Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
Dash library provides access via DAPI to use both the Dash Core network and Dash Platform on supported networks. The Dash Core network can be used to broadcast and receive payments. Dash Platform can be used to manage identities, register data contracts for applications, and submit or retrieve application data via documents.
In order to use this library, you will need to add it to your project as a dependency.
Having NodeJS installed, just type : npm install dash
in your terminal.
npm install dash
For browser usage, you can also directly rely on unpkg :
<script src="https://unpkg.com/dash"></script>
const Dash = require("dash"); // or import Dash from "dash"
const client = new Dash.Client({
wallet: {
mnemonic: "arena light cheap control apple buffalo indicate rare motor valid accident isolate",
},
apps: {
tutorialContract: {
// Learn more on how to register Data Contract
// https://dashplatform.readme.io/docs/tutorial-register-a-data-contract#registering-the-data-contract
contractId: "<tutorial-contract-id>"
}
}
});
// Accessing an account allow you to transact with the Dash Network
client.wallet.getAccount().then(async (account) => {
console.log('Funding address', account.getUnusedAddress().address);
const balance = account.getConfirmedBalance();
console.log('Confirmed Balance', balance);
if (balance > 0) {
// Obtain identity - the base of all platform interactions
// Read more on how to create an identity here: https://dashplatform.readme.io/docs/tutorial-register-an-identity
const identityIds = account.identities.getIdentityIds();
const identity = await client.platform.identities.get(identityIds[0]);
// Prepare a new document containing a simple hello world sent to a hypothetical tutorial contract
const document = await client.platform.documents.create(
'tutorialContract.note',
identity,
{ message: 'Hello World' },
);
// Broadcast the document into a new state transition
await client.platform.documents.broadcast({ create: [document] }, identity);
// Retrieve documents
const documents = await client.platform.documents.get('tutorialContract.note', {
limit: 2,
});
console.log(documents);
}
});
Dash SDK bundled into a standalone package, so that the end user never have to worry about mananaging polyfills or related dependencies
const Dash = require('dash')
const {
Essentials: {
Buffer // Node.JS Buffer polyfill.
},
Core: { // @dashevo/dashcore-lib essentials
Transaction,
PrivateKey,
BlockHeader,
// ...
},
PlatformProtocol: { // @dashevo/wasm-dpp essentials
Identity,
Identifier,
},
WalletLib: { // @dashevo/wallet-lib essentials
EVENTS
},
DAPIClient, // @dashevo/dapi-client
} = Dash;
The Dash SDK works using multiple dependencies that might interest you:
Some features might be more extensive in those libs, as Dash SDK only wraps around them to provide a single interface that is easy to use (and thus has less features).
More extensive documentation available at https://dashpay.github.io/platform/SDK/.
Feel free to dive in! Open an issue or submit PRs.
MIT © Dash Core Group, Inc.
FAQs
Dash library for JavaScript/TypeScript ecosystem (Wallet, DAPI, Primitives, BLS, ...)
The npm package dash receives a total of 2,046 weekly downloads. As such, dash popularity was classified as popular.
We found that dash demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.