Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
This is an implementation of a Bitcoin node in Node.js. It is intended as a powerful alternative to the standard bitcoind that ships with the original client.
Website • Mailing List • Twitter
The original client contains the node, wallet, GUI and miner. This library contains a highly optimized version of the node, i.e. the P2P part of Bitcoin. Its main intended use is as a server component to give lighter clients access to the data in the block chain (in real-time.)
But it can also be used for writing other software that requires real-time data from the block chain or wants to run queries against it.
Please visit the BitcoinJS Server Wiki on Github for documentation.
There is also a built-in documentation system which you can access by
running bitcoinjs help
.
Node.js should be compiled manually based on the latest stable release.
LevelDB is the default database back end in BitcoinJS 0.2+. It is
bundled with the node-leveldb
NPM module and is therefore installed
automatically. No manual steps should be necessary.
If you wish to use a MongoDB database, you need to setup a MongoDB server. This can be done using any method.
Note that we don't recommend using MongoDB. We see BitcoinJS as a special purpose database server, so having a general purpose database server behind introduces tremendous overhead. For more information on how to query BitcoinJS in LevelDB mode, please refer to the wiki.
Once you have all prerequisites, this one-liner will install the latest version straight from NPM:
# Install BitcoinJS Server globally
sudo npm install bitcoinjs -g
Please refer to the wiki for detailed installation instructions.
If you run into problems, please take a look at the "Troubleshooting" section below or go to Issues to open a new ticket.
For your first experience with the BitcoinJS daemon, try running it right from the terminal.
bitcoinjs run --testnet --bchdbg
You can find out more about the various functions of the command line utility via the help feature:
bitcoinjs help
# Remove the database
bitcoinjs db-drop
# Uninstall the software
sudo npm uninstall bitcoinjs -g
BitcoinJS logs using the winston library. Currently, it
defaults to logging anything on the debug
log level and higher. Here
are the available log levels:
netdbg
- Networking events (sending/receiving messages)bchdbg
- Block chain events (adding blocks)rpcdbg
- JSON-RPC API events (requests/responses)scrdbg
- Script interpreter events (custom scripts, errors)debug
- Other verbose logginginfo
- General information and status messageswarn
- Something rare happened (e.g. strange pubKeyScript)error
- Something bad happenedThe XXXdbg levels can be enabled individually by editing
lib/logger.js or via the command line, e.g. bitcoinjs run --bchdbg
.
BitcoinJS is not only a daemon, but also a Node.js module/library. In most cases it's best to use the daemon via RPC. But sometimes you need the extra control that comes with directly linking to the code.
For details on developing with BitcoinJS as a library, take a look at the Developer Guide on the wiki.
When upgrading BitcoinJS it is a good idea to reset its database:
bitcoinjs db-drop
This won't be necessary once BitcoinJS is more stable, but for now new versions often break database compatibility, so it's easiest to just reset it.
To run the test suite, please install Vows and run the following command:
vows test/*.js --spec
The library is currently alpha quality. Here are some things it currently lacks:
On top of that, it could use a lot more documentation, test cases and general bug fixing across the board.
You can find more information on the Issues tab on Github.
If you see this error:
Error: Cannot find module '../build-cc/default/native'
This happens when the native components of BitcoinJS are not compiled yet.
Go to the bitcoinjs
folder and run:
node-waf configure build
This product is free and open-source software released under the MIT license.
BitcoinJS Server - Node.js Bitcoin client
Copyright (c) 2011-2012 Stefan Thomas justmoon@members.fsf.org.
Some native extensions are
Copyright (c) 2011-2012 Andrew Schaaf andrew@andrewschaaf.com
Parts of this software are based on BitcoinJ
Copyright (c) 2011-2012 Google Inc.
FAQs
Implementation of Bitcoin's peer-to-peer layer for Node.js
The npm package bitcoinjs receives a total of 22 weekly downloads. As such, bitcoinjs popularity was classified as not popular.
We found that bitcoinjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.