Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@magic-ext/tezos
Advanced tools
npm i magic-sdk @magic-ext/tezos
Setup TezosExtension with magic-sdk
import { Magic } from 'magic-sdk';
import { TezosExtension } from '@magic-ext/tezos';
const magic = new Magic('YOUR_API_KEY', {
extensions: [
new TezosExtension({
rpcUrl: 'tezos rpc url'
})
]
});
// or
const magic = new Magic('YOUR_API_KEY', {
extensions: {
tezos: new TezosExtension({
rpcUrl: 'tezos rpc url'
})
}
});
See the developer documentation to learn how you can master the Magic SDK in a matter of minutes.
Using getAccount function to get Tezos public address for current user.
const publicAddress = await magic.tezos.getAccount();
console.log('tezos public address', publicAddress);
const handlerSendTransaction = async () => {
const result = await magic.tezos.sendTransactionOperation('tz1RVcUP9nUurgEJMDou8eW3bVDs6qmP5Lnc', 500000, 1500, '');
console.log(`Injected operation group id ${result.operationGroupID}`);
};
const handleSendDelegation = async () => {
const result = await magic.tezos.sendDelegationOperation('tz1LhS2WFCinpwUTdUb991ocL2D9Uk6FJGJK', 10000);
console.log(`Injected operation group id`, result);
}
const handleSendContractOrigination = async () => {
const contract = `[
{
"prim":"parameter",
"args":[ { "prim":"string" } ]
},
{
"prim":"storage",
"args":[ { "prim":"string" } ]
},
{
"prim":"code",
"args":[
[
{ "prim":"CAR" },
{ "prim":"NIL", "args":[ { "prim":"operation" } ] },
{ "prim":"PAIR" }
]
]
}
]`;
const storage = '{"string": "Sample"}';
const params = {
amount: 0,
delegate: undefined,
fee: 100000,
derivationPath: '',
storage_limit: 1000,
gas_limit: 100000,
code: contract,
storage,
codeFormat: 'micheline',
}
const result = await magic.tezos.sendContractOriginationOperation(
params.amount,
params.delegate,
params.fee,
params.derivationPath,
params.storage_limit,
params.gas_limit,
params.code,
params.storage,
params.codeFormat
);
console.log(`Injected operation`, result);
};
const handleInvokeContract = async () => {
const params = {
contract: 'KT1NXXLzk3rwnawPc4HwDn8siPkMaBjT5Hdr',
amount: 0,
fee: 100000,
derivationPath: '',
storageLimit: 1000,
gasLimit: 100000,
entrypoint: '',
parameters: '{"string": "Cryptonomicon"}',
parameterFormat: 'micheline'
};
const result = await magic.tezos.sendContractInvocationOperation(
params.contract,
params.amount,
params.fee,
params.derivationPath,
params.storageLimit,
params.gasLimit,
params.entrypoint,
params.parameters,
params.parameterFormat
);
console.log(`Injected operation`, result);
};
const handleContractPing = async () => {
const params = {
contract: 'KT1NXXLzk3rwnawPc4HwDn8siPkMaBjT5Hdr',
amount: 10000,
fee: 100000,
derivationPath: '',
storageLimit: 1000,
gasLimit: 100000,
entrypoint: ''
};
const result = await magic.tezos.sendContractPing(
params.contract,
params.amount,
params.fee,
params.derivationPath,
params.storageLimit,
params.gasLimit,
params.entrypoint,
);
console.log(`Injected operation`, result);
}
FAQs
magic tezos extension
The npm package @magic-ext/tezos receives a total of 344 weekly downloads. As such, @magic-ext/tezos popularity was classified as not popular.
We found that @magic-ext/tezos demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.