Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@demox-labs/aleo-sdk-web
Advanced tools
Aleo JavaScript and WebAssembly bindings for building zero-knowledge web applications.
Rust
compiles easily to WebAssembly
but creating the glue code necessary to use compiled WebAssembly binaries
from other languages such as JavaScript is a challenging task. wasm-bindgen
is a tool that simplifies this process by
auto-generating JavaScript bindings to Rust code that has been compiled into WebAssembly.
This crate uses wasm-bindgen
to create JavaScript bindings to Aleo source code so that it can be used to create zero
knowledge proofs directly within web browsers
and NodeJS
.
Functionality exposed by this crate includes:
Records
, Programs
, and Transactions
and their associated helper methodsProgramManager
object that contains methods for authoring, deploying, and interacting with Aleo programsMore information on these concepts can be found at the Aleo Developer Hub.
The rollup-plugin-rust tool is used to compile the Rust code in this crate into JavaScript modules which can be imported into other JavaScript projects.
Follow the installation instructions on the rollup-plugin-rust README.
yarn build
This will produce .js
and .wasm
files inside of the dist
folder.
Run tests in NodeJS
wasm-pack test --node
Run tests in a browser
wasm-pack test --[firefox/chrome/safari]
Further documentation and tutorials as to how to use the modules built from this crate to build web apps will be built
in the future. However - in the meantime, the aleo.tools website is a good
example of how to use these modules to build a web app. Its source code can be found in the
Aleo SDK repo in the website
folder.
FAQs
Wasm build for the SDK
The npm package @demox-labs/aleo-sdk-web receives a total of 0 weekly downloads. As such, @demox-labs/aleo-sdk-web popularity was classified as not popular.
We found that @demox-labs/aleo-sdk-web demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.