Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@rari-capital/solmate
Advanced tools
Modern, opinionated and gas optimized building blocks for smart contract development.
Modern, opinionated and gas optimized building blocks for smart contract development.
auth
├─ Auth — "Flexible and updatable auth pattern"
├─ Trust — "Ultra minimal authorization logic"
├─ authorities
│ ├─ RolesAuthority — "Role based Authority that supports up to 256 roles"
│ ├─ TrustAuthority — "Simple Authority which only authorizes trusted users"
erc20
├─ ERC20 — "Modern and gas efficient ERC20 + EIP-2612 implementation"
├─ SafeERC20 — "Safe ERC20/ETH transfer lib that handles missing return values"
utils
├─ ReentrancyGuard — "Gas optimized reentrancy protection for smart contracts"
├─ FixedPointMathLib — "Arithmetic library with operations for fixed-point numbers"
├─ Bytes32AddressLib — "Library for converting between addresses and bytes32 values"
To install with Hardhat or Truffle:
npm install @rari-capital/solmate
To install with DappTools:
dapp install rari-capital/solmate
These contracts were inspired by or directly modified from many sources, primarily:
FAQs
Modern, opinionated and gas optimized building blocks for smart contract development.
The npm package @rari-capital/solmate receives a total of 1,043 weekly downloads. As such, @rari-capital/solmate popularity was classified as popular.
We found that @rari-capital/solmate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.