New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@sudobility/auctions_contracts

Package Overview
Dependencies
Maintainers
1
Versions
8
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sudobility/auctions_contracts

Multi-chain auction system supporting Traditional, Dutch, and Penny auctions with ERC-20/721/1155 tokens on EVM and SPL/NFTs on Solana.

latest
Source
npmnpm
Version
0.1.15
Version published
Maintainers
1
Created
Source

@sudobility/auctions_contracts

Multi-chain auction system supporting Solana (Rust/Anchor) and EVM (Solidity/Hardhat). Implements Traditional, Dutch, and Penny auction types.

Installation

bun install

Usage

The package provides a TypeScript SDK with four export points:

import { OnchainAuctionClient } from '@sudobility/auctions_contracts';          // Unified client
import { EvmAuctionClient } from '@sudobility/auctions_contracts/evm';          // EVM-specific (viem)
import { SolanaAuctionClient } from '@sudobility/auctions_contracts/solana';    // Solana-specific (web3.js)
import { ... } from '@sudobility/auctions_contracts/react-native';              // React Native entry

Auction Types

  • Traditional: English-style ascending bids with reserve price and minimum increment
  • Dutch: Descending price from start to minimum; first buyer wins immediately
  • Penny: Fixed bid increment (pay-to-bid); each bid resets a 5-minute timer

Supported Networks

  • EVM: Ethereum, Sepolia, Polygon, Optimism, Base, Arbitrum
  • Solana: Localnet, Devnet, Mainnet-beta

Development

bun run build              # Build everything (EVM + Solana + Unified + React Native)
bun run build:ci           # Build unified + react-native only (no EVM/Solana compile)
bun run compile:evm        # Compile Solidity contracts only
bun run test               # Run EVM tests (Hardhat + viem)
bun run test:solana        # Run Solana tests (cargo test)
bun run test:ci            # Build unified then run unified tests directly
bun run lint               # ESLint check
bun run lint:fix           # ESLint with auto-fix
bun run typecheck          # TypeScript compilation check
bun run format             # Prettier formatting
bun run clean              # Hardhat clean

Deployment

bun run deploy:evm:local       # Deploy to Hardhat localhost
bun run deploy:evm:sepolia     # Deploy to Sepolia
bun run deploy:solana:devnet   # Deploy to Solana devnet

Architecture

EVM (Solidity 0.8.24)

  • UUPS Upgradeable Proxy pattern
  • Storage gap (__gap) for future slot reservation
  • CEI pattern, SafeERC20, reentrancy guards

Solana (Rust/Anchor 0.28.0)

  • PDA-based accounting with deterministic address derivation
  • Borsh serialization, saturating arithmetic

Unified Client

The OnchainAuctionClient uses dynamic import() to lazy-load platform-specific clients (EVM or Solana) on first use, keeping bundle size minimal.

Key Constants

ConstantValue
Fee Rate0.5% (50 basis points)
Max Fee Rate10% (1000 basis points)
Acceptance Period24 hours
Penny Timer5 minutes
Max Items Per Auction255

License

BUSL-1.1

Keywords

solidity
rust
smart-contract
ethereum
solana
auction

FAQs

Package last updated on 24 Mar 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

Research

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.

By Socket Research Team  -  Mar 31, 2026