Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
hubot-openassets
Advanced tools
Hubot script for managing and sending assets based on the Open Assets protocol
A hubot script for managing and sending assets based on the Open Assets protocol. Initially written for easily sending Kosmos Kredits to contributors of the Kosmos open source project.
The script contains addressbook functionality so you can send assets to a
nickname instead of an address. For example, after adding an entry via kredits addressbook add derbumi akDWac1wFCFtaF2omEZ5KLTPMMPS4C5s89H
you can send
kredits to that user using a simple kredits send 100 to derbumi
.
Listing/showing assets and balances works without an additional server. Sending kredits is done via a Ruby/Rack app called openassets-sinatra, which is running together with bitcoind on a server.
Key | Description |
---|---|
OA_BOT_KEYWORD | The keyword for issuing asset commands. Usually the asset name in lowercase, e.g. "kredits" |
OA_ASSET_ID | ID of the asset to be transferred |
OA_ASSET_FROM_ADDRESS | Sender's wallet open asset address |
OA_DEFAULT_QUANTITY | Quantity of assets that should be sent if not provided by the user |
OA_SERVER_URL | URL of the open assets server that does the actual transfer |
OA_SERVER_USERNAME | Username for server basic auth |
OA_SERVER_PASSWORD | Password for server basic auth |
OA_MAX_QUANTITY (optional) | Maximum quantity of assets that can be transferred |
Key | Description |
---|---|
<keyword> addressbook add <name> <address> | ... |
<keyword> addressbook delete <name> | ... |
<keyword> addressbook list | ... |
<keyword> show <name> | ... |
<keyword> list | ... |
<keyword> send [amount] to <name> | ... |
<name>++ | ... |
FAQs
Hubot script for managing and sending assets based on the Open Assets protocol
We found that hubot-openassets demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.