Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The abitype npm package is designed to provide TypeScript types for Ethereum ABI (Application Binary Interface) definitions. It helps developers to work with Ethereum smart contracts in a type-safe manner, ensuring that the interactions with the contracts are correctly typed and reducing the risk of runtime errors.
Define ABI Types
This feature allows you to define the ABI of a smart contract in a type-safe manner. The `Abi` type ensures that the structure of the ABI is correct and helps catch errors at compile time.
import { Abi } from 'abitype';
const myAbi: Abi = [
{
"constant": true,
"inputs": [],
"name": "myFunction",
"outputs": [
{
"name": "",
"type": "uint256"
}
],
"payable": false,
"stateMutability": "view",
"type": "function"
}
];
Type-safe Contract Interactions
This feature allows you to interact with smart contract functions in a type-safe manner. By defining the ABI and using the `AbiFunction` type, you can ensure that the interactions with the contract are correctly typed.
import { Abi, AbiFunction } from 'abitype';
const myAbi: Abi = [
{
"constant": true,
"inputs": [],
"name": "myFunction",
"outputs": [
{
"name": "",
"type": "uint256"
}
],
"payable": false,
"stateMutability": "view",
"type": "function"
}
];
const myFunction: AbiFunction = myAbi[0];
// Now you can interact with the function in a type-safe way
const result: number = await myContract.methods.myFunction().call();
The ethers.js library is a complete and compact library for interacting with the Ethereum blockchain. It provides utilities for working with Ethereum smart contracts, including ABI encoding/decoding, but it is more comprehensive and includes features for managing wallets, interacting with the blockchain, and more. Compared to abitype, ethers.js is a more feature-rich library but may be overkill if you only need type-safe ABI definitions.
The web3.js library is another comprehensive library for interacting with the Ethereum blockchain. It provides similar functionalities to ethers.js, including ABI encoding/decoding, contract interactions, and more. Like ethers.js, it is more feature-rich compared to abitype and is suitable for developers who need a full suite of tools for Ethereum development.
Strict TypeScript types for Ethereum ABIs
Strict TypeScript types for Ethereum ABIs. ABIType provides utilities and type definitions for ABI properties and values, covering the Contract ABI Specification, as well as EIP-712 Typed Data.
import type { AbiParametersToPrimitiveTypes, ExtractAbiFunction, ExtractAbiFunctionNames } from 'abitype'
import { erc20Abi } from 'abitype/abis'
type FunctionNames = ExtractAbiFunctionNames<typeof erc20Abi, 'view'>
// ^? type FunctionNames = "symbol" | "name" | "allowance" | "balanceOf" | "decimals" | "totalSupply"
type TransferInputTypes = AbiParametersToPrimitiveTypes<
// ^? type TransferInputTypes = readonly [`0x${string}`, bigint]
ExtractAbiFunction<typeof erc20Abi, 'transfer'>['inputs']
>
Works great for adding blazing fast autocomplete and type checking to functions, variables, or your own types. No need to generate types with third-party tools – just use your ABI and let TypeScript do the rest!
ABIType might be a good option for your project if:
'string'
) to TypeScript types (e.g. string
) or other type transformations.For documentation and guides, visit abitype.dev.
For help, discussion about best practices, or any other conversation that would benefit from being searchable:
For casual chit-chat with others using the library:
If you find ABIType useful or use it for work, please consider supporting development on GitHub Sponsors or sending crypto to wevm.eth
. Thank you 🙏
Contributions to ABIType are greatly appreciated! If you're interested in contributing to ABIType, please read the Contributing Guide before submitting a pull request.
FAQs
Strict TypeScript types for Ethereum ABIs
We found that abitype demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.