Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
An open implementation of Discord's local RPC servers
Allowing RPC where it was otherwise impossible, like Discord Web and custom clients
arRPC is an open source implementation of Discord's half-documented local RPC servers for their desktop client. This open source implementation purely in NodeJS allows it to be used in many places where it is otherwise impossible to do: Discord web and alternative clients like ArmCord/etc. It opens a simple bridge WebSocket server which messages the JSON of exactly what to dispatch with in the client with no extra processing needed, allowing small and simple mods or plugins. arRPC is experimental and a work in progress, so expect bugs, etc.
Rich Presence (RPC) is the name for how some apps can talk to Discord desktop on your PC via localhost servers to display detailed info about the app's state. This usually works via parts of Discord desktop natively doing things + parts of Discord web interpreting that and setting it as your status. arRPC is an open source implementation of the local RPC servers on your PC, allowing apps to talk to it thinking it was just normal Discord. It can then send that info to apps which usually don't get RPC, like Discord Web, ArmCord, etc. which can then set that as your status. This would otherwise not be possible, as web apps/browsers/etc can't just use Discord's already existing code and version.
- App with Discord RPC
Discord Desktop's native serverarRPCDiscord Web's settingmod/plugin
Usage
Server
Run npx arrpc in a terminal. Make sure you have a modern (>=18) version of Node.js installed.
Web
No Mods
- Get the arRPC server running
- With Discord open, run the content of
examples/bridge_mod.jsin Console (Ctrl+Shift+I).
Vencord
- Get the arRPC server running
- Just enable the
WebRichPresence (arRPC)Vencord plugin!
Custom Clients
ArmCord, Vesktop
These clients have arRPC specially integrated, just enable the option in its settings (server not required)!
Webcord
- Get the arRPC server running
- Disable the
Use built-in Content Security Policyoption in Advanced settings:
- With Webcord open, run the content of
examples/bridge_mod.jsin the DevTools Console (Ctrl+Shift+I).
Then just use apps with Discord RPC like normal and they should work!
Supported
Transports
- WebSocket Server
- JSON
- Erlpack
- HTTP Server
- IPC
- Process Scanning
Commands
- DISPATCH
- SET_ACTIVITY
- INVITE_BROWSER
- GUILD_TEMPLATE_BROWSER
- DEEP_LINK
- CONNECTIONS_CALLBACK
FAQs
Open Discord RPC server for atypical setups
We found that arrpc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 26 Jan 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025