Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@enterdao/landworks-widget
Advanced tools
Be able to list and rent from everywhere!
npm install @enterdao/landworks-widget --save
import {
ListingModal,
RentingModal,
WidgetTheme,
} from "@enterdao/landworks-widget/dist/main";
const mintTheme: WidgetTheme = {
colors: {
primary: '#5cdb95',
primaryContrastText: '#fff',
background: '#05385b',
error: '#f35588',
success: '#5cdb95',
textPrimary: '#edf5e1',
textSecondary: '#348aa2',
textDisabled: '#20688a',
infoAlertBackground: '#114761'
},
button: {
minHeight: 48
}
}
const App = () => {
const [isListingModalOpened, setIsListingModalOpened] = useState(false);
const [isRentingModalOpened, setIsRentingModalOpened] = useState(false);
const provider = useMemo(() => {
if (window?.ethereum && window?.ethereum.providers?.length) {
return window?.ethereum.providers.find((p: any) => p.isMetaMask);
}
return window?.ethereum;
}, []);
const handleSuccess = (transactionReceipt: any) => {
console.log(transactionReceipt);
setIsListingModalOpened(false);
setIsRentingModalOpened(false);
};
const handleError = (e: Error) => {
console.log(e);
};
return (
<>
<button onClick={() => setIsListingModalOpened(true)}>List</button>
<button onClick={() => setIsRentingModalOpened(true)}>Rent</button>
<ListingModal
provider={provider}
open={isListingModalOpened}
onClose={() => setIsListingModalOpened(false)}
onSuccess={handleSuccess}
onError={handleError}
tokenAddress="0x7a7f6c8a0715fb34e92c31985b98c9ef833044f8"
referrer="0x0000000000000000000000000000000000000000"
tokenId="3"
theme={mintTheme}
/>
<RendingModal
provider={provider}
open={isRentingModalOpened}
onClose={() => setIsRentingModalOpened(false)}
onSuccess={handleSuccess}
onError={handleError}
referrer="0x0000000000000000000000000000000000000000"
assetId="9"
theme={mintTheme}
/>
</>
);
};
To guarantee that passed data in listing/renting modal is correct and not altered, modal can show user an error.
Here are the cases that can cause an error:
provider
, tokenId
, assetId
, tokenAddress
or referrer
changes when listing/renting modal is open;0x0000000000000000000000000000000000000000
);renting modal
you provided asset with id assetId
that doesn't exist or asset with id assetId
is delisted/withdrawn by the
owner;listing modal
you provided tokenAddress
that is invalid or it's not one the listed here;listing modal
you provided token with id tokenId
that active wallet doesn't have or token doesn't belong to metaverse registry with address tokenAddress
.To prevent errors, make sure you are passing correct data and don't alter the data when modal is open.
Common props:
Prop | Type | Default | Description |
---|---|---|---|
open | boolean | required | Triggering the opening of the modal. |
onClose | function | undefined | Callback function, called upon modal closing. Triggered when user clicks outside of the modal or clicks on close |
onError | function | undefined | Callback function, called upon error. |
onSuccess | function | undefined | Callback function, called after contract execution (transaction) has been mined. |
provider | object | required | Web3 provider. |
referrer | string | required | EVM wallet address, passed as referrer upon listing and renting. Specify 0x0000000000000000000000000000000000000000 if you do not want to use a referrer. Ping us to get a referrer! |
theme | object | undefined | Object, used for changing look of the widget |
Listing modal props:
Prop | Type | Default | Description |
---|---|---|---|
tokenAddress | string | required | Address of the ERC-721 collection. |
tokenId | string | required | Token ID from the ERC-721 collection. Provider address must have it in its wallet. |
Renting modal props
Prop | Type | Default | Description |
---|---|---|---|
assetId | string | required | The LandWorks Asset ID that you want to rent. |
Callback, with first parameter as an error, that will be triggered in the following cases:
When listing or renting was successful callback will be triggered with transaction receipt as first parameter.
Structure of the transaction receipt:
interface TransactionReceipt {
status: boolean;
transactionHash: string;
transactionIndex: number;
blockHash: string;
blockNumber: number;
from: string;
to: string;
contractAddress?: string;
cumulativeGasUsed: number;
gasUsed: number;
effectiveGasPrice: number;
logs: Log[];
logsBloom: string;
events?: {
[eventName: string]: EventLog;
};
}
Web3 provider that used by your app.
Currently widget supports next providers:
Used by applications, which would like to refer users to list or rent assets in LandWorks.
Referring someone upon list
or rent
gives you a fixed percentage of the rent
protocol fees on every referred action.
Allows you to customize the look of the widget to match the design of your web app.
To customize the widget you can tweak some of the following options:
interface WidgetTheme {
colors?: WidgetThemeColors;
zIndex?: number;
typography?: TypographyOptions;
components?: WidgetThemeComponents;
borderRadius?: WidgetThemeBorderRadius;
}
Colors of the widget.
Optional properties are calculated based on required properties.
interface WidgetThemeColors {
primary: string;
primaryContrastText: string;
success: string;
error: string;
textPrimary: string;
textSecondary: string;
textDisabled: string;
background: string; // Background of the modal
link?: string; // Link color
paper?: string;
backgroundDivider?: string;
paperDivider?: string;
actionDisabledText?: string; // Text of the disabled element e.g. button
actionDisabledBackground?: string; // Background of the disabled e.g. button
actionHoverOverlay?: string; // Color of the overlay that appear when hovered over action elements e.g. button
actionSelectedOverlay?: string; // Color of the overlay that appear when element is selected e.g. option of the select component
loaderBackground?: string;
loaderForeground?: string;
tooltipTitle?: string;
tooltipText?: string;
tooltipBackground?: string;
infoAlertIcon?: string;
infoAlertBackground?: string;
infoAlertText?: string;
infoAlertTitle?: string;
modalCloseButtonBackground?: string;
modalCloseButtonForeground?: string;
inputFocusBorder?: string; // Border color of the focused input
inputBackground?: string;
accentButtonText?: string;
accentButtonBackground?: string;
accentButtonGradient?: string;
}
z-index of the modal. Also used to calculate z-index of the tooltip.
Object for changing typography of the widget. Has the same structure like mui's
theme typography
property with additional link
variant.
Object that used for customizing some of the components of the widget.
Values of component object are style objects that are the same as the ones that used for the styled utility of the mui.
interface WidgetThemeComponents {
dialog?: CSSObject; // Widgets modal dialog
backdrop?: CSSObject; // Backdrop of the modal
input?: CSSObject;
paper?: CSSObject;
alert?: CSSObject;
button?: CSSObject; // Common styles of the button
defaultButton?: CSSObject;
accentButton?: CSSObject;
listingModalSummaryCard?: CSSObject;
rentingModalDetailsCard?: CSSObject;
rentingModalSummaryCard?: CSSObject;
}
Border radiuses used in the widget.
interface WidgetThemeBorderRadius {
md: string;
lg: string;
xl: string;
}
Default value:
{
md: "10px",
lg: "15px",
xl: "20px"
}
ERC-721 collection address also known as metaverse registry address.
Each metaverse has their own metaverse registry address. Also some different types of tokens can have different registry addresses.
Currently LandWorks has next metaverse registry addresses:
0xf87e31492faf9a91b02ee0deaad50d51d56d5d4d
0x959e104e1a4db6317fa58f8295f586e1a978c297
0x79986af15539de2db9a5086382daeda917a9cf0c
FAQs
Be able to list and rent from everywhere!
We found that @enterdao/landworks-widget demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.