
Security News
Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
The all-in-one JavaScript/TypeScript SDK for building apps on the NCOG Earth Chain.
Supports Node.js, browsers, React, Next.js, Vite, and React Native.
Includes post-quantum cryptography, wallet management, contract interaction, extension wallet support, contract deployment, and real-time subscriptions.
necjs# Install the package
npm install necjs
# Or using yarn
yarn add necjs
Node.js Environment
# Verify Node.js version
node --version # Should be >= 16.0.0
Browser Environment
React Native Environment
The project uses Rollup for bundling with multiple output formats:
dist/index.cjs.js) - Node.js compatibilitydist/index.esm.js) - Modern JavaScriptdist/index.umd.js) - Universal module definitiondist/index.browser.esm.js) - Browser optimizationdist/index.react-native.esm.js) - React Native optimizationimport { loadWasm, Provider, Wallet } from 'necjs';
async function basicWalletExample() {
// Initialize WebAssembly
await loadWasm();
// Create wallet from private key
const wallet = await Wallet.create('0x1234567890abcdef...');
console.log('Wallet address:', wallet.address);
// Connect to blockchain
const provider = new Provider('https://rpc.ncog.earth');
// Get balance
const balance = await provider.getBalance(wallet.address);
console.log('Balance:', balance);
}
import { Provider, Contract } from 'necjs';
async function contractExample() {
const provider = new Provider('https://rpc.ncog.earth');
// Contract ABI and address
const contractABI = [...];
const contractAddress = '0x...';
// Create contract instance
const contract = new Contract(contractAddress, contractABI, provider);
// Call contract function
const result = await contract.methods.getBalance().call();
console.log('Contract balance:', result);
}
import { Provider, ContractFactory, Wallet } from 'necjs';
async function deployContract() {
await loadWasm();
const wallet = await Wallet.create('0x...');
const provider = new Provider('https://rpc.ncog.earth');
// Contract bytecode and ABI
const contractBytecode = '0x...';
const contractABI = [...];
// Deploy contract
const factory = new ContractFactory(contractABI, contractBytecode, wallet);
const contract = await factory.deploy('Constructor Parameter');
console.log('Deployed contract address:', contract.address);
}
import { Provider, ExtensionSigner } from 'necjs';
async function extensionExample() {
if (window.ncogWallet) {
const provider = new Provider('https://rpc.ncog.earth');
const signer = new ExtensionSigner(window.ncogWallet, provider);
const address = await signer.getAddress();
console.log('Extension wallet address:', address);
// Send transaction
const tx = await signer.sendTransaction({
to: '0x...',
value: '1000000000000000000' // 1 ETH
});
}
}
import { Provider, Subscription } from 'necjs';
async function subscriptionExample() {
const provider = new Provider('wss://rpc.ncog.earth');
// Subscribe to new blocks
const subscription = new Subscription(provider);
const blockSub = await subscription.subscribe('newHeads', (block) => {
console.log('New block:', block);
});
// Subscribe to contract events
const eventSub = await subscription.subscribe('logs', {
address: '0x...',
topics: ['0x...']
}, (log) => {
console.log('Contract event:', log);
});
}
import { loadWasm, MlKem } from 'necjs';
async function mlkemExample() {
await loadWasm();
// Generate key pair
const keyPair = await MlKem.keygen();
// Encrypt message
const ciphertext = await MlKem.encaps(keyPair.publicKey);
// Decrypt message
const plaintext = await MlKem.decaps(ciphertext, keyPair.secretKey);
console.log('Decrypted message:', plaintext);
}
import React, { useEffect, useState } from 'react';
import { loadWasm, Provider, Wallet } from 'necjs';
function WalletComponent() {
const [balance, setBalance] = useState(null);
const [address, setAddress] = useState(null);
useEffect(() => {
async function initWallet() {
await loadWasm();
const wallet = await Wallet.create('0x...');
const provider = new Provider('https://rpc.ncog.earth');
setAddress(wallet.address);
const bal = await provider.getBalance(wallet.address);
setBalance(bal);
}
initWallet();
}, []);
return (
<div>
<p>Address: {address}</p>
<p>Balance: {balance}</p>
</div>
);
}
new Provider(url, options?)getBalance(), getBlockNumber(), sendTransaction(), etc.create(privateKey), fromMnemonic(mnemonic)signTransaction(tx), getAddress()address, privateKeynew Contract(address, abi, provider)events.EventName()new ContractFactory(abi, bytecode, signer)deploy(...args), attach(address)new ExtensionSigner(extension, provider)getAddress(), sendTransaction(tx), signMessage(message)new Subscription(provider)subscribe(type, params?, callback), unsubscribe(id)hexToDecimalString(hex): Convert hex to decimaldecimalToHex(value): Convert decimal to hexetherToWeiHex(value): Convert Ether to WeiformatUnits(value, decimals): Format with decimalsisValidAddress(address): Validate address formatserializeForRpc(payload): Prepare RPC payloadnormalizeResponse(resp): Normalize RPC responseloadWasm(): Initialize WebAssemblyMlKem.keygen(): Generate key pairMlKem.encaps(publicKey): Encrypt messageMlKem.decaps(ciphertext, secretKey): Decrypt messageMlKem.sign(message, secretKey): Sign messageMlKem.verify(message, signature, publicKey): Verify signatureWe welcome contributions! Please see the development guide above for details on how to contribute to the project.
This project is licensed under the MIT License - see the LICENSE file for details.
NECJS SDK - Building the future of decentralized applications with post-quantum security.
FAQs
NECJS SDK for NCOG Earth Chain RPC
The npm package necjs receives a total of 1 weekly downloads. As such, necjs popularity was classified as not popular.
We found that necjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.