
Security News
PodRocket Podcast: Inside the Recent npm Supply Chain Attacks
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
ilp-plugin-xrp-escrow
Advanced tools
ILP ledger plugin using the escrow features of ripple
NOTE: This plugin is under development, and should not yet be used with funds of over ~ 0.01 USD in value.
This can easily be done with:
npm install
node ./scripts/genKeyPair.js
Store your hot wallet secret (seed) in a text file. Use your hot wallet account (address) in the next step.
For security reasons, and because we're mainly looking at micropayments here anyway, make sure your hot wallet balance never exceeds ~ 0.01 USD. See Issuing and Operational Addresses for more information on how to use hot/warm/cold wallets.
npm install -g wscat
wscat -c wss://s1.ripple.com
connected (press CTRL+C to quit)
> {"command":"account_info","account":"raymJpdRBoqLjJ7vhLnjo7GFLYrG8j3yey"}
< {"account":"raymJpdRBoqLjJ7vhLnjo7GFLYrG8j3yey","error":"actNotFound","error_code":18,"error_message":"Account not found.","ledger_current_index":29171107,"request":{"account":"raymJpdRBoqLjJ7vhLnjo7GFLYrG8j3yey","command":"account_info"},"status":"error","type":"response","validated":false}
Someone will have to send you some XRP drops to play around with.
Ask in https://gitter.im/interledger/Lobby.
Now, when you run the account_info
command again in wscat, you should see something more like this:
> {"command":"account_info","account":"raymJpdRBoqLjJ7vhLnjo7GFLYrG8j3yey"}
< {"result":{"account_data":{"Account":"raymJpdRBoqLjJ7vhLnjo7GFLYrG8j3yey","Balance":"50000000","Flags":0,"LedgerEntryType":"AccountRoot","OwnerCount":0,"PreviousTxnID":"0000000000000000000000000000000000000000000000000000000000000000","PreviousTxnLgrSeq":0,"Sequence":1,"index":"9B8BF54B62E8A0C9D1BB46CB11A8417479EEA90FFAF9D128E9C66E709A430A60"},"ledger_current_index":29171125,"validated":false},"status":"success","type":"response"}
Now that you have a Ripple wallet, you can use it in combination with other
ILP-related npm modules (e.g. ilp-connector
), as follows:
const PluginXrpEscrow = require('ilp-plugin-xrp-escrow')
const plugin = new PluginXrpEscrow({
secret: '<your hot wallet secret>',
server: 'wss://s1.ripple.com',
prefix: 'g.crypto.ripple.escrow.' // optional
})
Requires node 7 or higher, to support async/await.
FAQs
> ILP ledger plugin using the escrow features of ripple
The npm package ilp-plugin-xrp-escrow receives a total of 2 weekly downloads. As such, ilp-plugin-xrp-escrow popularity was classified as not popular.
We found that ilp-plugin-xrp-escrow demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
Security News
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
Product
Socket Firewall is a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.