Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@dreygur/td365

Package Overview
Dependencies
Maintainers
1
Versions
8
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dreygur/td365

A wraper for tradedirect365.com

  • 1.0.7
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1
decreased by-50%
Maintainers
1
Weekly downloads
 
Created
Source

TD365

Recently, we undertook a project related to trading. The requirements were straightforward: the client wanted a personalized trading terminal containing a limited set of trading items to be traded across multiple accounts. They wished to operate multiple trading accounts from this customized terminal. Additionally, they required the terminal to execute the same trade order simultaneously across all of the trading accounts they had saved.

Challenges:

Managing trading accounts can be tricky, especially on platforms where anonymous traders engage in item trading. These platforms are quick to suspend accounts if any form of misuse is detected. Unfortunately, the platform did not provide any APIs for creating a program that interacts with it. Therefore, we had to find a solution on our own.

First approach:

Our initial approach was to automate trading using a browser automation tool, aiming to avoid detection. However, this method did not yield satisfactory results. We encountered issues related to trade order placement, particularly due to problems with XPath caused by the platform's anti-bot measures. Even after circumventing these anti-bot measures, we struggled with response times. Placing a single trade order took around 2-3 seconds or even longer, which naturally left the client dissatisfied.

At this point, we decided to explore more unconventional methods.

Second approach:

We began to closely monitor the network requests made by the platform and identified some REST API endpoints. However, security measures were stringent.

To place a trade order, specific values were required, but the source of these values remained elusive. Each order necessitated the current price of the item, and while we attempted to use the private API with the visible values from the platform, our efforts were in vain. The platform employed a unique key parameter for all orders, and initially, this parameter's purpose eluded us. Undeterred, we combined the price retrieval mechanism from a WebSocket API we discovered on the platform with the private API to execute orders at the actual price. Unfortunately, this too did not yield success.

After another half-hour of searching, we successfully located the elusive key. Astonishingly, it had been right in front of us the entire time!

Finally, we managed to place trade orders within a mere 100 milliseconds!

Which approach did we ultimately adopt?

Let's keep that as our little secret.

What did we learn from this experience?

We gleaned invaluable insights, from bypassing new anti-bot strategies to accessing private APIs. Most importantly, we thoroughly enjoyed the entire process!

FAQs

Package last updated on 18 Sep 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc