
Security News
/Research
Coordinated npm and PyPI Campaign Typosquats Popular Secure Payment Apps
Socket uncovered 17 malicious npm and PyPI packages typosquatting Paysafe, Skrill, and Neteller SDKs to steal developer secrets.
@unruggable/gateways
Advanced tools
This repository provides an end-to-end solution for proving data from rollup chains and verifying it against state posted on the parent chain.
npm i @unruggable/gateways ✓
StateRoot) of one chain on anotherIf you are interested in building a solution for another chain, please take a look at our our Contribution Guidelines and/or get in touch.
bun run serve <chain> [port]
bun run serve op 9000ape arb1-sepolia arb1 base-sepolia base blast celo-alfajores cyber fraxtal ink-sepolia linea-sepolia lineaV1 linea mantle mode op-sepolia op opbnb polygon redstone reverse-op scroll-sepolia scroll self-eth self-holesky self-sepolia shape soneium-minato taiko-hekla taiko unichain-sepolia zero-sepolia zero zksync-sepolia zksync zora8000trusted:<Chain> for a TrustedRollup
bun run serve trusted:op0x{64} to set signing key--unfinalized to use unfinalized commits (will throw if not available)--latest for "latest" instead of "finalized" block tag--debug to print OP_DEBUG statements--dump to print config, latest commit, prover information, and then exit.There is an extensive test suite available for testing individual components of the solution in an isolated manner.
Using Foundry and blocksmith.js, we fork the chain in question (such that can interact with contracts deployed on a real network) and then deploy and test against an isolated unit (for example the chain specific verifier).
Commands available include:
bun run test
bun run test-components
bun run test-gateways
readZero() testeth_getProof supportA number of examples are provided as part of this repository. For more extensive step-wise example code, please see our documentation.
bun serve lineaV1# installed by forge in step (2)
# provided for reference
forge install foundry-rs/forge-std
forge install OpenZeppelin/openzeppelin-contracts@v5.0.2
# installed by script instead of the following command
# placed at standard remapping location
# see: https://github.com/ethereum-optimism/optimism/issues/10202
#forge install ethereum-optimism/optimism
bun script/import-op.ts
We welcome contributions to this codebase.
The premise behind the development of this software is to minimise duplication of effort and provide tooling that allows developers to interface with a simple, standardised API to read data from other chains.
Please take a look at our CONTRIBUTING.md file for a more in depth overview of our contribution process.
All files within this repository are licensed under the MIT License unless stated otherwise.
FAQs
Trustless Ethereum Multichain CCIP-Read Gateway
The npm package @unruggable/gateways receives a total of 299 weekly downloads. As such, @unruggable/gateways popularity was classified as not popular.
We found that @unruggable/gateways demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
/Research
Socket uncovered 17 malicious npm and PyPI packages typosquatting Paysafe, Skrill, and Neteller SDKs to steal developer secrets.

Security News
Node.js is debating whether AI-driven security report volume warrants moving more vulnerability reports into public workflows.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.