Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@paraswap/sdk
Advanced tools
Refer to the documentation of the ParaSwap API: https://developers.paraswap.network
Versatility: works with web3, ethers or viem without direct dependency
Canonical: bring only the functions you actually need
Lightweight: 10KB Gzipped for the minimal variant
yarn add @paraswap/sdk
There are multiple ways to use ParaSwap SDK, ranging from a simple construct-and-use approach to a fully composable bring what you need approach which allows for advanced tree-shaking and minimizes bundle size.
You can see some examples in /src/examples directory.
Can be created by providing chainId
and either axios
or window.fetch
(or alternative fetch
implementation), and an optional version
('5'
or '6.2'
) parameter that corresponds to the API version SDK will be making requests to. The resulting SDK will be able to use all methods that query the API.
import { constructSimpleSDK } from '@paraswap/sdk';
import axios from 'axios';
// construct minimal SDK with fetcher only
const paraSwapMin = constructSimpleSDK({chainId: 1, axios});
// or
const paraSwapMin = constructSimpleSDK({chainId: 1, fetch: window.fetch, version: '5'});
const ETH = '0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee';
const DAI = '0x6B175474E89094C44Da98b954EedeAC495271d0F';
async function swapExample() {
// or any other signer/provider
const signer: JsonRpcSigner = ethers.Wallet.fromMnmemonic('__your_mnemonic__');
const senderAddress = signer.address;
const priceRoute = await paraSwapMin.swap.getRate({
srcToken: ETH,
destToken: DAI,
amount: srcAmount,
userAddress: senderAddress,
side: SwapSide.SELL,
});
const txParams = await paraSwapMin.swap.buildTx(
{
srcToken,
destToken,
srcAmount,
destAmount,
priceRoute,
userAddress: senderAddress,
partner: referrer,
}
);
const transaction = {
...txParams,
gasPrice: '0x' + new BigNumber(txParams.gasPrice).toString(16),
gasLimit: '0x' + new BigNumber(5000000).toString(16),
value: '0x' + new BigNumber(txParams.value).toString(16),
};
const txr = await signer.sendTransaction(transaction);
}
If optional providerOptions
is provided as the second parameter, then the resulting SDK will also be able to approve Tokens for swap.
// with ethers.js
const providerOptionsEther = {
ethersProviderOrSigner: provider, // JsonRpcProvider
EthersContract: ethers.Contract,
account: senderAddress,
};
// or with viem (from wagmi or standalone)
const providerOptionsViem = {
viemClient, // made with createWalletClient()
account: senderAddress,
};
// or with web3.js
const providerOptionsWeb3 = {
web3, // new Web3(...) instance
account: senderAddress,
};
const paraSwap = constructSimpleSDK({chainId: 1, axios}, providerOptionsEther);
// approve token through sdk
const txHash = await paraSwap.approveToken(amountInWei, DAI);
// await tx somehow
await provider.waitForTransaction(txHash);
import { constructFullSDK, constructAxiosFetcher, constructEthersContractCaller } from '@paraswap/sdk';
const signer = ethers.Wallet.fromMnmemonic('__your_mnemonic__'); // or any other signer/provider
const account = '__signer_address__';
const contractCaller = constructEthersContractCaller({
ethersProviderOrSigner: signer,
EthersContract: ethers.Contract,
}, account); // alternatively constructViemContractCaller or constructWeb3ContractCaller
const fetcher = constructAxiosFetcher(axios); // alternatively constructFetchFetcher
const paraswap = constructFullSDK({
chainId: 1,
fetcher,
contractCaller,
});
For bundle-size savvy developers, you can construct a lightweight version of the SDK and bring only the functions you need.
e.g. for only getting rates and allowances:
import { constructPartialSDK, constructFetchFetcher, constructGetRate, constructGetBalances } from '@paraswap/sdk';
const fetcher = constructFetchFetcher(window.fetch);
const minParaSwap = constructPartialSDK({
chainId: 1,
fetcher,
}, constructGetRate, constructGetBalances);
const priceRoute = await minParaSwap.getRate(params);
const allowance = await minParaSwap.getAllowance(userAddress, tokenAddress);
The ParaSwap
class is exposed for backwards compatibility with previous versions of the SDK.
import { ParaSwap } from '@paraswap/sdk';
import axios from 'axios';
import Web3 from 'web3';
const web3Provider = new Web3(window.ethereum);
const account = '__user_address__';
const paraswap = new ParaSwap({chainId: 1, web3Provider, account, axios});
Or you can use ethers
in place of web3
import { ParaSwap } from '@paraswap/sdk';
import { ethers } from "ethers";
const ethersProvider = new ethers.providers.Web3Provider(window.ethereum)
const account = '__user_address__';
const paraswap = new ParaSwap({
chainId: 1,
account,
ethersDeps: {
ethersProviderOrSigner: ethersProvider;
EthersContract: ethers.Contract;
},
fetch: window.fetch,
});
By analogy to constructPartialSDK
, you can leverage a lightweight version of the sdk for fetching only.
import { ParaSwap } from '@paraswap/sdk';
const paraswap = new ParaSwap({chainId: 1, fetch: window.fetch});
Refer to this README for depecreated documentation for functions usage.
Refer to SDK API documentation for detailed documentation on the methods provided in this SDK.
To run yarn test
it is necessary to provide PROVIDER_URL=<mainnet_rpc_url>
environment variable.
If it is necessary to run tests against a different API endpoint, provide API_URL=url_to_API
environment variable.
FAQs
ParaSwap SDK
The npm package @paraswap/sdk receives a total of 2,884 weekly downloads. As such, @paraswap/sdk popularity was classified as popular.
We found that @paraswap/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.