:js-unit # does not make any calls to a real blockchain
npm run test:js-integration # stars a single blockchain which it interacts with
npm run test:js-multichain # Stars a cluster of chains which it interacts with
Running Specific Rell Tests
To execute particular tests in Rell, use the --tests or -t option:
npm run test:rell -- --tests=test1,test2
npm run test:rell -- -t=test1,test2
Running Specific Jest Tests
Execute specific Jest tests by string matching:
npm run test:js 'string matching test(s)'
Examples:
npm run test:js 'user'
npm run test:js 'rate|sso'
Running End-to-End Tests with Cypress
Interactive Mode
Run e2e tests interactively:
npm run test:e2e
Headless Mode
Run e2e tests in headless mode:
npm run test:e2e:headless
Changelog
Update changelog in doc/release-notes/, then run ./scripts/compile-changelog.sh
script to assemble changelog.md and rell-changelog.md. Do not update
changelog.md or rell-changelog.md directly.
License
This project is licensed under the Apache License, Version 2.0. For more details, see the LICENSE file in the repository or visit Apache License, Version 2.0.
[2.0.0] - 2025-05-07
Breaking 💔
- Removed the constant
MERKLE_HASH_VERSIONSas the same constants is now exported from postchain-client and can be reused
Changed 🪙
- The
deriveNoncefunction has been updated to accept an additional input parametermerkleHashVersionthat defaults to1if not provided - The
TransactionBuilderevent type ofbuildAndSendfromWeb3CustomPromiEventtoWeb3PromiEvent - The
TransactionBuilderevent type ofbuildAndSendWithAnchoringfromWeb3CustomPromiEventtoWeb3PromiEvent - The return types of for the functions
buildAndSendandbuildAndSendWithAnchoringoftransactionBuilderfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
registerAccountfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
transferHistoryFromHeightfromTransferHistoryEntryResponse[]toPagedResponse<TransferHistoryEntryResponse> - The return type of the function
addAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
updateMainAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
deleteAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
deleteAllAuthDescriptorsExceptMainfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
transferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
recallUnclaimedTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
burnfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
crosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
resumeCrosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of the function
recallUnclaimedCrosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
Session.callfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
Session.callWithoutNopfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.addAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.updateMainAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.deleteAuthDescriptorfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.deleteAllAuthDescriptorsExceptMainfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.transferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.recallUnclaimedTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.crosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.resumeCrosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.revertCrosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.recallUnclaimedCrosschainTransferfromWeb3CustomPromiEventtoWeb3PromiEvent - The return type of
AuthenticatedAccount.burnfromWeb3CustomPromiEventtoWeb3PromiEvent
Removed 🗑️
- The implementations of
Web3CustomPromiEvent,Web3CustomEventMap,PromiseExecutor,Web3EventCallbackandWeb3EventKeyas postchain-client's was refactored to generic and can be reused
FAQs
FT4 Library is a library for Rell modules (Chromia smart contract language). It can be imported and used as a token provider and manager. It allows several operations, among them: creation of different assets (type of tokens), allocation of tokens, transf
The npm package @chromia/ft4 receives a total of 329 weekly downloads. As such, @chromia/ft4 popularity was classified as not popular.
We found that @chromia/ft4 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Package last updated on 07 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025