Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@gnosis.pm/dex-js
Advanced tools
Develop:
Gnosis Protocol JS
Gnosis Protocol JS it's library, with typescript support for Gnosis Protocol.
Gnosis Protocol introduces a new, fully decentralized exchange mechanism for ERC20 tokens with the following properties:
- Batch auctions
- Multidimensional order books with ring trades
- Uniform clearing prices in every batch
This library provides:
- Typescrypt version of the contracts of Gnosis Protocol
- Some handy utils and constants
Usage
# Using yarn
yarn add @gnosis.pm/dex-js --save
#Alternatively
npm install @gnosis.pm/dex-js --save
Import the contract:
import { BatchExchangeContract } from ' @gnosis.pm/dex-js'
// Instanciate the smart contract
const web3 = new Web3()
const batchExchangeContract = new BatchExchangeContract({ web3 })
// Alternativelly provide the address
const batchExchangeContract = new BatchExchangeContract({ web3, address: '0x89593E017D4A88c60347257DAfB95384a422da09' })
Issues
If you find any issue, or you want to request a feature use https://github.com/gnosis/dex-js/issues
Pull requests are welcomed and are the best way to suggest new features.
Collaborate
Build
# Install dependencies
yarn install
# Build
yarn build
# Build and watch (useful when using "npm link")
yarn build:watch
Run test
# Install dependencies
yarn install
# Run
yarn test
FAQs
Gnosis Protocol JS integration: utils, contracts and other goodies
The npm package @gnosis.pm/dex-js receives a total of 735 weekly downloads. As such, @gnosis.pm/dex-js popularity was classified as not popular.
We found that @gnosis.pm/dex-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 15 Dec 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025