Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@ethereum-alarm-clock/cli
Advanced tools
Command-line tool written in JavaScript to interact with the Ethereum Alarm Clock
This package allows you to run an Ethereum Alarm Clock TimeNode and to schedule transactions. It contains testing utilties too.
If you would like to hack on @ethereum-alarm-clock/cli
or notice a bug, please open an issue or come find us on the Ethereum Alarm Clock Gitter channel and tell us. If you're feeling more ambitious and would like to contribute directly via a pull request, that's cool too. We will review all pull requests and issues opened on this repository. Even if you think something isn't working right or that it should work another way, we would really appreciate if you helped us by opening an issue!
Install the binary from NPM by typing npm i -g @ethereum-alarm-clock/cli
and hitting enter.
To run a TimeNode or schedule a transaction you will need to create a keystore. eac
contains some utilities to help out with this.
eac createWallet
will guide you through the steps of creating a keystore.
eac fundWallet <amt> --wallet <wallet_path> --password <string> --providers <urls>
will send <amt>
ether to each account in the passed in wallet from a local unlocked account. Notice, you must be running a local node with a local unlocked account to use this utility. Otherwise you can send ether to your wallet accounts in any other way.
If you ever get tired of running a TimeNode, you can drain the funds held in the wallet to an external account like so:
eac drainWallet <target_address> --wallet <wallet_path> --password <string>
Once you have your wallet set up and funded, run a TimeNode with some default params like so: (providers
is the comma-separated list of Ethereum node urls)
eac timenode --wallet <wallet_path> --password <string> --providers <urls> --maxDeposit 1
Open up ~/.eac.log
for the output, I prefer to follow the output in a new screen:
tail -f ~/.eac.log
Sample Dockerfile
for running the eac.js-cli
node with remote web3 provider
To create a docker image from the Dockerfile you need copy your wallet encrypted keystore json
file to the root directory.
update the wallet file name in the Dockerfile
on L#8
and L#13
Next step is to run docker build command
docker build . -t eac.js-cli --build-arg WALLET={WALLET_NAME}
where
{WALLET_NAME}
filename of the wallet file, has to be located in same dir as DockerfileNext running docker image
docker run -it -e PASSWORD={PASSWORD} -e PROVIDER={PROVIDER} eac.js-cli
where
{PASSWORD}
is a password used to encrypt wallet keystore file{PROVIDER}
is an comma-separated list of urls of web3 providerThis package is a part of EAC.JS family ~
FAQs
Command-line tool written in JavaScript to interact with the Ethereum Alarm Clock
The npm package @ethereum-alarm-clock/cli receives a total of 0 weekly downloads. As such, @ethereum-alarm-clock/cli popularity was classified as not popular.
We found that @ethereum-alarm-clock/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.