
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@keystonehq/aptossnap
Advanced tools
Aptos Snap
Aptos Snap is the application allowing users to directly manage Aptos within the MetaMask interface. Since Snaps is pre-release software, the alpha version of Aptos Snap is currently live on Metamask Flask only, a canary distribution for developers that provides access to upcoming features.
*Note: MetaMask Flask is an experimental playground for developers and is not to be confused with the normal MetaMask wallet app.
Snaps is a system that allows developers to safely build and expand the capabilities of MetaMask. It is a program that is run in an isolated environment with a limited set of capabilities, that can customize and modify MetaMask's wallet experience for end users. For example, a snap can add new APIs to MetaMask thus adding support for different blockchains or modify existing functionalities using internal APIs.
Additional information can be found here.
Aptos Snap
in your dappconst result: boolean = await ethereum.request({
method: 'wallet_enable',
params: [
{
wallet_snap: {'npm:@keystonehq/aptossnap': {}},
},
],
});
const result: string = await ethereum.request({
method: 'wallet_invokeSnap',
params: [
"npm:@keystonehq/aptossnap",
{
method: 'aptso_getAccount'
},
],
});
const result: { txId: string, txHex: string } = await ethereum.request({
method: 'wallet_invokeSnap',
params: [
snapId,
{
method: 'aptos_signTransaction',
params: {
rawTransaction: bcsBytes // bcs serialized raw transaction bytes
},
},
],
})
Build the snap and test it locally with the following command:
yarn build
If you would like to integrate Aptos Snap into your dapp, you can use the following codes here.
FAQs
Aptos - Metamask snap to interact with Aptos.
The npm package @keystonehq/aptossnap receives a total of 1 weekly downloads. As such, @keystonehq/aptossnap popularity was classified as not popular.
We found that @keystonehq/aptossnap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.