Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library provides access via DAPI to use both the Dash Core network and Dash Platform on supported networks. The Dash Core network can be used to broadcast and receive payments. Dash Platform can be used to manage identities, register data contracts for applications, and submit or retrieve application data via documents.
In order to use this library, you will need to add it to your project as a dependency.
Having NodeJS installed, just type : npm install dash
in your terminal.
npm install dash
For browser usage, you can also directly rely on unpkg :
<script src="https://unpkg.com/dash"></script>
const Dash = require("dash"); // or import Dash from "dash"
const client = new Dash.Client({
wallet: {
mnemonic: "arena light cheap control apple buffalo indicate rare motor valid accident isolate",
},
apps: {
tutorialContract: {
// Learn more on how to register Data Contract
// https://dashplatform.readme.io/docs/tutorial-register-a-data-contract#registering-the-data-contract
contractId: "<tutorial-contract-id>"
}
}
});
// Accessing an account allow you to transact with the Dash Network
client.wallet.getAccount().then(async (account) => {
console.log('Funding address', account.getUnusedAddress().address);
const balance = account.getConfirmedBalance();
console.log('Confirmed Balance', balance);
if (balance > 0) {
// Obtain identity - the base of all platform interactions
// Read more on how to create an identity here: https://dashplatform.readme.io/docs/tutorial-register-an-identity
const identityIds = account.identities.getIdentityIds();
const identity = await client.platform.identities.get(identityIds[0]);
// Prepare a new document containing a simple hello world sent to a hypothetical tutorial contract
const document = await client.platform.documents.create(
'tutorialContract.note',
identity,
{ message: 'Hello World' },
);
// Broadcast the document into a new state transition
await client.platform.documents.broadcast({ create: [document] }, identity);
// Retrieve documents
const documents = await client.platform.documents.get('tutorialContract.note', {
limit: 2,
});
console.log(documents);
}
});
Dash SDK bundled into a standalone package, so that the end user never have to worry about mananaging polyfills or related dependencies
const Dash = require('dash')
const {
Essentials: {
Buffer // Node.JS Buffer polyfill.
},
Core: { // @dashevo/dashcore-lib essentials
Transaction,
PrivateKey,
BlockHeader,
// ...
},
PlatformProtocol: { // @dashevo/wasm-dpp essentials
Identity,
Identifier,
},
WalletLib: { // @dashevo/wallet-lib essentials
EVENTS
},
DAPIClient, // @dashevo/dapi-client
} = Dash;
The Dash SDK works using multiple dependencies that might interest you:
Some features might be more extensive in those libs, as Dash SDK only wraps around them to provide a single interface that is easy to use (and thus has less features).
More extensive documentation available at https://dashpay.github.io/platform/SDK/.
Feel free to dive in! Open an issue or submit PRs.
MIT © Dash Core Group, Inc.
FAQs
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
We found that dash demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.