Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
bitcore-doichain
Advanced tools
bitcore-doichain
adds doichain support to bitcore for creating doichain name_*
transactions, private keys, and scripts in Node.js and web browsers.
Note: This is still experimental software. This module is not intended for use in production environments, or for use where real money is at stake, at this point.
See the main bitcore repo for more information.
npm install bitcore-doichain
yarn add bitcore-doichain
bower install bitcore-doichain
To create a doichain wallet (privateKey & publicKey) and register it at a doichain dApp (so you can retrieve UTXO's)
import bitcore from "bitcore-doichain";
const wallet = bitcore.createWallet(name)
const url = bitcore.getUrl()+"/api/v1/importpubkey"
bitcore.registerPublicKey(url, wallet.publicKey)
To get a Doichain Address from a Doichain PublicKey and request UTXO's (and balances)
import bitcore from "bitcore-doichain";
const addr = bitcore.getAddressOfPublicKey(publicKey)
const amount = 0.05 //amount (in DOI) to send - amount determines the required amount of utxos to be used as inputs
const response = await bitcore.getUTXOAndBalance(addr.toString(),amount)
response.balanceAllUTXOs //balance of all UTXO's of this address
response.amountUsedUTXOs //the amount of all used utxos which are required to fullfil the requested amount
response.change //the change which results between the amount to spend and the amount of used UTXOs
response.utxos //the full unspent transactions with details in an array
To import a doichain WIF (from vanitygen, for example):
// return bitcore with namecoin commands overlayed
var bitcore = require('bitcore-doichain');
var privateKey = bitcore.PrivateKey.fromWIF('74pxNKNpByQ2kMow4d9kF6Z77BYeKztQNLq3dSyU4ES1K5KLNiz');
var address = privateKey.toAddress();
console.log( address.toString());
// NAMEuWT2icj3ef8HWJwetZyZbXaZUJ5hFT
To create a name_new
transaction:
var bitcore = require('bitcore-doichain');
var tx = new bitcore.Transaction()
.from(utxo)
.nameNew('d/name', 'randomvalue', 'mzGfeiJFdQyiuQnhB45aeBYefzHJSsiSfj')
.change('mpe83RGRVWibHrdgfmkJwTxgufNs9quaZC')
.fee(0.005)
.sign(privKeySet); // utxo and nameNew output addrs need to have privKeys here
// now we can broadcast out to the network
var serialized = tx.serialize();
To create a name_firstupdate
transaction:
var tx = new bitcore.Transaction()
.from([utxo, nameNewUtxo])
.nameFirstUpdate('d/name', '092abbca8a938103abcc', 'VALUE', 'mzGfeiJFdQyiuQnhB45aeBYefzHJSsiSfj')
.change('mpe83RGRVWibHrdgfmkJwTxgufNs9quaZC')
.fee(constants.NETWORK_FEE.satoshis)
.sign([privKeys[inputAddr], privKeys[nameNewAddr]]);
var serialized = tx.serialize();
To create a name_update
transaction:
var tx = new bitcore.Transaction()
.from(utxos)
.nameUpdate('AAAAAAAAAA', 'CCCCCCCCCC', 'mkGdewyuvU13uHzpMUZe2t8ii4LKgKC8mE')
.change('mkVNqbVqcYxi3zB2fRfiRQonf4JjwdAvnE')
.fee(constants.NETWORK_FEE.satoshis)
.sign([privKeys[outputAddr],privKeys[nameFirstUpdate]]);
var serialized = tx.serialize();
bitcore-doichain
works by pulling in bitcore and then adding Namecoin-specific
version constants, name operation functions onto Transaction
, and patches
a few bitcore functions that do not allow for altcoin compatability (specifically
bitcore.Script.fromString
and Transaction.prototype._fromNonP2SH
). These will
hopefully by replaced by native Bitcore functions as I work to improve Bitcore's
altcoin compatability.
Contributions are welcome! See CONTRIBUTING.md on the main bitcore repo for information about how to contribute.
Code released under the MIT license.
Written in 2015 by Brandon Robertz.
FAQs
Doichain Support for Bitcore
The npm package bitcore-doichain receives a total of 39 weekly downloads. As such, bitcore-doichain popularity was classified as not popular.
We found that bitcore-doichain demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.