Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
chainstack-covalent-sdk
Advanced tools
chainstack-covalent-sdk
An SDK designed to streamline the process of developing using the integration of Chainstack with Covalent APIs, enhancing the ease of use and efficiency
Chainstack is the leading suite of services connecting developers with Web3 infrastructure
• Homepage •
Supported protocols •
Chainstack blog •
Chainstack docs •
Blockchain API reference •
• Start for free •
Chainstack Covalent API JavaScript SDK
A JavaScript SDK designed to streamline the process of developing using the integration of Chainstack with Covalent APIs, enhancing the ease of use and efficiency.
Quickstart
-
Install the Chainstack-Covalent integration from your Chainstack console.
-
Get a Chainstack API key.
-
In your project's directory, install the Chainstack SDK:
npm i chainstack-covalent-sdk
- In a new file, import the Chainstack SDK and use your Chainstack API key in the constructor:
const {ChainstackApi} = require("chainstack-covalent-sdk")
const CHAINSTACK_API_KEY = 'YOUR_CHAINSTACK_API_KEY'
const chainstack = new ChainstackApi(CHAINSTACK_API_KEY);
-
(Optional but recommended) — The Chainstack-Covalent SDK comes with the
dotenvpackage included, so you can use a.envfile to import the Chainstack API key:- Create a
.envfile with your Chainstack API key:
CHAINSTACK_API_KEY="YOUR_CHAINSTACK_API_KEY"- Import it in your project:
const {ChainstackApi} = require("chainstack-covalent-sdk") const CHAINSTACK_API_KEY = process.env.CHAINSTACK_API_KEY const chainstack = new ChainstackApi(CHAINSTACK_API_KEY); - Create a
Usage
The Chainstack-Covalent SDK has many endpoints to get all sorts of data, from smart contract deployments to NFT data. Each endpoint takes an object as a parameter to configure the call to the Covalent API.
Fetch token balances
This endpoint fetches all the token balances from the specified address on the selected chain:
const {ChainstackApi} = require("chainstack-covalent-sdk")
const CHAINSTACK_API_KEY = process.env.CHAINSTACK_API_KEY
const chainstack = new ChainstackApi(CHAINSTACK_API_KEY);
// Config parameters
const parameters = {
chainName: 'eth-mainnet',
walletAddress: '0xae2Fc483527B8EF99EB5D9B44875F005ba1FaE13',
currency: 'USD',
nft: true,
noNftFetch: false,
noSpam: true,
};
chainstack.fetchTokenBalances(parameters)
.then(data => console.log(data))
.catch(error => console.error(error));
Explain the parameter object
The parameters object allows for fine tuning of your request, here is the explanation about the configuration parameters for fetchTokenBalances:
-
chainName (string, required): This parameter represents the name of the blockchain network you're interested in. For example, 'eth-mainnet' for the Ethereum mainnet. Find a complete list on the Covalent docs.
const chainName = 'eth-mainnet'; -
walletAddress (string, required): This is the address of the wallet for which you want to fetch token balances. If you pass in an Ethereum Name Service (ENS) address or a RSK Name Service (RNS) address, it will be automatically resolved to the corresponding wallet address.
const walletAddress = '0xae2Fc483527B8EF99EB5D9B44875F005ba1FaE13'; -
quote-currency (string, optional): This is the currency in which you want the balances to be quoted, such as 'USD' for United States Dollars. If not provided, the balances may be returned in the native currency of the blockchain network.
const quoteCurrency = 'USD'; -
nft (boolean, optional): If set to
true, Non-Fungible Tokens (NFTs) will be included in the response along with fungible tokens. Iffalseor not provided, NFTs will not be included.const nft = true; -
no-nft-fetch (boolean, optional): If set to
true, the response will only include NFTs that have been cached. This can make the response faster, as it avoids having to fetch data about NFTs from the blockchain. Iffalseor not provided, all NFTs will be included, regardless of whether they are cached.const noNftFetch = false; -
no-spam (boolean, optional): If set to
true, any tokens that are suspected to be spam will be excluded from the response. This currently supports 'eth-mainnet' and 'matic-mainnet'. Iffalseor not provided, all tokens, including potential spam, will be included.const noSpam = true;
Remember, this function returns a promise. Handle this promise appropriately in your code, either by using .then() and .catch() methods, or by using the await keyword inside an async function with a try-catch block.
Work in progress
This tool and its documentation is work in progress, we will be adding a complete list of endpoints available soon.
Keywords
FAQs
An SDK designed to streamline the process of developing using the integration of Chainstack with Covalent APIs, enhancing the ease of use and efficiency
We found that chainstack-covalent-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 18 Jul 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026