Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@fireblocks/fireblocks-web3-provider
Advanced tools
@fireblocks/fireblocks-web3-provider
EIP-1193 Compatible Ethereum provider for Fireblocks
Fireblocks Web3 Provider
Fireblocks EIP-1193 Compatible Ethereum JavaScript Provider
Installation
npm install @fireblocks/fireblocks-web3-provider
Setup
import { FireblocksWeb3Provider, ChainId, ApiBaseUrl } from "@fireblocks/fireblocks-web3-provider";
const eip1193Provider = new FireblocksWeb3Provider({
// apiBaseUrl: ApiBaseUrl.Sandbox // If using a sandbox workspace
privateKey: process.env.FIREBLOCKS_API_PRIVATE_KEY_PATH,
apiKey: process.env.FIREBLOCKS_API_KEY,
vaultAccountIds: process.env.FIREBLOCKS_VAULT_ACCOUNT_IDS,
chainId: ChainId.GOERLI,
logTransactionStatusChanges: true, // Verbose logging
})
Usage with ethers.js
npm install ethers
import * as ethers from "ethers"
const provider = new ethers.BrowserProvider(eip1193Provider);
// Or like this if you're using ethers v5:
// const provider = new ethers.providers.Web3Provider(eip1193Provider);
Usage with web3.js
npm install web3
import Web3 from "web3";
const web3 = new Web3(eip1193Provider);
API Documentation
new FireblocksWeb3Provider(config)
configFireblocksProviderConfig
This class is an EIP-1193 Compatible Ethereum JavaScript Provider powered by the Fireblocks API
FireblocksProviderConfig
type FireblocksProviderConfig = {
// ------------- Mandatory fields -------------
/**
* Learn more about creating API users here:
* https://developers.fireblocks.com/docs/quickstart#api-user-creation
*/
/**
* Fireblocks API key
*/
apiKey: string,
/**
* Fireblocks API private key for signing requests
*/
privateKey: string,
// Either chainId or rpcUrl must be provided
/**
* If not provided, it is inferred from the rpcUrl
*/
chainId?: ChainId,
/**
* If not provided, it is inferred from the chainId
*/
rpcUrl?: string,
// ------------- Optional fields --------------
/**
* By default, the first 20 vault accounts are dynamically loaded from the Fireblocks API
* It is recommended to provide the vault account ids explicitly because it helps avoid unnecessary API calls
*/
vaultAccountIds?: number | number[] | string | string[],
/**
* By default, it uses the Fireblocks API production endpoint
* When using a sandbox workspace, you should provide the ApiBaseUrl.Sandbox value
*/
apiBaseUrl?: ApiBaseUrl | string,
/**
* By default, the fallback fee level is set to FeeLevel.MEDIUM
*/
fallbackFeeLevel?: FeeLevel,
/**
* By default, the note is set to "Created by Fireblocks Web3 Provider"
*/
note?: string,
/**
* By default, the polling interval is set to 1000ms (1 second)
* It is the interval in which the Fireblocks API is queried to check the status of transactions
*/
pollingInterval?: number,
/**
* By default, it is assumed that one time addresses are enabled in your workspace
* If they're not, set this to false
*/
oneTimeAddressesEnabled?: boolean,
/**
* By default, no externalTxId is associated with transactions
* If you want to set one, you can either provide a function that returns a string, or provide a string directly
*/
externalTxId?: (() => string) | string,
/**
* If you want to prepend an additional product string to the User-Agent header, you can provide it here
*/
userAgent?: string,
/**
* If you are using a private/custom EVM chain, you can provide its Fireblocks assetId here
*/
assetId?: string,
/**
* Default: false
* By setting to true, every transaction status change will be logged to the console
* Same as setting env var `DEBUG=fireblocks-web3-provider:status`
*/
logTransactionStatusChanges?: boolean,
/**
* Default: false
* By setting to true, every request and response processed by the provider will be logged to the console
* Same as setting env var `DEBUG=fireblocks-web3-provider:req_res`
*/
logRequestsAndResponses?: boolean,
/**
* Default: true
* By setting to true, every failed transaction will print additional information
* helpful for debugging, such as a link to simulate the transaction on Tenderly
* Same as setting env var `DEBUG=fireblocks-web3-provider:error`
*/
enhancedErrorHandling?: boolean,
/**
* Proxy path in the format of `http(s)://user:pass@server`
*/
proxyPath?: string
}
FAQs
EIP-1193 Compatible Ethereum provider for Fireblocks
The npm package @fireblocks/fireblocks-web3-provider receives a total of 9,194 weekly downloads. As such, @fireblocks/fireblocks-web3-provider popularity was classified as popular.
We found that @fireblocks/fireblocks-web3-provider demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Package last updated on 10 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025