Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@trezor/connect
Advanced tools
API version 9.4.2-beta.2
Trezor Connect is a platform for easy integration of Trezor into 3rd party services, as well as into Trezor Suite. It provides an API with functionality to access public keys, sign transactions and authenticate users.
This package is intended to be used in node.js environment. If you wan't to build a web application please refer to @trezor/connect-web package.
Install library as npm module:
npm install @trezor/connect
or
yarn add @trezor/connect
ES6
import TrezorConnect from '@trezor/connect';
For more instructions refer to this document
Since version 9 we are adopting a new versioning strategy. With every release, we are going to update two urls
Version 9 is available as @trezor/connect
and @trezor/connect-web
npm packages.
New major version is released when there are breaking changes on API level. Previous major version will be maintained for 12 months and after this period it can be taken down without notice.
Current major version 9 is being developed on top of develop
branch. When there is a new major version a new branch should be created (v-<major-version>
) and mantained separately.
Minor versions are released when there are:
Everything else that does not fall under major or minor version.
Legacy version 8 is accessible from url https://connect.trezor.io/8/trezor-connect.js.
Version 8 is available as trezor-connect
npm package.
If you would like to find out which version is deployed precisely simply run:
curl -s https://connect.trezor.io/8/trezor-connect.js | grep VERSION
With regards to this repo - All updates should go to current version branch, the previous releases are in corresponding branches. The gh-pages is the same older version, that is used at trezor.github.io/connect/connect.js, and it's there for backwards compatibility; please don't touch.
For deployment process of trezor-connect v8 refer to trezor/connect repository
Version 8 will go offline by the end of 2023.
Interactive API explorer is available on https://connect.trezor.io/9/#/
Documentation is available docs/packages/connect
A collection of examples on how to implement @trezor/connect in various environments is available in packages/connect-examples
For integration testing against trezord and emulator refer to this document.
FAQs
High-level javascript interface for Trezor hardware wallet.
The npm package @trezor/connect receives a total of 49,270 weekly downloads. As such, @trezor/connect popularity was classified as popular.
We found that @trezor/connect demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.