Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@fiatconnect/fiatconnect-sdk
Advanced tools
A helper library for wallets to integrate with FiatConnect APIs
A lightweight Typescript helper library for wallets or dapps to integrate with FiatConnect compliant APIs.
To begin, install the library from your project:
yarn add @fiatconnect/fiatconnect-sdk
Next, initialize a FiatConnectClient
wherever you need to access a FiatConnect API in your codebase. See examples in
the Valora wallet
and FiatConnect validation tests.
From there, you can access any FiatConnect endpoint by invoking a method on the FiatConnectClient
instance. There is
a convenient example of a full transfer in this validation test.
Note that some FiatConnect endpoints require authentication before they can be accessed. You can read up on FiatConnect authentication here.
The FiatConnect SDK handles authentication by taking a signingFunction
as a parameter in the FiatConnectClient
constructor. The FiatConnectClient
instance uses the signing function to sign a SIWE message and log in with a
FiatConnect provider when:
login
method is invoked explicitlyWallets may or may not wish to require a PIN every time a SIWE message is signed, or just some of the time. They may implement
whatever preference they have by writing the signingFunction
accordingly.
In most cases, clients will wish to integrate with multiple FiatConnect providers. However, it is worth noting that the
FiatConnectClient
class deals with only a single provider. This allows for more convenient separation of session
cookies and provider-specific configuration data (base URL, etc.).
For an example of how to manage multiple FiatConnect providers in your codebase using the FiatConnect SDK, you may refer to the Valora wallet, which stores an object in memory mapping provider ID's to FiatConnectClient instances. Many similar possibilities exist.
At time of writing, three companies offer a FiatConnect-compliant sandbox API: Valora, Alpha Fortress, and Bitmama.
If you want to test against a sandbox server that is FiatConnect-compliant, you can ask one of these companies on Discord to share API credentials with you. In particular, you will want a base URL and client API key that can be used to instantiate a FiatConnectClient.
Alternatively, if you want to make heavier use of a sandbox server (such as for CI), you can stand up your own FiatConnect-compliant sandbox using the api starter.
yarn test
We welcome contributions in the form of Issues and PRs. See CONTRIBUTING.md. If you have ideas for FiatConnect SDK that you'd like to discuss with other developers, you may contact us on the FiatConnect Discord.
FAQs
A helper library for wallets to integrate with FiatConnect APIs
We found that @fiatconnect/fiatconnect-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.