Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@moonbeam-network/xcm-sdk
Advanced tools
The Moonbeam XCM SDK enables developers to easily deposit and withdraw assets to Moonbeam/Moonriver from the relay chain and other parachains in the Polkadot/Kusama ecosystem
The Moonbeam XCM SDK enables developers to easily deposit and withdraw assets to Moonbeam/Moonriver from the relay chain and other parachains in the Polkadot/Kusama ecosystem. With the SDK, you don't need to worry about determining the multilocation of the origin or destination assets or which extrinsics are used on which networks to send XCM transfers. To deposit or withdraw assets, you simply define the asset and origin chain you want to deposit from or withdraw back to, along with the sending account's signer, and the amount to send.
npm i @moonbeam-network/xcm-config @moonbeam-network/xcm-sdk
:warning: You need to have peer dependencies of SDK installed as well.
npm i @polkadot/api-augment @polkadot/types @polkadot/util @polkadot/util-crypto ethers
import { init } from '@moonbeam-network/xcm-sdk';
const { moonbeam } = init();
// Optionally you can provide signers or do it on get()
const { moonbeam } = init({
ethersSigner,
polkadotSigner,
});
const moonbeamAddress = '0xeF46c7649270C912704fB09B75097f6E32208b85';
const substrateAddress = '5DG5Fn3ww3KPza1RLoap6QJNzQfEvRebxypDGp35YuMX5y2K';
// moonbeam.symbols is a list of asset symbols that you can deposit/withdraw
// chains is a list of chains from which you can deposit asset
const { chains, from } = moonbeam.deposit(moonbeam.symbols[0]);
const { min, send } = await from(chains[0]).get(
moonbeamAddress,
substrateAddress,
// if you haven't provided on init
{ polkadotSigner },
);
await send(min, (event) => console.log(event));
const { chains, to } = moonbeam.withdraw(moonbeam.symbols[0]);
const { min, send } = await to(chains[0]).get(
substrateAddress,
// if you haven't provided on init
{ ethersSigner },
);
await send(min, (event) => console.log(event));
const unsubscribe = await moonbeam.subscribeToAssetsBalanceInfo(
moonbeamAddress,
(balances) => {
balances.forEach(({ asset, balance, origin }) => {
// xcDOT: 0.073742 (Polkadot DOT)
// ...
console.log(
`${balance.symbol}: ${toDecimal(
balance.balance,
balance.decimals,
).toFixed()} (${origin.name} ${asset.originSymbol})`,
);
});
},
);
unsubscribe();
git clone git@github.com:PureStake/xcm-sdk.git
cd xcm-sdk
npm i
cd examples/sdk-simple
# edit index.ts by adding your accounts
npm start
git clone git@github.com:PureStake/xcm-sdk.git
npm i
npm run dev
npm run test
cp .env.example .env
# add private key and suri to .env file
npm run test:acc
FAQs
The Moonbeam XCM SDK enables developers to easily deposit and withdraw assets to Moonbeam/Moonriver from the relay chain and other parachains in the Polkadot/Kusama ecosystem
The npm package @moonbeam-network/xcm-sdk receives a total of 281 weekly downloads. As such, @moonbeam-network/xcm-sdk popularity was classified as not popular.
We found that @moonbeam-network/xcm-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.