Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library allows you to connect to DAPI and receive or broadcast payments on the Dash Network, manage identifies, register data contracts, retrieve or submit documents on the Dash Platform, all within a single library.
In order to use this library, you will need to add it to your project as a dependency.
Having NodeJS installed, just type : npm install dash
in your terminal.
npm install dash
For browser usage, you can also directly rely on unpkg :
<script src="https://unpkg.com/dash"></script>
const Dash = require("dash");
const client = new Dash.Client({
network: "testnet",
wallet: {
mnemonic: "arena light cheap control apple buffalo indicate rare motor valid accident isolate",
},
});
// Accessing an account allow you to transact with the Dash Network
client.getWalletAccount().then(async (account) => {
console.log("Funding address", account.getUnusedAddress().address);
const balance = account.getConfirmedBalance();
console.log("Confirmed Balance", balance);
if(balance > 0){
// Creating an identity is the basis of all interactions with the Dash Platform
const identity = await client.platform.identities.register()
// Prepare a new document containing a simple hello world sent to a hypothetical tutorial contract
const document = await platform.documents.create(
'tutorialContract.note',
identity,
{ message: 'Hello World' },
);
// Broadcast the document into a new state transition
await platform.documents.broadcast({create:[document]}, identity);
}
});
The Dash SDK works using multiple dependencies that might interest you:
Some features might be more extensive in those libs, as Dash SDK only wraps around them to provide a single interface that is easy to use (and thus has less features).
More extensive documentation available at https://dashevo.github.io/js-dash-sdk/.
Feel free to dive in! Open an issue or submit PRs.
MIT © Dash Core Group, Inc.
FAQs
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
The npm package dash receives a total of 273 weekly downloads. As such, dash popularity was classified as not popular.
We found that dash demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.