Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
dfinity-radix-tree
Advanced tools
:evergreen_tree: This implements a binary merkle radix tree. The point of using a binary radix tree is that it generates smaller proof size then trees with larger radixes. This tree is well suited for storing large dictonaries of fairly random keys. And is optimized for storing keys of the same length. If the keys are not random better performance can be achived by hashing them first. It builds on top of ipld-graph-builder and the resulting state and proofs are generated using it.
npm install dfinity-radix-tree
const RadixTree = require('js-dfinity-radix-tree')
const level = require('level')
const db = level('./tempdb')
async function main () {
const prover = new RadixTree({
db: db
})
await prover.set('test', Buffer.from('value'))
await prover.set('doge', Buffer.from('coin'))
await prover.set('cat', Buffer.from('dog'))
await prover.set('monkey', Buffer.from('wrench'))
// create a merkle root and save the tree
const merkleroot = await prover.flush()
// start a new Instance with the root
const verifier = new RadixTree({
db: db,
root: merkleroot
})
const {value} = await verifier.get('monkey')
console.log(value.toString())
}
main()
The result of the benchmarks show that the binary radix tree produces proofs on average %67 small then the Ethereum Trie with 100000 keys stored.
All code and designs are open sourced under GPL V3.
FAQs
This implements a binary merkle radix tree
The npm package dfinity-radix-tree receives a total of 0 weekly downloads. As such, dfinity-radix-tree popularity was classified as not popular.
We found that dfinity-radix-tree demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.