Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@pontem/coins-registry
Advanced tools
We are developing our own Coin Registry file formats for LiquidSwap and Pontem Wallet, which contains all the information about coins and pools in which coins can be exchanged.
Currently, we use these files for data:
And an index.js file for easier usage of coins-registry in other projects. Through the interface, it is easy to get tokens or pools lists for the selected chain type. It provides two methods: getCoinsFor
, getPoolsFor
and getStakingPoolsFor
. Each of these methods requires the network type as an argument. Possible values for network types: mainnet
and testnet
.
There is a coins list in coins.json. One coin can be presented as follows:
{
"source": "aptos",
"name": "Aptos Coin",
"chainId": 1,
"decimals": 8,
"symbol": "APT",
"symbol_with_bridge": "APT"
"type": "0x1::aptos_coin::AptosCoin",
"caution": false,
"order": 1,
"logo_url": "https://raw.githubusercontent.com/pontem-network/coins-registry/main/src/coins-logos/apt.svg"
}
source
- enum data type with strict value check. If you’d like to add the new value into it, fill the form. Usually source is the name of a partner's company to add many coins into the list. We support now following sources:
aptos
- for the native Aptos Coin.partners
- for other coins.celer
- for coins provided by Celer.layerzero
- for coins provided by Layer Zero.wormhole
- for coins provided by Wormhole.name
- coins' full name. We update this value by a request to the node. It is used on Picture 1 as a bottom string after the dot (on the picture it is Bitcoin).
chainId
- for mainnet value is 1. Currently, testnet coins stored in the testnet
branch of this repo.
decimals
- how many decimals supports your coin. We update this value by a request to the node.
symbol
- it is used to construct a coin alias, which can be equal to symbol as on Picture 1 in the top string.
symbol_with_bridge
- if the token is not connected to any bridge, then the symbol is duplicated, otherwise prefixes are added to the symbol. For example: layerzero USDT - zUSDT, celer USDT - ceUSDT, wormhole USDT - USDT (without a prefix).
type
- full type of coin. String with following structure ADDRESS::MODULE::COIN, e.g. 0x1000000fa32d122c18a6a31c009ce5e71674f22d06a581bb0a15575e6addadcc::usda::USDA
.
caution
- if we need to show warning icon near the coin - we will add the caution field.
order
- order of coin in coins list. Current logic:
logo_url
- absolute path to coin logo from githubusercontent and this repo
1 Apt
10 USDC
20 USDT
30 DAI
40 BTC
50 WETH
60 BUSD / BNB
1000 other coins
{
"coinX": "0xf22bede237a07e121b56d91a491eb7bcdfd1f5907926a9e58338f964a01b17fa::asset::USDT",
"coinY": "0x1::aptos_coin::AptosCoin",
"curve": "unstable",
"networkId": 1
}
coinX
- full type of coin. String with following structure ADDRESS::MODULE::COIN, e.g. 0xf22bede237a07e121b56d91a491eb7bcdfd1f5907926a9e58338f964a01b17fa::asset::USDT
.
coinY
- full type of coin. String with following structure ADDRESS::MODULE::COIN, e.g. 0x1::aptos_coin::AptosCoin
.
⚠️ Coins should be sorted.
curve
- to strictly point curve type use the following values:
You are welcome to fork the current repository and do a PR.
The current repository maintaining under MIT license.
Check formatting with
yarn test
Distributed under the MIT License. See LICENSE
for more information.
FAQs
Liquidswap & Pontem Wallet coins & pools registry
We found that @pontem/coins-registry demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.