Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
eth-contract-metadata
Advanced tools
Readme
A mapping of checksummed ethereum addresses to metadata, like names, and images of those addresses' logos.
All address keys follow the EIP 55 address checksum format.
This repository is effectively frozen. We recommend that developers of new tokens use EIP 747 to ask the user's permission to display your tokens in their wallet. This reduces the dangers of airdrop-based phishing, and reduces administrative overhead from managing this list.
You can install from npm with npm install eth-contract-metadata
and use it in your code like this:
import contractMap from 'eth-contract-metadata'
import ethJSUtil from 'ethereumjs-util'
const { toChecksumAddress } = ethJSUtil
function imageElFor (address) {
const metadata = contractMap[toChecksumAddress(address)]
if (metadata?.logo) {
const fileName = metadata.logo
const path = `${__dirname}/images/contract/${fileName}`
const img = document.createElement('img')
img.src = path
img.style.width = '100%'
return img
}
}
imageElFor ("0x06012c8cf97BEaD5deAe237070F9587f8E7A266d")
Maintaining this list is a considerable chore, and it is not our highest priority. We do not guarantee inclusion in this list on any urgent timeline. We are actively looking for fair and safe ways to maintain a list like this in a decentralized way, because maintaining it is a large and security-delicate task.
images
folder.contract-map.json
file with the specified address as the key, and the image file's name as the value.Criteria:
A sample submission:
{
"0x6090A6e47849629b7245Dfa1Ca21D94cd15878Ef": {
"name": "ENS Registrar",
"logo": "ens.svg"
}
}
Tokens should include a field "erc20": true
, and can include additional fields:
A full list of permitted fields can be found in the permitted-fields.json file.
FAQs
A mapping of ethereum contract addresses to broadly accepted icons for those addresses.
The npm package eth-contract-metadata receives a total of 57 weekly downloads. As such, eth-contract-metadata popularity was classified as not popular.
We found that eth-contract-metadata demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.