Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@hlolli/arbundles
Advanced tools
A library for creating, editing, reading and verifying bundles.
Note: Gateways currently only index bundles up to 250mb. Creating bundles larger than this could lead to them not being indexed. The new gateway implementation will provide infinite bundle limits. If you wish to upload a transactions >250mb submit a standard transaction via arweave-js.
See ANS-104 for more details.
Using npm:
npm install arbundles
Using yarn:
yarn add arbundles
import { bundleAndSignData, createData } from "arbundles";
const dataItems = [
createData("some data"),
createData("some other data")
];
const signer = new ArweaveSigner(jwk);
const bundle = await bundleAndSignData(dataItems, jwk);
It's as simple as that! All the binary encoding is handled for you.
import { createData } from "arbundles";
const signer = new ArweaveSigner(jwk);
const dataItem = createData("some message", signer);
// Get owner in base64url encoded string
const owner = dataItem.owner;
// Sign a single DataItem
await dataItem.sign(jwk);
const response = dataItem.sendToBundler();
const bundle = await bundleAndSignData(dataItems, jwk);
// Get by index
const byIndex = bundle.get(0);
// Get by transaction id
const byId = bundle.get("hKMMPNh_emBf8v_at1tFzNYACisyMQNcKzeeE1QE9p8");
// Get all DataItems
const all = bundle.items;
const bundle = await bundleAndSignData(dataItems, jwk);
// Convert bundle to Arweave transaction
const tx = await bundle.toTransaction(arweave, jwk);
// Add some more tags after creation.
tx.addTag('MyTag', 'value1');
tx.addTag('MyTag', 'value2');
await arweave.transactions.sign(tx, jwk);
await arweave.transactions.post(tx);
import { Bundle } from "arbundles";
const data = await arweave.transactions.getData("hKMMPNh_emBf8v_at1tFzNYACisyMQNcKzeeE1QE9p8", { decode: true });
const bundle = new Bundle(Buffer.from(data));
This API is experimental so avoid use in production. There's one issue that exists that may affect it's overall functionality and could lead to breaking changes.
The file API stores the items in the filesystem meaning you can bundle more items without hitting the NodeJS memory limit.
Docs coming soon...
FAQs
Arweave bundling library
The npm package @hlolli/arbundles receives a total of 0 weekly downloads. As such, @hlolli/arbundles popularity was classified as not popular.
We found that @hlolli/arbundles demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.