Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
block_io
Advanced tools
Readme
This NodeJS module is the official reference SDK for the Block.io payments API. To use this, you will need the Bitcoin, Litecoin or Dogecoin API key(s) from block.io. Go ahead, sign up :)
Install the package using npm:
npm install block_io
Currently, only NodeJS versions 12.0 and higher are supported. We aim to support only NodeJS LTS versions.
It's super easy to get started:
// load this library
const BlockIo = require('block_io');
// instantiate a client
const block_io = new BlockIo('API_KEY');
async function example() {
try {
// print the account balance
let balance = await block_io.get_balance();
console.log(JSON.stringify(balance,null,2));
// print first page of unarchived addresses on this account
let addresses = await block_io.get_my_addresses();
console.log(JSON.stringify(addresses,null,2));
// withdrawal:
// prepare_transaction ->
// summarize_prepared_transaction ->
// create_and_sign_transaction ->
// submit_transaction
let prepared_transaction = await block_io.prepare_transaction({
from_labels: 'label1,label2',
to_label: 'label3',
amount: '50.0'
});
// inspect the prepared data for yourself. here's a
// summary of the transaction you will create and sign
let summarized_transaction = await block_io.summarize_prepared_transaction({data: prepared_transaction});
console.log(JSON.stringify(summarized_transaction,null,2));
// create and sign this transaction:
// we specify the PIN here to decrypt
// the private key to sign the transaction
let signed_transaction = await block_io.create_and_sign_transaction({data: prepared_transaction, pin: 'SECRET_PIN'});
// inspect the signed transaction yourself
// once satisfied, submit it to Block.io
let result = await block_io.submit_transaction({transaction_data: signed_transaction});
console.log(JSON.stringify(result,null,2)); // contains the transaction ID of the final transaction
} catch (error) {
console.log("Error:", error.message);
}
}
example();
Since v3.0.0, all methods return promises, like so:
block_io.get_balance()
.then(data => console.log(JSON.stringify(data,null,2)))
.catch(error => console.log("Error:", error.message));
For backward compatibility, callback-style method calls are supported too. Just add a callback function/lambda as the last argument.
block_io.get_balance((error, data) => {
if (error) return console.log("Error:", error.message);
console.log(JSON.stringify(data,null,2));
});
For more information, see NodeJS API Docs. This client provides a mapping for all methods listed on the Block.io API site.
To change behavior of the block_io
client, attributes can be passed to the
class at instantiation time, in the form of an object.
The following attributes are supported:
const config = {
api_key: "YOUR_API_KEY",
version: 2, // REST API version to use. Default: 2
options: {
allowNoPin: false, // Allow ommission of PIN for withdrawal.
// This may be useful when interfacing with
// hardware wallets and HSMs. Default: false.
lowR: true, // Sign with a low R value to save a byte and
// make signature size more predictable, at the
// cost of more CPU time needed to sign transactions.
// Default: true
}
}
const block_io = new BlockIo(config);
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)We use tape for unit and integration
tests. To run the unit tests simply run npm test
.
To run the integration tests you need to specify BLOCK_IO_API_KEY
and
BLOCK_IO_PIN
environment variables.
DO NOT USE PRODUCTION CREDENTIALS FOR INTEGRATION TESTING!
Integration test syntax:
BLOCK_IO_API_KEY="API_KEY" BLOCK_IO_PIN="SECRET_PIN" node test/integration/api.js
FAQs
Block.io API wrapper for node.js
The npm package block_io receives a total of 355 weekly downloads. As such, block_io popularity was classified as not popular.
We found that block_io demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.