Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
Arc RPC
Asynchronous Remote Classes make RPC simple
How does it work
Arc RPC allows you to remotely call functions on other processes or even other hardware using these few main concepts
- Ability to wrap existing class instances
- Mock that acts like the remote class
- Bi-directional
- Protocol agnostic
How to use it
Here is a basic example of using RPC with socket.io
client.js
// Include library for socket RPC clients
let ClientSocketRpc = require("arc-rpc").ClientSocketRpc
// Define `serverRpc` in higher scope for testing purposes
let serverRpc = null
// Example remotely-callable class (this can be anything)
class ClientClass {
// Example method
async clientTest() {
console.log("Remotely called by server, calling server method.")
// Call remote as if it was a local class instance
await rpc.class.serverTest()
// This is garuanteed to be afterwards, as ES7 awaits are used
console.log("Called remote server method!")
}
}
// Create RPC to server over socket.io socket, predefined encryption key, with an instance of the example client class
serverRpc = new ClientSocketRpc ("127.0.0.1", 9919, Buffer.from ('flbd+mTz8bIWl2DQxFMKHYAA1+PFxpEKmVNsZpFP5xQ=', 'base64'), new ClientClass())
server.js
// Include library for socket RPC servers
let ServerSocketRpcMaster = require("arc-rpc").ServerSocketRpcMaster
// Example remotely-callable class (this can be anything)
class ServerClass {
async serverTest() {
console.log("Remotely called by client.")
}
}
// Create RPC master/listener, on socket.io connection, predefined encryption key, with an instance of the example server class
let rpcMaster = new ServerSocketRpcMaster (9919, Buffer.from ('flbd+mTz8bIWl2DQxFMKHYAA1+PFxpEKmVNsZpFP5xQ=', 'base64'), new ServerClass())
// Listen for new clients
rpcMaster.on("client", async (clientRpc) => {
console.log("Got new client, remotely calling client test.")
// Call remote as if it was a local class instance
await clientRpc.class.clientTest()
// This is garuanteed to be afterwards, as ES7 awaits are used
console.log("Remotely called client test!")
})
Basic documentation
I'll get to completing this later
FAQs
Asynchronous Remote Classes make RPC simple
The npm package arc-rpc receives a total of 0 weekly downloads. As such, arc-rpc popularity was classified as not popular.
We found that arc-rpc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 03 Aug 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025