Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@synonymdev/feeds-daemon
Advanced tools
A simple HTTP RPC deamon to enable publishing Slashtags Exchange Feeds.
A simple HTTP RPC deamon to enable publishing Slashtags Exchange Feeds.
npm i @synonymdev/feeds-daemon
const { Feeds } = require('@synonymdev/feeds-daemon')
const feeds = new Feeds({
db: {
name: 'feeds-db',
path: "./data"
},
slashtags: "./",
feed_schema: "<feed schema json file>"
})
await feeds.start()
// You can now call various functions
let feed = await feeds.getFeed({ user_id: "123123" })
1. Setup config
Go to ./schema/config.json
Update config items.
2. Update your feeds slashfeed.json file This schema file allows feed consumers to parse the feed.
git clone
npm install
mkdir ./db
node start.js
Enable detailed logs DEBUG=stfeed:*
Run with PM2 pm2 start
A Postman collection has been provided.
Create an exchange feed for a user
/// Request Body
curl --location --request POST 'http://localhost:8787/v0.1/rpc' \
--header 'Content-Type: application/json' \
--data-raw '{
"method":"createFeed",
"params":{
"user_id":"satoshi123"
}
}'
/// Response
{
"jsonrpc": "2.0",
"id": "925b10c27f4ad350ab3ef7e027605fd83388c999a890cfdd8e6061656b5a5513",
"result": {
"slashdrive": {
"key": "<string>",
"encryption_key": "<string>"
}
}
}
Update a wallet's balance for a user's feed.
curl --location --request POST 'http://localhost:8787/v0.1/rpc' \
--header 'Content-Type: application/json' \
--data-raw '{
"method":"updateFeedBalance",
"params":[
{
"user_id":"satoshi123",
"wallet_name":"Bitcoin",
"amount":1.442
}
]
}'
/// Response
{
"jsonrpc": "2.0",
"id": "4fefad839fa440cc2a85d8178d1d895fa1044460080b8fe1a26b4942aa86c07f",
"result": [
true
]
}
curl --location --request POST 'http://localhost:8787/v0.1/rpc' \
--header 'Content-Type: application/json' \
--data-raw '{
"method":"getFeed",
"params":{ "user_id" : "satoshi123" }
}'
/// Response
{
"jsonrpc": "2.0",
"id": "c6ccd88f842330ab60153b5fb512101d2ab76824189eee5690f9070ebe18cb87",
"result": {
"feed_key": "<string>",
"encrypt_key": "<string>"
}
}
curl --location --request POST 'http://localhost:8787/v0.1/rpc' \
--header 'Content-Type: application/json' \
--data-raw '{
"method":"deleteUserFeed",
"params":{ "user_id" : "satoshi123" }
}'
/// Response
{
"jsonrpc": "2.0",
"id": "c6ccd88f842330ab60153b5fb512101d2ab76824189eee5690f9070ebe18cb87",
"result": {
"deleted": "true"
}
}
There is a tests for all methods located in ./test
dir
You can use the following scripts for dev.
./util/CreateUsers.js
Create Fake users./util/FakeFeed.js
Broadcast a fake feed for users created in previous step./util/ListenRemoteFeed.js
Listen to a exchange feedFAQs
A simple HTTP RPC deamon to enable publishing Slashtags Exchange Feeds.
We found that @synonymdev/feeds-daemon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.