Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Library | Renders/sec1 | Size | Types | Environment2 | Rendering |
---|---|---|---|---|---|
blo | ☄️ 7,862 | SVG | |||
ethereum-blockies-base64 | 948 | PNG | |||
@download/blockies | 361 | Canvas | |||
blockies-react-svg | 1,675 | SVG (React) | |||
blockies-ts | 381 | Canvas |
npm i blo
pnpm add blo
yarn add blo
import { blo } from "blo";
img.src = blo("0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045");
blo is fast enough to not require memoization or async rendering for common use cases.
function AddressIcon({ address }: { address: `0x${string}` }) {
return (
<img
alt={address}
src={blo(address)}
/>
);
}
blo(address: Address, size = 64): string
Get a data URI string representing the identicon as an SVG image.
The size
paramater shouldn’t usually be needed, as the image will stay sharp no matter what the size of the img
element is.
Example:
import { blo } from "blo";
img.src = blo(address); // size inside the SVG defaults to 64px
img2.src = blo(address, 24); // set it to 24px
bloSvg(address: Address, size = 64): string
Same as above except it returns the SVG code instead of a data URI string.
bloImage(address: Address): BloImage
Get a BloImage
data structure that can be used to render the image in different formats.
See src/svg.ts
for an example of how to use it.
The library ships with TypeScript types included.
// The data structure needed to render an icon.
export type BloImage = [BloImageData, Palette];
// 4x8 grid of the image left side, as 32 PaletteIndex items.
// The right side is omitted as it's a mirror of the left side.
export type BloImageData = Uint8Array;
// Colors used by a given icon.
export type Palette = [
Hsl, // background
Hsl, // color
Hsl, // spot
];
// Points to one of the three Palette colors.
export type PaletteIndex =
| 0 // background
| 1 // color
| 2; // spot
// A color in the HSL color space.
// [0]: 0-360 (hue)
// [1]: 0-100 (saturation)
// [2]: 0-100 (lightness)
export type Hsl = Uint16Array;
// An Ethereum address.
export type Address = `0x${string}`;
blo is short for blockies, which is the name of the original library.
blo implements the Ethereum identicons algorithm only, but you can use it with any type of data, just prefix it with 0x
to fullfill the Address
type.
The number of renders per second. It was measured on Chrome 117 Linux with an AMD Ryzen 7 PRO 4750U. See ./benchmark for the methodology. ↩
The term “all” refers to libraries that are framework agnostic and that run in browsers, Bun and Node.js. ↩
FAQs
blo is a small and fast library to generate Ethereum identicons.
The npm package blo receives a total of 3,983 weekly downloads. As such, blo popularity was classified as popular.
We found that blo demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.