Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
@tallyho/eth-keyring-controller
Advanced tools
@tallyho/eth-keyring-controller
A module for managing various keyrings of Ethereum accounts, encrypting them, and using them.
Eth Keyring Controller 
A module for managing groups of Ethereum accounts called "Keyrings", defined originally for MetaMask's multiple-account-type feature.
To add new account types to a KeyringController, just make sure it follows The Keyring Class Protocol.
The KeyringController has three main responsibilities:
- Initializing & using (signing with) groups of Ethereum accounts ("keyrings").
- Keeping track of local nicknames for those individual accounts.
- Providing password-encryption persisting & restoring of secret information.
Installation
npm install eth-keyring-controller --save
Usage
const KeyringController = require('eth-keyring-controller')
const SimpleKeyring = require('eth-simple-keyring')
const keyringController = new KeyringController({
keyringTypes: [SimpleKeyring], // optional array of types to support.
initState: initState.KeyringController, // Last emitted persisted state.
encryptor: { // An optional object for defining encryption schemes:
// Defaults to Browser-native SubtleCrypto.
encrypt (password, object) {
return new Promise('encrypted!')
},
decrypt (password, encryptedString) {
return new Promise({ foo: 'bar' })
},
},
})
// The KeyringController is also an event emitter:
this.keyringController.on('newAccount', (address) => {
console.log(`New account created: ${address}`)
})
this.keyringController.on('removedAccount', handleThat)
Methods
Currently the methods are heavily commented in the source code, so it's the best place to look until we aggregate it here as well.
FAQs
A module for managing various keyrings of Ethereum accounts, encrypting them, and using them.
We found that @tallyho/eth-keyring-controller demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 12 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025