Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
NOTE: You can find a full version of our docs here
🚀 Quickstart
Runes3 is a modern Typescript and NodeJS llibrary for Bitcoin Runes. Featuring XVERSE wallet support, rune balance and event indexing, ultra fast runestone decoders with WASM and much more!
Install Runes3
npm i runes3
Get a Runes RPC endpoint
You will also need an RPC endpoint to connect to a Nana indexer (see below for a free one) or a fully synced nana node.
What is Nana?
Nana is an extension to the original Runes indexer by Ord. It was developed by Runeapes Labs and comes with extra features such as:
- More extensive endpoints to its RPC than ord
- Much faster indexing (where as Ord can take up to a week, nana indexes the runes ledger in 12 hours). Infact if you are reading this at night and you setup a nana node right now, it will be ready by the time you wake up (assuming youre a heavy sleeper haha).
- A 30GB total ledger size (rather than 220gb+ for ORD)
- A codebase written fully in Javascript and an industry standard database (postgresql) which can be easily modified to do whatever you want.
- Doesn't need a BTC full node to build the Runes ledger! (can use an RPC endpoint like from quicknode) saving you about 100 dollars per month in block cloud storage.
If you don't want to host a version of Nana yourself:
You can also use satsignal's free public endpoint:
https://runes.satsignal.io/v1
or if you require your own personal authed endpoint (with much more flexible rate limits), you can create an account for free with our friends over at https://satsignal.io
Connect to the RPC with Runes3
const { Runes3 } = require("runes3");
const Runes = new Runes3("https://runes.satsignal.io/v1");
/*
NOTE:
satsignal.io provides this free endpoint for everyone to support the Runes
ecoosystem. If you need higher ratelimits you can create an account there and
get an authed endpoint or run your own runes node with
https://github.com/runeapeslabs/Nana (1tb+ of storage and 16gb of ram required)
*/
3. Get an Accounts balance
const { Runes3 } = require("runes3");
const Runes = new Runes3("https://runes.satsignal.io/v1");
const start = async () => {
const balances = await Runes.getAccount(
"bc1pdcy7dw547w8qle3ltc3efulsv2ng66pwy3fwcxpphmn8ghc5sxfsgh72la"
).getBalances();
console.log("This address has the following runes: ", balances.keys());
console.log("The balance for 845769:3964 is: ");
const balance = balances.get("845769:3964").getAmount();
console.log(balance);
};
start();
FAQs
A Javascript library for interacting with Bitcoin Runes
We found that runes3 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 25 Aug 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024