Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@minka/ledger-sdk
Advanced tools
An SDK for interacting with the Minka Ledger.
Install this package by running:
npm install @minka/ledger-sdk
First, you need an instance of the LedgerSDK
class, you can pass an options object with the required
property baseUrl
pointing to the ledger you want to use.
const ledger = new LedgerSDK({
baseUrl: 'https://minka.inc..',
})
That ledger instance has different Clients and only one status
method that returns the status of the ledger.
Note: Most of the methods in the entire SDK are asynchronous
, meaning they return a promise you need to wait to be resolved by using async/
await(preferred) functions or
.then()` at the end of the methods chain.
Each entity of the ledger has its client, and those clients are properties of the LedgerSDK
instance, for example, the client for signers
will be returned in ledger.signers
if you used the example below to connect to the ledger.
All clients have common methods for listing (list
), fetching (read
) and initializing (init
) entities
The list
method allows you to fetch a list of the required entity, it has an optional object of type LedgerListParams
as a param to pass pagination and filtering options to it. You can read more about it here
const output = await ledger.signers.list()
// output: MultipleRecordsResponse
The read
method allows you to fetch a single record of the required entity, it has a required string param that is the handle you want to fetch.
const output = await ledger.signers.read('handle')
// output: SingleRecordResponse
the init
method allows you to initialize a new record builder
instance. record builders
provide a more convenient way to work with the records by implementing methods to hash, sign, test and send them to the ledger. You can optionally pass the initial record to the init method, otherwise, it will be initialized with an empty record.
// Initialize a record builder for the signers entity
const emptySignerRecord = await ledger.signers.init()
/**
* Send that record to the backend. Note this record will
* return error because it's empty.
*/
const response = await emptySignerRecord.send()
Keep in mind that methods are chainable, so you can easily create a record as follows;
/**
* "{}" represents valid data for the record
* "keyPair" represents a valid key pair
*/
await ledger.signers.init({ record: {} }).hash().sign([keyPair]).send()
FAQs
SDK for Minka Ledger
The npm package @minka/ledger-sdk receives a total of 232 weekly downloads. As such, @minka/ledger-sdk popularity was classified as not popular.
We found that @minka/ledger-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.