Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bitcore-lib-wyvern
Advanced tools
A pure and powerful JavaScript Bitcoin library.
Bitcoin is a powerful new peer-to-peer platform for the next generation of financial technology. The decentralized nature of the Bitcoin network allows for highly resilient bitcoin infrastructure, and the developer community needs reliable, open-source tools to implement bitcoin apps and services.
npm install bitcore-lib
bower install bitcore-lib
The complete docs are hosted here: bitcore documentation. There's also a bitcore API reference available generated from the JSDocs of the project, where you'll find low-level details on each bitcore utility.
To get community assistance and ask for help with implementation questions, please use our community forums.
We're using Bitcore in production, as are many others, but please use common sense when doing anything related to finances! We take no responsibility for your implementation decisions.
If you find a security issue, please email security@bitpay.com.
Please send pull requests for bug fixes, code optimization, and ideas for improvement. For more information on how to contribute, please refer to our CONTRIBUTING file.
To build a bitcore-lib full bundle for the browser:
gulp browser
This will generate files named bitcore-lib.js
and bitcore-lib.min.js
.
You can also use our pre-generated files, provided for each release along with a PGP signature by one of the project's maintainers. To get them, checkout a release commit (for example, https://github.com/bitpay/bitcore-lib/commit/e33b6e3ba6a1e5830a079e02d949fce69ea33546 for v0.12.6).
To verify signatures, use the following PGP keys:
D909 EFE6 70B5 F6CC 89A3 607A 9BBF 07CA C07A 276D
F3EA 8E28 29B4 EC93 88CB B0AA 4414 3098 7182 732C
F8B0 891C C459 C197 65C2 5043 3319 5D27 EF6B DB7F
25CE ED88 A1B1 0CD1 12CD 4121 9EDE 6DE4 DE53 1FAC
git clone https://github.com/bitpay/bitcore-lib
cd bitcore-lib
npm install
Run all the tests:
gulp test
You can also run just the Node.js tests with gulp test:node
, just the browser tests with gulp test:browser
or create a test coverage report (you can open coverage/lcov-report/index.html
to visualize it) with gulp coverage
.
Code released under the MIT license.
Copyright 2013-2017 BitPay, Inc. Bitcore is a trademark maintained by BitPay, Inc.
FAQs
A pure and powerful JavaScript Wyvern library.
We found that bitcore-lib-wyvern demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.