Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
@substrate/connect
Advanced tools
Substrate-connect to Smoldot clients. Using either substrate extension with predefined clients or an internal smoldot client based on chainSpecs provided.
@substrate/connect
through the PolkadotJS RPC ProviderThe recommended way to use @substrate/connect
is to use PolkadotJS,
which provides a higher-level API built on top of it.
Unless you are writting your own library, you probably want to use the
PolkadotJS RPC provider.
Provide a well-known chain name ('polkadot', 'ksmcc3', 'westend2', 'rococo_v2_2'):
Note these names are the "real" names of the chains rather than the friendly names (e.g. "kusama" or "rococo"). 'ksmcc3' is the name for kusama. This matters for chains which have been hard forked. I.e. rococo - "rococo_v2" and "rococo_v2_2" are two completely unrelated chains.
import { ApiPromise } from "@polkadot/api";
import {
ScProvider,
WellKnownChain,
} from "@polkadot/rpc-provider/substrate-connect";
const provider = new ScProvider(WellKnownChain.polkadot);
await provider.connect();
const polkadotApi = await ApiPromise.create({ provider });
await polkadotApi.rpc.chain.subscribeNewHeads((lastHeader) => {
console.log(lastHeader.number.toString());
});
...or provide your custom Substrate chain's specification:
import { ApiPromise } from "@polkadot/api";
import { ScProvider } from "@polkadot/rpc-provider/substrate-connect";
import myJsonSubstrateChainSpec from './mySubstrateChainSpec.json';
const mySubstrateChainSpec = JSON.stringify(myJsonSubstrateChainSpec);
const provider = new ScProvider(mySubstrateChainSpec);
await provider.connect();
const polkadotApi = await ApiPromise.create({ provider });
await polkadotApi.rpc.chain.subscribeNewHeads((lastHeader) => {
console.log(lastHeader.number.toString());
});
In order to connect to a parachain, you must first instantiate the ScProvider
corresponding to the relay chain, then pass this ScProvider
as the second
argument of the constructor of the parachain ScProvider
. The following example
connects to a parachain of the Westend test network:
import { ApiPromise } from "@polkadot/api";
import {
ScProvider,
WellKnownChain,
} from "@polkadot/rpc-provider/substrate-connect";
import jsonParachainSpec from './myParaChainSpec.json';
const parachainSpec = JSON.stringify(jsonParachainSpec);
const relayProvider = new ScProvider(WellKnownChain.westend2);
const provider = new ScProvider(parachainSpec, relayProvider);
await provider.connect();
const polkadotApi = await ApiPromise.create({ provider });
await polkadotApi.rpc.chain.subscribeNewHeads((lastHeader) => {
console.log(lastHeader.number.toString());
});
@substrate/connect
for library authorsProvide a well-known chain name ('polkadot', 'ksmcc3', 'westend2', 'rococo_v2_2'):
import { createScClient, WellKnownChain } from '@substrate/connect';
const scClient = createScClient();
const chain = await scClient.addWellKnownChain(
WellKnownChain.westend2,
function jsonRpcCallback(response) {
console.log("response", response);
}
);
chain.sendJsonRpc(
'{"jsonrpc":"2.0","id":"1","method":"system_health","params":[]}'
);
...or provide your custom substrate chain's name and chainspec:
import { createScClient } from '@substrate/connect';
import myJsonChainSpec from './mySubstrateChainSpec.json';
const myChainSpec = JSON.stringify(myJsonChainSpec);
const scClient = createScClient();
const chain = await scClient.addChain(
myChainSpec,
function jsonRpcCallback(response) {
console.log("response", response);
}
);
chain.sendJsonRpc(
'{"jsonrpc":"2.0","id":"1","method":"system_health","params":[]}'
);
In order to connect to a parachain, you must first instantiate the relay chain
this parachain is connected to, then instantiate the parachain on the same
ScClient
. The following example connects to a parachain of the Westend test
network:
import { createScClient, WellKnownChain } from '@substrate/connect';
import jsonParachainSpec from './myParaChainSpec.json';
const parachainSpec = JSON.stringify(jsonParachainSpec);
const scClient = createScClient();
await scClient.addWellKnownChain(WellKnownChain.westend2)
const parachain = await scClient.addChain(
parachainSpec,
function jsonRpcCallback(response) {
console.log("response", response);
}
);
parachain.sendJsonRpc(
'{"jsonrpc":"2.0","id":"1","method":"system_health","params":[]}'
);
yarn test
to run the unit testsyarn build
to build @substrate-connectyarn lint
to run linter for @substrate-connectFAQs
Substrate-connect to Smoldot clients. Using either substrate extension with predefined clients or an internal smoldot client based on chainSpecs provided.
The npm package @substrate/connect receives a total of 73,359 weekly downloads. As such, @substrate/connect popularity was classified as popular.
We found that @substrate/connect demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 15 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.