Security News
Dutch National Police Disrupt Redline and Meta Malware Operations
Dutch National Police and FBI dismantle Redline and Meta infostealer malware-as-a-service operations in Operation Magnus, seizing servers and source code.
@ledgerhq/hw-app-eth
Advanced tools
Github, API Doc, Ledger Devs Slack
Ledger Hardware Wallet ETH JavaScript bindings.
Retrieve the token information by a given contract address if any
contract
stringReturns TokenInfo?
list all the ERC20 tokens informations
Returns Array<TokenInfo>
Ethereum API
transport
Transport<any>scrambleKey
string (optional, default "w0w"
)import Eth from "@ledgerhq/hw-app-eth";
const eth = new Eth(transport)
get Ethereum address for a given BIP 32 path.
eth.getAddress("44'/60'/0'/0/0").then(o => o.address)
Returns Promise<{publicKey: string, address: string, chainCode: string?}> an object with a publicKey, address and (optionally) chainCode
This commands provides a trusted description of an ERC 20 token to associate a contract address with a ticker and number of decimals.
It shall be run immediately before performing a transaction involving a contract calling this contract address to display the proper token information to the user if necessary.
info
any : a blob from "erc20.js" utilities that contains all token information.
info.data
import { byContractAddress } from "@ledgerhq/hw-app-eth/erc20"
const zrxInfo = byContractAddress("0xe41d2489571d322189246dafa5ebde1f4699f498")
if (zrxInfo) await appEth.provideERC20TokenInformation(zrxInfo)
const signed = await appEth.signTransaction(path, rawTxHex)
Returns Promise<void>
You can sign a transaction and retrieve v, r, s given the raw transaction and the BIP 32 path of the account to sign
eth.signTransaction("44'/60'/0'/0/0", "e8018504e3b292008252089428ee52a8f3d6e5d15f8b131996950d7f296c7952872bd72a2487400080").then(result => ...)
Returns Promise<{s: string, v: string, r: string}>
Returns Promise<{arbitraryDataEnabled: number, version: string}>
You can sign a message according to eth_sign RPC call and retrieve v, r, s given the message and the BIP 32 path of the account to sign.
eth.signPersonalMessage("44'/60'/0'/0/0", Buffer.from("test").toString("hex")).then(result => {
var v = result['v'] - 27;
v = v.toString(16);
if (v.length < 2) {
v = "0" + v;
}
console.log("Signature 0x" + result['r'] + result['s'] + v);
})
FAQs
Ledger Hardware Wallet Ethereum Application API
The npm package @ledgerhq/hw-app-eth receives a total of 36,669 weekly downloads. As such, @ledgerhq/hw-app-eth popularity was classified as popular.
We found that @ledgerhq/hw-app-eth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Dutch National Police and FBI dismantle Redline and Meta infostealer malware-as-a-service operations in Operation Magnus, seizing servers and source code.
Research
Security News
Socket is tracking a new trend where malicious actors are now exploiting the popularity of LLM research to spread malware through seemingly useful open source packages.
Security News
Research
Noxia, a new dark web bulletproof host, offers dirt cheap servers for Python, Node.js, Go, and Rust, enabling cybercriminals to distribute malware and execute supply chain attacks.