Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@metamask/detect-provider

Package Overview
Dependencies
Maintainers
7
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@metamask/detect-provider

A tiny utility for detecting the MetaMask Ethereum provider, or any EIP 1193-compliant provider.

  • 2.0.0
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
48K
decreased by-6.66%
Maintainers
7
Weekly downloads
 
Created
Source

@metamask/detect-provider

A tiny utility for detecting the MetaMask Ethereum provider, or any provider injected at window.ethereum.

It has 0 dependencies and works out of the box in any modern browser, for synchronously and asynchronously injected providers.

Usage

Keep in mind that the providers detected by this package may or may not support the Ethereum JavaScript Provider API. Please consult the MetaMask documentation to learn how to use our provider.

Node.js

import detectEthereumProvider from '@metamask/detect-provider'

const provider = await detectEthereumProvider()

if (provider) {

  console.log('Ethereum successfully detected!')

  // From now on, this should always be true:
  // provider === window.ethereum

  // Access the decentralized web!

  // Legacy providers may only have ethereum.sendAsync
  const chainId = await provider.request({
    method: 'eth_chainId'
  })
} else {

  // if the provider is not detected, detectEthereumProvider resolves to null
  console.error('Please install MetaMask!', error)
}

HTML

<script src="https://unpkg.com/@metamask/detect-provider/dist/detect-provider.min.js"></script>
<script type="text/javascript">
  const provider = await detectEthereumProvider()

  if (provider) {
    // handle provider
  } else {
    // handle no provider
  }
</script>

Options

The exported function takes an optional options object. If invalid options are provided, an error will be thrown. All options have default values.

options.mustBeMetaMask

Type: boolean

Default: false

Whether window.ethereum.isMetaMask === true is required for the returned Promise to resolve.

options.silent

Type: boolean

Default: false

Whether error messages should be logged to the console. Does not affect errors thrown due to invalid options.

options.timeout

Type: number

Default: 3000

How many milliseconds to wait for asynchronously injected providers.

Advanced Topics

Synchronous and Asynchronous Injection

Providers can be either synchronously or asynchronously injected:

  • Synchronously injected providers will be available by the time website code starts executing.
  • Asynchronously injected providers may not become available until later in the page lifecycle.

The MetaMask extension provider is synchronously injected, while the MetaMask mobile provider is asynchronously injected.

To notify sites of asynchronous injection, MetaMask dispatches the ethereum#initialized event on window immediately after the provider has been set as window.ethereum. This package relies on that event to detect asynchronous injection.

Overwriting or Modifying window.ethereum

The detected provider object returned by this package will strictly equal (===) window.ethereum for the entire page lifecycle, unless window.ethereum is overwritten. In general, consumers should never overwrite window.ethereum or attempt to modify the provider object.

If, as a dapp developer, you notice that the provider returned by this package does not strictly equal window.ethereum, something is wrong. This may happen, for example, if the user has multiple wallets installed. After confirming that your code and dependencies are not modifying or overwriting window.ethereum, you should ask the user to ensure that they only have a single provider-injecting wallet enabled at any one time.

Keywords

FAQs

Package last updated on 03 Oct 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc