Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@metamask/insights-example-snap
Advanced tools
MetaMask example snap demonstrating the use of the Transaction Insights API.
@metamask/transaction-insights-example-snap
This snap demonstrates how to use the endowment:transaction-insight
permission
to provide transaction insights to the user. This snap uses the onTransaction
handler to provide insights for transactions that are sent by the user.
Transaction insights are displayed in the transaction confirmation screen, and can show any Snaps-based UI components.
Note: Using
onTransaction
requires theendowment:transaction-insight
permissions. Refer to the documentation for more information.
Along with other permissions, the manifest of this snap includes the
endowment:transaction-insight
permission:
{
"initialPermissions": {
"endowment:network-access": {}
}
}
By default, the onTransaction
does not receive the transaction origin. If you
want to receive the origin, you can add the allowTransactionOrigin
property to
the permission definition:
{
"initialPermissions": {
"endowment:transaction-insight": {
"allowTransactionOrigin": true
}
}
}
This snap exposes an onTransaction
handler, which is called when a transaction
is sent by the user. The handler receives the transaction details and the
transaction origin (if the allowTransactionOrigin
property is set to true
).
The snap decodes the transaction data and returns the decoded data as the transaction insight.
For more information, you can refer to the end-to-end tests.
FAQs
MetaMask example snap demonstrating the use of the Transaction Insights API.
The npm package @metamask/insights-example-snap receives a total of 1,861 weekly downloads. As such, @metamask/insights-example-snap popularity was classified as popular.
We found that @metamask/insights-example-snap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.