Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
coinbase-api
Advanced tools
Node.js SDK for Coinbase's REST APIs and WebSockets, with TypeScript & strong end to end tests.
Updated & performant JavaScript & Node.js SDK for the Coinbase REST APIs and WebSockets:
npm install --save coinbase-api
Check out my related JavaScript/TypeScript/Node.js projects:
Most methods accept JS objects. These can be populated using parameters specified by Coinbase's API documentation.
This project uses typescript. Resources are stored in 2 key structures:
Create API credentials
To use any of Coinbase's REST APIs in JavaScript/TypeScript/Node.js, import (or require) the client you want to use. We currently support the following clients:
const { CBAdvancedTradeClient } = require('coinbase-api');
/**
* Or, with import:
* import { CBAdvancedTradeClient } from 'coinbase-api';
*/
// insert your API key details here from Coinbase API Key Management
const advancedTradeCdpAPIKey = {
// dummy example keys to understand the structure
name: 'organizations/13232211d-d7e2-d7e2-d7e2-d7e2d7e2d7e2/apiKeys/d7e2d7e2-d7e2-d7e2-d7e2-d7e2d7e2d7e2',
privateKey:
'-----BEGIN EC PRIVATE KEY-----\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+oAoGCCqGSM49\nAwEHoUQDQgAEhtAep/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+bzduY3iYXEmj/KtCk\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj\n-----END EC PRIVATE KEY-----\n',
};
const client = new CBAdvancedTradeClient({
// Either pass the full JSON object that can be downloaded when creating your API keys
// cdpApiKey: advancedTradeCdpAPIKey,
// Or use the key name as "apiKey" and private key (WITH the "begin/end EC PRIVATE KEY" comment) as "apiSecret"
apiKey: advancedTradeCdpAPIKey.name,
apiSecret: advancedTradeCdpAPIKey.privateKey,
});
// Example usage of the CBAdvancedTradeClient
try {
const accounts = await client.getAccounts();
console.log('Get accounts result: ', accounts);
} catch (e) {
console.error('Exception: ', JSON.stringify(e));
}
const { CBAppClient } = require('coinbase-api');
/**
* Or, with import:
* import { CBAppClient } from 'coinbase-api';
*/
// insert your API key details here from Coinbase API Key Management
const CBAppKeys = {
// dummy example keys to understand the structure
name: 'organizations/13232211d-d7e2-d7e2-d7e2-d7e2d7e2d7e2/apiKeys/d7e2d7e2-d7e2-d7e2-d7e2-d7e2d7e2d7e2',
privateKey:
'-----BEGIN EC PRIVATE KEY-----\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+oAoGCCqGSM49\nAwEHoUQDQgAEhtAep/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+bzduY3iYXEmj/KtCk\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj\n-----END EC PRIVATE KEY-----\n',
};
const client = new CBAppClient({
// Either pass the full JSON object that can be downloaded when creating your API keys
// cdpApiKey: CBAppCdpAPIKey,
// Or use the key name as "apiKey" and private key (WITH the "begin/end EC PRIVATE KEY" comment) as "apiSecret"
apiKey: CBAppKeys.name,
apiSecret: CBAppKeys.privateKey,
});
try {
// Transfer money between your own accounts
const transferMoneyResult = await client.transferMoney({
account_id: 'your_source_account_id',
type: 'transfer',
to: 'your_destination_account_id',
amount: '0.01',
currency: 'BTC',
});
console.log('Transfer Money Result: ', transferMoneyResult);
} catch (e) {
console.error('Error: ', e);
}
const { CBInternationalClient } = require('coinbase-api');
/**
* Or, with import:
* import { CBInternationalClient } from 'coinbase-api';
*/
// insert your API key details here from Coinbase API Key Management
const client = new CBInternationalClient({
apiKey: 'insert_api_key_here',
apiSecret: 'insert_api_secret_here',
apiPassphrase: 'insert_api_passphrase_here',
// Set "useSandbox" to use the CoinBase International API sandbox environment
// useSandbox: true,
});
try {
// Get asset details
const assetDetails = await client.getAssetDetails({ asset: 'BTC' });
console.log('Asset Details: ', assetDetails);
} catch (e) {
console.error('Exception: ', JSON.stringify(e, null, 2));
}
const { CBExchangeClient } = require('coinbase-api');
/**
* Or, with import:
* import { CBExchangeClient } from 'coinbase-api';
*/
// insert your API key details here from Coinbase API Key Management
const client = new CBExchangeClient({
apiKey: 'insert_api_key_here',
apiSecret: 'insert_api_secret_here',
apiPassphrase: 'insert_api_passphrase_here',
// Set "useSandbox" to use the CoinBase International API sandbox environment
// useSandbox: true,
});
try {
// Get a single currency by id
const currency = await client.getCurrency('BTC');
console.log('Currency: ', currency);
} catch (e) {
console.error('Exception: ', JSON.stringify(e, null, 2));
}
See all clients here for more information on all the functions or the examples for lots of usage examples. You can also check the endpoint function list here to find all available functions!
All available WebSockets can be used via a shared WebsocketClient
. The WebSocket client will automatically open/track/manage connections as needed. Each unique connection (one per server URL) is tracked using a WsKey (each WsKey is a string - see WS_KEY_MAP for a list of supported values - WS_KEY_MAP
can also be used like an enum).
Any subscribe/unsubscribe events will need to include a WsKey, so the WebSocket client understands which connection the event should be routed to. See examples below or in the examples folder on GitHub.
Data events are emitted from the WebsocketClient via the update
event, see example below:
const { WebsocketClient } = require('coinbase-api');
/**
* Or, with import:
* import { WebsocketClient } from 'coinbase-api';
*/
// public ws client, doesnt need any api keys to run
const client = new WebsocketClient();
// The WS Key (last parameter) dictates which WS feed this request goes to (aka if auth is required).
// As long as the WS feed doesn't require auth, you should be able to subscribe to channels without api credentials.
client.subscribe(
{
topic: 'status',
payload: {
product_ids: ['XRP-USD'],
},
},
'advTradeMarketData',
);
const { WebsocketClient } = require('coinbase-api');
/**
* Or, with import:
* import { WebsocketClient } from 'coinbase-api';
*/
// key name & private key, as returned by coinbase when creating your API keys.
// Note: the below example is a dummy key and won't actually work
const advancedTradeCdpAPIKey = {
name: 'organizations/13232211d-d7e2-d7e2-d7e2-d7e2d7e2d7e2/apiKeys/d7e2d7e2-d7e2-d7e2-d7e2-d7e2d7e2d7e2',
privateKey:
'-----BEGIN EC PRIVATE KEY-----\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+oAoGCCqGSM49\nAwEHoUQDQgAEhtAep/ADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj+bzduY3iYXEmj/KtCk\nADFGHmkgnjdfg16k165kuu1kdtyudtyjdtyjytj\n-----END EC PRIVATE KEY-----\n',
};
const client = new WebsocketClient({
// Either pass the full JSON object that can be downloaded when creating your API keys
// cdpApiKey: advancedTradeCdpAPIKey,
// Or use the key name as "apiKey" and private key (WITH the "begin/end EC PRIVATE KEY" comment) as "apiSecret"
apiKey: advancedTradeCdpAPIKey.name,
apiSecret: advancedTradeCdpAPIKey.privateKey,
});
// add event listeners for websocket clients
client.on('open', (data) => {
console.log('open: ', data?.wsKey);
});
// Data received
client.on('update', (data) => {
console.info(new Date(), 'data received: ', JSON.stringify(data));
});
// Something happened, attempting to reconenct
client.on('reconnect', (data) => {
console.log('reconnect: ', data);
});
// Reconnect successful
client.on('reconnected', (data) => {
console.log('reconnected: ', data);
});
// Connection closed. If unexpected, expect reconnect -> reconnected.
client.on('close', (data) => {
console.error('close: ', data);
});
// Reply to a request, e.g. "subscribe"/"unsubscribe"/"authenticate"
client.on('response', (data) => {
console.info('response: ', JSON.stringify(data, null, 2));
// throw new Error('res?');
});
client.on('exception', (data) => {
console.error('exception: ', data);
});
/**
* Use the client subscribe(topic, market) pattern to subscribe to any websocket topic.
*
* You can subscribe to topics one at a time or many in one request.
*
* Topics can be sent as simple strings, if no parameters are required:
*/
// market data
client.subscribe('heartbeats', 'advTradeMarketData');
// This is the same as above, but using WS_KEY_MAP like an enum to reduce any uncertainty on what value to use:
// client.subscribe('heartbeats', WS_KEY_MAP.advTradeMarketData);
// user data
client.subscribe('futures_balance_summary', 'advTradeUserData');
client.subscribe('user', 'advTradeUserData');
/**
* Or send a more structured object with parameters, e.g. if parameters are required
*/
const tickerSubscribeRequest = {
topic: 'ticker',
/**
* Anything in the payload will be merged into the subscribe "request",
* allowing you to send misc parameters supported by the exchange (such as `product_ids: string[]`)
*/
payload: {
product_ids: ['ETH-USD', 'BTC-USD'],
},
};
client.subscribe(tickerSubscribeRequest, 'advTradeMarketData');
/**
* Other adv trade public websocket topics:
*/
client.subscribe(
[
{
topic: 'candles',
payload: {
product_ids: ['ETH-USD'],
},
},
{
topic: 'market_trades',
payload: {
product_ids: ['ETH-USD', 'BTC-USD'],
},
},
{
topic: 'ticker',
payload: {
product_ids: ['ETH-USD', 'BTC-USD'],
},
},
{
topic: 'ticker_batch',
payload: {
product_ids: ['ETH-USD', 'BTC-USD'],
},
},
{
topic: 'level2',
payload: {
product_ids: ['ETH-USD', 'BTC-USD'],
},
},
],
'advTradeMarketData',
);
See WebsocketClient for further information and make sure to check the examples folder for much more usage examples, especially publicWs.ts and privateWs.ts, which explains a lot of small details.
Pass a custom logger which supports the log methods trace
, info
and error
, or override methods from the default logger as desired.
const { WebsocketClient, DefaultLogger } = require('coinbase-api');
/**
* Or, with import:
* import { WebsocketClient, DefaultLogger } from 'coinbase-api';
*/
// E.g. customise logging for only the trace level:
const logger = {
// Inherit existing logger methods, using an object spread
...DefaultLogger,
// Define a custom trace function to override only that function
trace: (...params) => {
if (
[
'Sending ping',
'Sending upstream ws message: ',
'Received pong, clearing pong timer',
'Received ping, sending pong frame',
].includes(params[0])
) {
return;
}
console.log('trace', params);
},
};
const ws = new WebsocketClient(
{
apiKey: 'apiKeyHere',
apiSecret: 'apiSecretHere',
apiPassphrase: 'apiPassPhraseHere',
},
logger,
);
Have my projects helped you? Share the love, there are many ways you can show your thanks:
0xA3Bda8BecaB4DCdA539Dc16F9C54a592553Be06C
Contributions are encouraged, I will review any incoming pull requests. See the issues tab for todo items.
FAQs
Node.js SDK for Coinbase's REST APIs and WebSockets, with TypeScript & strong end to end tests.
The npm package coinbase-api receives a total of 5,688 weekly downloads. As such, coinbase-api popularity was classified as popular.
We found that coinbase-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.