Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
ethereumjs-util
Advanced tools
The ethereumjs-util package provides a set of utility functions for Ethereum. These utilities include functions for handling addresses, big numbers, hashing, and encoding/decoding data according to the Ethereum protocol standards. It is a foundational package that can be used to develop Ethereum-based applications, facilitating tasks such as transaction formatting, signature verification, and data conversion.
Address Formatting
Converts an Ethereum address to its checksummed version to prevent case sensitivity errors.
const { toChecksumAddress } = require('ethereumjs-util');
const checksumAddress = toChecksumAddress('0xfb6916095ca1df60bb79ce92ce3ea74c37c5d359');
console.log(checksumAddress);
Hashing
Generates a keccak256 hash of the input data, a common hashing function used in Ethereum.
const { keccak256 } = require('ethereumjs-util');
const hash = keccak256(Buffer.from('hello'));
console.log('Hash:', hash.toString('hex'));
Signature Verification
Signs a message hash with a private key and serializes the signature in a format compatible with RPC calls.
const { ecsign, toRpcSig } = require('ethereumjs-util');
const privateKey = Buffer.from('c87509a1c067bbde7aebb4d3c0a0b8ab8bd02b676c91662b5f41c4ec9863d8ee', 'hex');
const msgHash = keccak256(Buffer.from('hello'));
const sig = ecsign(msgHash, privateKey);
const serializedSig = toRpcSig(sig.v, sig.r, sig.s);
console.log('Signature:', serializedSig);
Web3 is a comprehensive Ethereum library that includes utilities similar to ethereumjs-util but also provides a wide range of functionalities to interact with Ethereum nodes directly. It covers the entire Ethereum API and is more extensive for building DApps.
Ethers is a lightweight library that aims to be a complete and compact library for interacting with the Ethereum Blockchain and its ecosystem. It includes utilities for addresses, big numbers, and hashing, similar to ethereumjs-util, but also features a complete set of functions to interact with smart contracts and blockchain data.
A collection of utility functions for Ethereum. It can be used in Node.js and in the browser with browserify.
npm install ethereumjs-util
import assert from 'assert'
import { isValidChecksumAddress, unpadBuffer, BN } from 'ethereumjs-util'
const address = '0x2F015C60E0be116B1f0CD534704Db9c92118FB6A'
assert.ok(isValidChecksumAddress(address))
assert.equal(unpadBuffer(Buffer.from('000000006600', 'hex')), Buffer.from('6600', 'hex'))
assert.equal(new BN('dead', 16).add(new BN('101010', 2)), 57047)
DEPRECATED
)ethjs-util
BN
, rlp
The following methods are available provided by ethjs-util:
Import can be done directly by function name analogous to the build-in function import:
import { intToHex, stripHexPrefix } from 'ethereumjs-util'
Additionally ethereumjs-util
re-exports a few commonly-used libraries. These include:
See our organizational documentation for an introduction to EthereumJS
as well as information on current standards and best practices.
If you want to join for work or do improvements on the libraries have a look at our contribution guidelines.
MPL-2.0
FAQs
A collection of utility functions for Ethereum
The npm package ethereumjs-util receives a total of 1,231,169 weekly downloads. As such, ethereumjs-util popularity was classified as popular.
We found that ethereumjs-util demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.