Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@react-dapp/wallet
Advanced tools
A Minimalistic ethereum based wallet powered by web3-react with a simple wallet modal.
A Minimalistic ethereum based wallet powered by web3-react with a simple wallet modal.
You can find full usage of the package here.
This package uses @web3-react
under the hood with a react modal to easily hook into any dapps, so first you need to install the following peerDependencies
to use the package.
Reuired!
"web3": "^1.3.5",
"ethers": "^5.1.2",
"@web3-react/core": "^6.1.9",
"@web3-react/injected-connector": "^6.0.7",
"@web3-react/walletconnect-connector": "^6.2.4",
"@binance-chain/bsc-connector": "^1.0.0"
"@material-ui/core": "^4.11.3",
"@material-ui/icons": "^4.11.2",
Optional (required in useApproval, useBalance, useLp, useInputValue hooks)
"bignumber.js": "^9.0.1",
"ethereum-multicall": "^2.7.0",
Copy paste the following dependencies into your package.json, dependencies section, and run npm install
.
To use the package, first you need to import the WalletProvider
and place it at the top level in the component tree.
import { WalletProvider } from "@react-dapp/wallet";
...
ReactDOM.render(
<React.StrictMode>
<WalletProvider isBSC={true} chainId={42} isDarkMode={false}>
...
</WalletProvider>
</React.StrictMode>,
document.getElementById("root")
);
isBSC
prop will render theBinance Wallet Button
iftrue
.- Provide
chainId
of the network you wanna connect.isDarkMode
controls between dark and light theme of the modal.
To open wallet modal, use uesWalletModal
hook
import { useWalletModal, useWeb3 } from "@react-dapp/wallet";
...
const Connect = ()=> {
const { open, setOpen } = useWalletModal();
const { account } = useWeb3();
return (
<Button onClick={() => setOpen(true)}>
{account ? account.substring(0, 5) + "..." : "Connect"}
</Button>
)
}
To use the current web3 provider and connected account use useWeb3
hook
const { account, web3 } = useWeb3();
Following are some of the useful hooks that can be helpful in many dapps.
This is can be used to fetch info about the LP token used by pancake or similar exchanges.
@params:
LpAddress: required,
baseTokenSymbol: optional,
baseTokenAddress: optional
@returns
{
loading,
lp: {
name,
symbol,
token0,
token1,
},
token0: {
name,
symbol,
decimals,
address,
totalSupply,
lpBalance
},
token0: ...,
price: {
token0,
token1,
basePrice
}
}
useERC20Approval to approve tokens, and check state of approval
@returns
{
approve
isApproved,
approvedBalance,
approveState,
}
useERC20Balance to check balance of the connected account
@returns
{
balance
displayBalance,
}
useWalletSign hook is used to sign messages
@returns
{
sign,
signState,
signature
}
This hook makes it easy to take inputs for token amounts, most tokens values contain big decimals, which end user don't know about, but we need full values, so this hook takes the max value a user can select in the most basic unit and converts that to displayable value, and gives ability to convert user inputed value which don't contain decimals to convert them into full values that account for decimals
@returns
{
value,
maxDisplayValue,
error,
setValue,
getValue,
selectMaxValue
}
FAQs
A Minimalistic ethereum based wallet powered by web3-react with a simple wallet modal.
The npm package @react-dapp/wallet receives a total of 2 weekly downloads. As such, @react-dapp/wallet popularity was classified as not popular.
We found that @react-dapp/wallet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.