Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@onflow/sdk
Advanced tools
A collection of modules that make interacting with Flow easier.
This package is working and in active delveopment, breaking changes may happen.
npm install --save @onflow/sdk
Building a interaction produces an unresolved interaction. For example, to build a transaction interaction you must call sdk.build([...])
, and pass in the sequence of builders you want to use to compose that transaction interaction. The example below highlights one way to build a transaction interaction:
const builtTxIx = await sdk.build([
sdk.payer(sdk.authorization("01", signingFunction, 0)),
sdk.proposer("01", 0, seqNum),
sdk.transaction`transaction { prepare(acct: AuthAccount) {} execute { log("Hello") } }`,
sdk.authorizations([sdk.authorization("01", signingFunction, 0)]),
])
Once a transaction interaction is built, it's still not quite ready to be sent to the Access Node. To further prepare it to be ready to be sent to the Access Node, you must resolve it by piping it through a series of resolvers. Resolvers are functions that consume an interaction and attempt to fill in or prepare any missing pieces of it to get it ready to be sent to the Access API. The example below highlights one way to resolve a transaction interaction:
const resolvedTxIx = await sdk.pipe(builtTxIx, [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
])
)
Now that your transction interaction is resolved, it can be sent to an Access Node! To send it to an Access Node, you must call sdk.send(...)
with that interaction, and a configuration object. To specify which Access Node to send your request to, you specify it in the node parameter of the config object. For example, the code below shows how to send your transaction interaction to the Flow Emulator running on localhost:8080:
const response = await sdk.send(resolvedTxIx, { node: "http://localhost:8080" })
The SDK additionally supplies builders to construct interactions of many different types to interact with the Access Node's various APIs.
Please reference the provided example project react-simple
for example code.
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.getAccount(addr)
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.getEvents(eventType, startBlock, endBlock),
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.getLatestBlock()
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.getTransactionStatus(txId)
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.ping()
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.params([sdk.param("foo", "bar")]),
sdk.script`
pub fun main(): Int {
log("${p => p.foo}")
return 7
}
`,
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const acctResponse = await sdk.send(await sdk.pipe(await sdk.build([
sdk.getAccount("01")
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
const seqNum = acctResponse.account.keys[0].sequenceNumber
const response = await sdk.send(await sdk.pipe(await sdk.build([
sdk.payer(sdk.authorization("01", signingFunction, 0)),
sdk.proposer("01", 0, seqNum),
sdk.transaction`transaction { prepare(acct: AuthAccount) {} execute { log("Hello") } }`,
sdk.authorizations([sdk.authorization("01", signingFunction, 0)]),
]), [
sdk.resolve([
sdk.resolveParams,
sdk.resolveAuthorizations,
]),
]), { node: "http://localhost:8080" })
FAQs
Flow SDK
The npm package @onflow/sdk receives a total of 15,205 weekly downloads. As such, @onflow/sdk popularity was classified as popular.
We found that @onflow/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.