Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@solana/web3.js
Advanced tools
@solana/web3.js is a JavaScript library for interacting with the Solana blockchain. It provides a set of tools and utilities for developers to build applications on Solana, including functionalities for managing accounts, sending transactions, interacting with smart contracts, and querying blockchain data.
Create and Manage Accounts
This feature allows you to create and manage Solana accounts. The code sample demonstrates how to generate a new keypair, which includes a public key and a secret key.
const solanaWeb3 = require('@solana/web3.js');
// Generate a new keypair
const keypair = solanaWeb3.Keypair.generate();
console.log('Public Key:', keypair.publicKey.toBase58());
console.log('Secret Key:', keypair.secretKey);
Send Transactions
This feature allows you to send transactions on the Solana blockchain. The code sample demonstrates how to create a connection to the Solana devnet, airdrop SOL to an account, create a transaction to transfer SOL, and send the transaction.
const solanaWeb3 = require('@solana/web3.js');
(async () => {
const connection = new solanaWeb3.Connection(solanaWeb3.clusterApiUrl('devnet'), 'confirmed');
const from = solanaWeb3.Keypair.generate();
const to = solanaWeb3.Keypair.generate();
// Airdrop SOL to the from account
await connection.requestAirdrop(from.publicKey, solanaWeb3.LAMPORTS_PER_SOL);
// Create a transaction
const transaction = new solanaWeb3.Transaction().add(
solanaWeb3.SystemProgram.transfer({
fromPubkey: from.publicKey,
toPubkey: to.publicKey,
lamports: solanaWeb3.LAMPORTS_PER_SOL / 100,
})
);
// Sign and send the transaction
const signature = await solanaWeb3.sendAndConfirmTransaction(connection, transaction, [from]);
console.log('Transaction signature:', signature);
})();
Interact with Smart Contracts
This feature allows you to interact with smart contracts deployed on the Solana blockchain. The code sample demonstrates how to create a transaction that calls a smart contract and send the transaction.
const solanaWeb3 = require('@solana/web3.js');
(async () => {
const connection = new solanaWeb3.Connection(solanaWeb3.clusterApiUrl('devnet'), 'confirmed');
const programId = new solanaWeb3.PublicKey('YourProgramIdHere');
const account = solanaWeb3.Keypair.generate();
// Create a transaction to call a smart contract
const transaction = new solanaWeb3.Transaction().add(
new solanaWeb3.TransactionInstruction({
keys: [{ pubkey: account.publicKey, isSigner: true, isWritable: true }],
programId,
data: Buffer.alloc(0), // Add your instruction data here
})
);
// Sign and send the transaction
const signature = await solanaWeb3.sendAndConfirmTransaction(connection, transaction, [account]);
console.log('Transaction signature:', signature);
})();
Query Blockchain Data
This feature allows you to query data from the Solana blockchain. The code sample demonstrates how to get account information and the recent blockhash from the blockchain.
const solanaWeb3 = require('@solana/web3.js');
(async () => {
const connection = new solanaWeb3.Connection(solanaWeb3.clusterApiUrl('devnet'), 'confirmed');
const publicKey = new solanaWeb3.PublicKey('YourPublicKeyHere');
// Get account info
const accountInfo = await connection.getAccountInfo(publicKey);
console.log('Account Info:', accountInfo);
// Get recent blockhash
const recentBlockhash = await connection.getRecentBlockhash();
console.log('Recent Blockhash:', recentBlockhash);
})();
web3.js is a collection of libraries that allow you to interact with a local or remote Ethereum node using HTTP, IPC, or WebSocket. It provides similar functionalities to @solana/web3.js but is designed for the Ethereum blockchain.
ethers.js is a library for interacting with the Ethereum blockchain and its ecosystem. It provides a more lightweight and modular approach compared to web3.js and includes functionalities for managing accounts, sending transactions, and interacting with smart contracts.
near-api-js is a JavaScript library for interacting with the NEAR blockchain. It provides similar functionalities to @solana/web3.js, including account management, transaction handling, and smart contract interaction, but is designed specifically for the NEAR blockchain.
[!NOTE] This is the maintenance branch for the 1.x line of
@solana/web3.js
. The current development branch can be found here.
Use this to interact with accounts and programs on the Solana network through the Solana JSON RPC API.
$ npm install --save @solana/web3.js@1
<!-- Development (un-minified) -->
<script src="https://unpkg.com/@solana/web3.js@latest/lib/index.iife.js"></script>
<!-- Production (minified) -->
<script src="https://unpkg.com/@solana/web3.js@latest/lib/index.iife.min.js"></script>
Have a question or a problem? Check the Solana Stack Exchange to see if anyone else is having the same one. If not, post a new question.
Include:
This library requires a JavaScript runtime that supports BigInt
and the exponentiation operator. Both are supported in the following runtimes:
To run the full suite of unit tests, execute the following in the root:
$ npm test
Integration tests require a validator client running on your machine.
To install a test validator:
$ npm run test:live-with-test-validator:setup
To start the test validator and run all of the integration tests in live mode:
$ cd packages/library-legacy
$ npm run test:live-with-test-validator
If you found a bug or would like to request a feature, please file an issue. If, based on the discussion on an issue you would like to offer a code change, please make a pull request. If neither of these describes what you would like to contribute, read the getting help section above.
All claims, content, designs, algorithms, estimates, roadmaps, specifications, and performance measurements described in this project are done with the Solana Foundation's ("SF") best efforts. It is up to the reader to check and validate their accuracy and truthfulness. Furthermore nothing in this project constitutes a solicitation for investment.
Any content produced by SF or developer resources that SF provides, are for educational and inspiration purposes only. SF does not encourage, induce or sanction the deployment, integration or use of any such applications (including the code comprising the Solana blockchain protocol) in violation of applicable laws or regulations and hereby prohibits any such deployment, integration or use. This includes use of any such applications by the reader (a) in violation of export control or sanctions laws of the United States or any other applicable jurisdiction, (b) if the reader is located in or ordinarily resident in a country or territory subject to comprehensive sanctions administered by the U.S. Office of Foreign Assets Control (OFAC), or (c) if the reader is or is working on behalf of a Specially Designated National (SDN) or a person subject to similar blocking or denied party prohibitions.
The reader should be aware that U.S. export control and sanctions laws prohibit U.S. persons (and other persons that are subject to such laws) from transacting with persons in certain countries and territories or that are on the SDN list. As a project based primarily on open-source software, it is possible that such sanctioned persons may nevertheless bypass prohibitions, obtain the code comprising the Solana blockchain protocol (or other project code or applications) and deploy, integrate, or otherwise use it. Accordingly, there is a risk to individuals that other persons using the Solana blockchain protocol may be sanctioned persons and that transactions with such persons would be a violation of U.S. export controls and sanctions law. This risk applies to individuals, organizations, and other ecosystem participants that deploy, integrate, or use the Solana blockchain protocol code directly (e.g., as a node operator), and individuals that transact on the Solana blockchain through light clients, third party interfaces, and/or wallet software.
FAQs
Solana Javascript API
The npm package @solana/web3.js receives a total of 429,836 weekly downloads. As such, @solana/web3.js popularity was classified as popular.
We found that @solana/web3.js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.