Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@ethersproject/contracts
Advanced tools
@ethersproject/contracts is a part of the ethers.js library, which is a complete and compact library for interacting with the Ethereum blockchain and its ecosystem. The @ethersproject/contracts package specifically provides utilities for interacting with smart contracts, including deployment, function calls, and event listening.
Deploying a Contract
This feature allows you to deploy a smart contract to the Ethereum blockchain. The code sample demonstrates how to use the ContractFactory to deploy a contract using its ABI and bytecode.
const { ethers } = require('ethers');
const bytecode = '0x...'; // Contract bytecode
const abi = [ /* Contract ABI */ ];
const provider = new ethers.providers.JsonRpcProvider('http://localhost:8545');
const wallet = new ethers.Wallet('YOUR_PRIVATE_KEY', provider);
const factory = new ethers.ContractFactory(abi, bytecode, wallet);
async function deployContract() {
const contract = await factory.deploy();
await contract.deployed();
console.log('Contract deployed at:', contract.address);
}
deployContract();
Interacting with a Deployed Contract
This feature allows you to interact with an already deployed contract. The code sample shows how to call a function on the contract and read data from it.
const { ethers } = require('ethers');
const abi = [ /* Contract ABI */ ];
const contractAddress = '0x...';
const provider = new ethers.providers.JsonRpcProvider('http://localhost:8545');
const contract = new ethers.Contract(contractAddress, abi, provider);
async function readData() {
const data = await contract.someFunction();
console.log('Data:', data);
}
readData();
Listening to Contract Events
This feature allows you to listen to events emitted by a smart contract. The code sample demonstrates how to set up an event listener for a specific event emitted by the contract.
const { ethers } = require('ethers');
const abi = [ /* Contract ABI */ ];
const contractAddress = '0x...';
const provider = new ethers.providers.JsonRpcProvider('http://localhost:8545');
const contract = new ethers.Contract(contractAddress, abi, provider);
contract.on('SomeEvent', (arg1, arg2, event) => {
console.log('Event received:', arg1, arg2, event);
});
web3.js is a collection of libraries that allow you to interact with a local or remote Ethereum node using HTTP, IPC, or WebSocket. It provides similar functionalities to @ethersproject/contracts, such as deploying contracts, calling contract functions, and listening to events. However, web3.js is generally considered to be more heavyweight and less modular compared to ethers.js.
truffle-contract is a part of the Truffle Suite, which is a development environment, testing framework, and asset pipeline for Ethereum. It provides a higher-level abstraction for interacting with smart contracts, making it easier to work with them. However, it is tightly integrated with the Truffle Suite and may not be as lightweight or flexible as @ethersproject/contracts.
Embark is a framework for developing and deploying decentralized applications (dApps) that includes tools for managing smart contracts. It provides functionalities similar to @ethersproject/contracts, such as contract deployment and interaction. Embark is more of an all-in-one solution for dApp development, whereas @ethersproject/contracts is a more focused library for contract interaction.
This sub-module is part of the ethers project.
It is creating (at run-time) an object which interacts with an on-chain contract as a native JavaScript object.
If you are familiar with ORM for Databases, this is similar, but for smart contracts.
For more information, see the documentation.
Most users will prefer to use the umbrella package, but for those with more specific needs, individual components can be imported.
const {
Contract,
ContractFactory,
RunningEvent,
// Types
ContractInterface,
Overrides,
PayableOverrides,
CallOverrides,
PopulatedTransaction,
EventFilter,
ContractFunction,
Event,
ContractReceipt,
ContractTransaction
} = require("@ethersproject/contracts");
MIT License
FAQs
Contract abstraction meta-class for ethers.
The npm package @ethersproject/contracts receives a total of 601,606 weekly downloads. As such, @ethersproject/contracts popularity was classified as popular.
We found that @ethersproject/contracts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.