Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
experimental-offchain-zkapp-storage
Advanced tools
This project is currently under development and should not be used in production.
An experimental library designed for storing zkApp data off-chain. The project is currently in development and is not intended for production use. This library serves as a reference implementation for Tutorial 6, which illustrates how to store zkApp data off-chain."
Ensure all required modules are installed. To do so, run the following command:
npm install
In the main.ts
file, you can toggle the useLocalBlockchain
variable to switch between local testing and real-world usage.
For local testing, predefined accounts will be used.
For Berkeley
mode, you must provide a deployerPrivateKey
and zkAppPrivateKey
as command line arguments.
To generate these keys, you can use the following command:
npm run generate-key
Ensure that the offchain server is running. To do so, run the following command:
npm run server
This will start the server on port 3001
.
Finally, to run the example, use the following command:
npm run build
node build/src/examples/main.js [deployerPrivateKey] [zkAppPrivateKey]
Note: Always remember to safeguard private keys and never expose them publicly. Use environment variables or secure vaults to manage sensitive information in production environments.
This server is designed to interact with the zkApp and help store and manage zkApp related data. It is currently set up for development purposes and should not be relied upon for production-level storage.
/data
/data
/publicKey
FAQs
This project is currently under development and should not be used in production.
We found that experimental-offchain-zkapp-storage demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.