Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@connext/cf-adjudicator-contracts
Advanced tools
Smart contracts for an State Channel AppInstance Adjudicator
Counterfactual is a general framework for building state channel applications. An overview of the principles and objectives of this framework can be found at the Counterfactual specifications repo.
Make sure you have Yarn v1.10.1 installed or higher. Refer to Yarn's installation guide for setup instructions for your operating system.
To install the dependencies:
yarn
To compile the Solidity source code into bytecode and ABI, run:
yarn build
To run all tests:
yarn test
To run only specific tests:
yarn test [test/<filename of specific test>.spec.ts ...]
The networks
folder contains the migration files for the different Ethereum networks the contracts have been migrated to. The ID of the respective networks are used as file names. The mapping of some of the major Ethereum network IDs to network names is:
Network ID | Network Name |
---|---|
1 | Main net |
3 | Ropsten testnet |
4 | Rinkeby testnet |
42 | Kovan testnet |
Not all of the networks will be used for the Counterfactual contracts, but you can find a more comprehensive list here. To run a migration against a target network:
truffle-config.js
cp .env.example .env
and make sure the right env vars are set in .env
require('ethers').Wallet.fromMnemonic('ETH_ACCOUNT_MNENOMIC')
yarn migrate --network <network name>
FAQs
Smart contracts for an State Channel AppInstance Adjudicator
The npm package @connext/cf-adjudicator-contracts receives a total of 1 weekly downloads. As such, @connext/cf-adjudicator-contracts popularity was classified as not popular.
We found that @connext/cf-adjudicator-contracts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.