Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@substrate/txwrapper-core
Advanced tools
@substrate/txwrapper-core
Core components for creating a txwrapper lib.
yarn add @substrate/txwrapper-core
Have a look at the txwrapper creation guide for chain builders to see more guidance on how to use this package to build a chain specific txwrapper.
Env Variables
This is a list of env variables that are used inside of txwrapper-core.
createMetadata specific env vars.
Summary:
createMetadata memoizes the call to ensure metadata is not reallocated in memory if it is the same call.
Methods that actively use createMetadata and are affected are:
defineMethodcreateDecoratedTxcreateDecoratedConstantscreateSignedTxdecodeSignedTxdecodeSigningPayloaddecodeUnsignedTx
NOTE: getRegistryBase uses createMetadataUnmemoized
TXWRAPPER_METADATA_CACHE_MAX
Summary:
Set the max amount of memoized calls we want in the cache. It uses an LRU cache to handle the input and output of values. This takes in an integer. Ex: export TXWRAPPER_METADATA_CACHE_MAX=10. This will default to unlimited size if the value is not inputted.
NOTES:
- It is recommended to use a value greater 2 for the cache size as regressions have been seen in some cases for 2 or lower.
TXWRAPPER_METADATA_CACHE_MAX_AGE
Summary:
Set the TTL (Time To Live) for items in the memoized cache. This takes in an integer in the measurement of milliseconds. Ex: export TXWRAPPER_METADATA_CACHE_MAX_AGE=1000 for 1 second.
FAQs
Core components for creating a txwrapper lib.
The npm package @substrate/txwrapper-core receives a total of 145,448 weekly downloads. As such, @substrate/txwrapper-core popularity was classified as popular.
We found that @substrate/txwrapper-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 26 Nov 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025