Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
did-comm-audit
Advanced tools
This template repository provides a bare-bones structure for writing an agent plugin for Veramo and/or for providing your own implementations for key management and storage, or for DID storage.
This template repository provides a bare-bones structure for writing an agent plugin for Veramo and/or for providing your own implementations for key management and storage, or for DID storage.
package.json
yarn
yarn generate-plugin-schema
to re-generate a schema for your pluginyarn build
or yarn watch
yarn start
or VSCode Debugger (CMD + Shift + D) > Run OpenAPI server
An agent plugin for Veramo is a class that provides some methods to be called on the agent object, and also emit and listen to agent events triggered by other plugins.
This repository has an example of such a class in ./src/agent-plugin/my-plugin.ts
that implements the myPluginFoo()
method and listens to validatedMessage
events and emits my-event
and my-other-event
.
The schema and data types associated with this plugin are declared
in ./src/types/IMyAgentPlugin.ts
Adding a declaration for this in package.json
is necessary to programmatically regenerate the schema for this plugin:
{
//...
"veramo": {
"pluginInterfaces": {
"IMyAgentPlugin": "./src/types/IMyAgentPlugin.ts"
}
}
}
A plugin can declare multiple interfaces, and each interface can have multiple methods and events.
The schema for the plugin is (re)generated by running yarn generate-plugin-schema
.
This template contains some skeleton code for some customizations to the ways keys are managed by Veramo. You can
change how and where keys are stored and
how they are encrypted by the default Veramo plugins, and/or create your own
AbstractKeyManagementSystem
implementation from scratch.
You can change how DIDs are stored by Veramo. You can implement support for other DID methods by overriding MyIdentifierProvider
See ./agent.yml for an example Veramo CLI configuration that uses the plugin and customizations from this template alongside other Veramo plugins to create a fully functioning agent.
There are a number of ways to test your plugin.
This repository contains 2 sample test setups that run the same tests in different contexts.
@veramo/remote-client
to expose the methods
of the remote agent locally, and runs the tests using the local agent.You can also run yarn veramo server
in your terminal and then go to http://localhost:3335/api-docs to see all the
available plugin methods. You can call them after you click Authorize and provide the API key defined
in agent.yml. By default, it is test123
.
This repository includes some Visual Studio Code launch configurations that can be used for step by step debugging.
FAQs
This template repository provides a bare-bones structure for writing an agent plugin for Veramo and/or for providing your own implementations for key management and storage, or for DID storage.
We found that did-comm-audit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.