Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@devprotocol/dev-kit
Advanced tools
Dev Kit for JavaScript
First, install this repository as an npm package.
> npm i -D @devprotocol/dev-kit
You can use the Dev Protocol by importing it from a JavaScript(TypeScript) file.
import { contractFactory } from '@devprotocol/dev-kit'
import { providers } from 'ethers'
const provider = new providers.Web3Provider(window.ethereum)
const factory = contractFactory(provider)
const balance = await factory
.dev()
.balanceOf('0xB204f0Bb68De735b98abBA5ccAE7459837c2f084')
This is an example of retrieving the balance of the DEV token held by 0xB204f0Bb68De735b98abBA5ccAE7459837c2f084
It covers all the contracts and their functions that can be executed with the Dev Protocol.
The URL of the provider is easy to use with each node provisioning service.
## install dependency
> yarn
## test
> yarn test
## test with coverage
> yarn test:coverage
## build
> yarn build
> npm version [major|minor|patch]
> git push && git push --tags
GitHub Actions "Publish" automatically publishes the new version.
FAQs
Dev Kit for JavaScript
The npm package @devprotocol/dev-kit receives a total of 3,847 weekly downloads. As such, @devprotocol/dev-kit popularity was classified as popular.
We found that @devprotocol/dev-kit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.