Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The ethers npm package is a library that provides a set of tools to interact with the Ethereum blockchain. It allows users to connect to the Ethereum network, manage wallets and keys, interact with smart contracts, and perform various other blockchain-related operations.
Connecting to Ethereum Network
This code sample demonstrates how to connect to the Ethereum network using ethers with an Infura provider.
const { ethers } = require('ethers');
const provider = new ethers.providers.JsonRpcProvider('https://mainnet.infura.io/v3/YOUR_INFURA_API_KEY');
Wallet Management
This code sample shows how to create a new wallet from a private key and connect it to an Ethereum provider.
const { ethers } = require('ethers');
const wallet = new ethers.Wallet('YOUR_PRIVATE_KEY');
const connectedWallet = wallet.connect(provider);
Interacting with Smart Contracts
This code sample illustrates how to interact with a smart contract by creating a contract instance and calling one of its functions.
const { ethers } = require('ethers');
const abi = [...] // Contract ABI
const contractAddress = '0x...'; // Contract address
const contract = new ethers.Contract(contractAddress, abi, provider);
const value = await contract.someFunction();
Sending Transactions
This code sample demonstrates how to send a transaction to the Ethereum network using a wallet instance.
const { ethers } = require('ethers');
const tx = {
to: '0x...',
value: ethers.utils.parseEther('1.0'),
gasLimit: 21000,
gasPrice: ethers.utils.parseUnits('10', 'gwei')
};
const sendPromise = wallet.sendTransaction(tx);
Querying Blockchain Data
This code sample shows how to query blockchain data, such as retrieving the latest block number and details of a specific block.
const { ethers } = require('ethers');
const blockNumber = await provider.getBlockNumber();
const block = await provider.getBlock(blockNumber);
Truffle Contract is part of the Truffle Suite and is designed to provide a more comfortable abstraction for interacting with Ethereum smart contracts. It is often used in combination with other Truffle tools for development, testing, and deployment. While it offers similar contract interaction capabilities, it is more tightly integrated with the Truffle development environment compared to ethers.
Drizzle is a collection of front-end libraries that make writing dApp front-ends easier and more predictable. It is part of the Truffle Suite and is designed to work with a Redux store. Drizzle provides reactive contract data fetching and transaction processing, which can be more convenient for dApp development. However, it is more opinionated and specific to front-end development compared to ethers, which is more general-purpose.
A complete Ethereum wallet implementation and utilities in JavaScript (and TypeScript).
Features:
For the latest news and advisories, please follow the @ethersproject on Twitter (low-traffic, non-marketing, important information only) as well as watch this GitHub project.
For the latest changes, see the CHANGELOG.
node.js
/home/ricmoo/some_project> npm install --save ethers
browser (UMD)
<script src="https://cdn.ethers.io/lib/ethers-5.0.umd.min.js" type="text/javascript">
</script>
browser (ESM)
<script type="module">
import { ethers } from "https://cdn.ethers.io/lib/ethers-5.0.umd.min.js";
</script>
Browse the documentation online:
Or browse the entire documentation as a single page to make searching easier.
These are a number of packages not included in the umbrella ethers
npm package, and
additional packages are always being added. Often these packages are for specific
use-cases, so rather than adding them to the umbrella package, they are added as
ancillary packages, which can be included by those who need them, while not bloating
everyone else with packages they do not need.
We will keep a list of useful packages here.
@ethersproject/experimental
(documentation)@ethersproject/cli
(documentation)@ethersproject/hardware-wallets
(documentation)Support the ethers project by becoming a sponsor. Get your logo added below with a link to your website (Gold and Unobtainium tiers) and on the ethers.org website.
Huge thanks to our sponsors! <3 <3
MIT License (including all dependencies).
FAQs
A complete and compact Ethereum library, for dapps, wallets and any other tools.
The npm package ethers receives a total of 951,244 weekly downloads. As such, ethers popularity was classified as popular.
We found that ethers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.