Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@dialectlabs/monitor
Advanced tools
Monitor is an open-source framework that makes it easy to extract and transform on-chain data into targeted, timely smart messages. You can implement a monitor service to provide your dApp's users with smart messages.
Monitor is an open-source framework that makes it easy to extract and transform on-chain data into targeted, timely smart messages. You can implement a monitor service to provide your dApp's users with smart messages.
The monitor framework provides features to seamlessly integrate notifications with your dApp:
Data-stream processing features include:
npm:
npm install @dialectlabs/monitor
yarn:
yarn add @dialectlabs/monitor
Dialect's monitor is best learned by example. This section describes how to use Dialect monitor to build a monitoring apps by showing you various example apps in the examples/
folder of this repository. Follow along in this section, & refer to the code in those examples.
Examples start from real application that is utilizing solana blockchain and dialect program, then we provide some examples that don't utilize solana as a dependency to run for development simplicity.
This example emulates e2e scenario for monitoring some on chain resources for a set of subscribers and has 2 parts:
The server implementation is provided below
import { Monitor, Monitors, Pipelines, ResourceId, SourceData } from '@dialectlabs/monitor';
import { Duration } from 'luxon';
type DataType = {
cratio: number;
healthRatio: number;
};
const monitor: Monitor<DataType> = Monitors.builder({
dialectProgram: // ... set a dialect program,
monitorKeypair: // ... set a keypair used to send notifications,
// ... other configuration
})
.defineDataSource<DataType>()
.poll((subscribers: ResourceId[]) => {
const sourceData: SourceData<DataType>[] = // ... extract data from chain for set of subscribers
return Promise.resolve(sourceData);
}, Duration.fromObject({ seconds: 3 }))
.transform<number, number>({
keys: ['cratio'], // select a subset of attrributes from DataType
pipelines: [
// Send notification each time when value falling below the threshold
Pipelines.threshold(
{
type: 'falling-edge',
threshold: 0.5,
},
// ... Optionally you can limit rate of the messages
{
type: 'throttle-time',
timeSpan: Duration.fromObject({ minutes: 5 }),
},
),
],
})
.notify()
.email(({ value }) => ({
subject: '[WARNING] Cratio above warning threshold',
text: `Your cratio = ${value} above warning threshold`,
}))
.dialectThread(({ value }) => ({
message: `Your cratio = ${value} above warning threshold`,
}))
.and()
.dispatch('unicast')
.build();
monitor.start();
// ...
Please follow the instructions below to run the example
Please follow the instructions in https://github.com/dialectlabs/protocol#local-development
export your_path=~/projects/dialect
solana-keygen new --outfile ${your_path}/monitoring-service-dev-local-key.json
solana-keygen pubkey ${your_path}/monitoring-service-dev-local-key.json > ${your_path}/monitoring-service-dev-local-key.pub
solana -k ${your_path}/monitoring-service-dev-local-key.json airdrop 3
cd examples
export your_path=~/projects/dialect
MONITORING_SERVICE_PRIVATE_KEY=$(cat ${your_path}/monitoring-service-dev-local-key.json) ts-node ./000.2-real-monoring-service-server.ts
cd examples
export your_path=~/projects/dialect
MONITORING_SERVICE_PUBLIC_KEY=$(solana address --keypair ${your_path}/monitoring-service-dev-local-key.json) ts-node ./000.1-real-monoring-service-client.ts
When both client and server are started, server will start polling data and notifying subscribers
Shows an example of how to define custom data source, transform data and generate notifications Doesn't exchange data with on-chain program for development simplicity.
cd examples
ts-node ./001-data-source-monitor.ts
Shows an example of how subscribe to events about subscriber state changes and generate notifications. Useful e.g. for sending new subscriber greetings or cleaning some data when subscriber removed. Doesn't exchange data with on-chain program for development simplicity.
cd examples
ts-node ./002-subscribers-monitor.ts
Shows an example of how to define custom subscriber repository instead of getting this data from on-chain program accounts. Useful for local development.
Shows an example of how to define notification sink instead of sending notifications via on-chain program. Useful for local development.
Shows an example of how to develop an analytical pipeline using a set of subsequent more low-level transformation operators.
If you're interested in developing on Dialect while making live changes to the library, see the Development section below.
npm:
npm install
yarn:
yarn
After getting familiar with https://github.com/dialectlabs/monitor/blob/main/examples/README.md and examples you'll be ready to implement a new monitoring service.
FAQs
Monitor is an open-source framework that makes it easy to extract and transform on-chain data into targeted, timely smart messages. You can implement a monitor service to provide your dApp's users with smart messages.
The npm package @dialectlabs/monitor receives a total of 151 weekly downloads. As such, @dialectlabs/monitor popularity was classified as not popular.
We found that @dialectlabs/monitor demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.