Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
By Sarah Gooding - Apr 23, 2024
block_io
Advanced tools
- Version published
- Weekly downloads
- 455
- increased by18.8%
- Maintainers
- 2
- Install size
- 9.66 MB
- Created
- Weekly downloads
Readme
BlockIo
This NodeJS module is the official reference SDK for the Block.io payments API. To use this, you will need the Bitcoin, Litecoin or Dogecoin API key(s) from block.io. Go ahead, sign up :)
Installation
Install the package using npm:
npm install block_io
Supported NodeJS versions
Currently, only NodeJS versions 12.0 and higher are supported. We aim to support only NodeJS LTS versions.
Usage
It's super easy to get started:
// load this library
const BlockIo = require('block_io');
// instantiate a client
const block_io = new BlockIo('API_KEY');
async function example() {
try {
// print the account balance
let balance = await block_io.get_balance();
console.log(JSON.stringify(balance,null,2));
// print first page of unarchived addresses on this account
let addresses = await block_io.get_my_addresses();
console.log(JSON.stringify(addresses,null,2));
// withdrawal:
// prepare_transaction ->
// summarize_prepared_transaction ->
// create_and_sign_transaction ->
// submit_transaction
let prepared_transaction = await block_io.prepare_transaction({
from_labels: 'label1,label2',
to_label: 'label3',
amount: '50.0'
});
// inspect the prepared data for yourself. here's a
// summary of the transaction you will create and sign
let summarized_transaction = await block_io.summarize_prepared_transaction({data: prepared_transaction});
console.log(JSON.stringify(summarized_transaction,null,2));
// create and sign this transaction:
// we specify the PIN here to decrypt
// the private key to sign the transaction
let signed_transaction = await block_io.create_and_sign_transaction({data: prepared_transaction, pin: 'SECRET_PIN'});
// inspect the signed transaction yourself
// once satisfied, submit it to Block.io
let result = await block_io.submit_transaction({transaction_data: signed_transaction});
console.log(JSON.stringify(result,null,2)); // contains the transaction ID of the final transaction
} catch (error) {
console.log("Error:", error.message);
}
}
example();
Promises
Since v3.0.0, all methods return promises, like so:
block_io.get_balance()
.then(data => console.log(JSON.stringify(data,null,2)))
.catch(error => console.log("Error:", error.message));
Callbacks
For backward compatibility, callback-style method calls are supported too. Just add a callback function/lambda as the last argument.
block_io.get_balance((error, data) => {
if (error) return console.log("Error:", error.message);
console.log(JSON.stringify(data,null,2));
});
For more information, see NodeJS API Docs. This client provides a mapping for all methods listed on the Block.io API site.
Configuration
To change behavior of the block_io client, attributes can be passed to the
class at instantiation time, in the form of an object.
The following attributes are supported:
const config = {
api_key: "YOUR_API_KEY",
version: 2, // REST API version to use. Default: 2
options: {
allowNoPin: false, // Allow ommission of PIN for withdrawal.
// This may be useful when interfacing with
// hardware wallets and HSMs. Default: false.
lowR: true, // Sign with a low R value to save a byte and
// make signature size more predictable, at the
// cost of more CPU time needed to sign transactions.
// Default: true
}
}
const block_io = new BlockIo(config);
Contributing
- Fork it ( https://github.com/BlockIo/block_io-nodejs/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request
Testing
We use tape for unit and integration
tests. To run the unit tests simply run npm test.
To run the integration tests you need to specify BLOCK_IO_API_KEY and
BLOCK_IO_PIN environment variables.
DO NOT USE PRODUCTION CREDENTIALS FOR INTEGRATION TESTING!
Integration test syntax:
BLOCK_IO_API_KEY="API_KEY" BLOCK_IO_PIN="SECRET_PIN" node test/integration/api.js
FAQs
Block.io API wrapper for node.js
The npm package block_io receives a total of 355 weekly downloads. As such, block_io popularity was classified as not popular.
We found that block_io demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Last updated on 26 Oct 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
By Sarah Gooding - Apr 19, 2024
Research
Security News
npm Package for ReExt React Components Library Exfiltrates Git Credentials
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
By Sarah Gooding, Socket Research Team - Apr 18, 2024