Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
serum-vial
Advanced tools
Real-time market data API server for Serum DEX
Minions
worker threads* and single Serum Producer
that runs in the main threadMinions
are responsible for WebSockets subscriptions management, constructing L2 & L1 messages out of L3 messages published by Serum Producer
and broadcasting all those messages to all subscribed clientsSerum Producer
is responsible for connecting to Serum Node RPC WS API and subscribing all relevant accounts changes (event & request queue, bids & asks) for all supported markets as well as producing L3 market data messages that are then passed to minions and published as WebSocket messages to all subscribed clients* multi core support via worker_threads
is linux only feature which allows multiple threads to bind to the same port, see https://github.com/uNetworking/uWebSockets.js/issues/304 and https://lwn.net/Articles/542629/ - for other OSes there's only one worker thread running
That will start serum-vial server running on port 8000
npx serum-machine
If you'd like to switch to different Serum Node endpoint, change port or run with debug logs enabled, just add one of the available CLI options:
npx serum-machine --endpoint https://solana-api.projectserum.com --debug --port 8080
Run npx serum-machine --help
to see all available startup options (node endpoint url, port etc.)
Installs serum-machine
globally and runs it on port 8000
.
npm install -g serum-machine
serum-machine
If you'd like to switch to different Serum Node endpoint, change port or run with debug logs enabled, just add one of the available CLI options:
serum-machine --endpoint https://solana-api.projectserum.com --debug --port 8080
Run serum-machine --help
to see all available startup options (node endpoint url, port etc.)
Pulls and runs latest version of tardisdev/serum-machine
image. Serum Matchine server will available on host via 8000
port (for example http://localhost:8000/v1/markets) with debug logs enabled (TM_DEBUG
env var).
docker run -p 8000:8000 -e "SM_ENDPOINT=https://solana-api.projectserum.com" -e "SM_DEBUG=true" -d tardisdev/serum-machine:latest
/ws
endpointAllows subscribing to Serum DEX real-market data streams.
const ws = new WebSocket('ws://localhost:8000/v1/streams')
ws.onmessage = (message) => {
console.log(message)
}
ws.onopen = () => {
const subscribePayload = {
op: 'subscribe',
channel: 'level3',
markets: ['BTC/USDT']
}
ws.send(JSON.stringify(subscribePayload))
}
/markets
Accepts no params and returns non depreciated Serum markets.
http://localhost:8000/v1/markets
[
{
"symbol": "BTC/USDT",
"deprecated": false,
"address": "EXnGBBSamqzd3uxEdRLUiYzjJkTwQyorAaFXdfteuGXe",
"programId": "EUqojwWA2rd19FZrzeBncJsm38Jm1hEhE3zsmX3bRc2o",
"tickSize": 0.1,
"minOrderSize": 0.0001,
"supportsReferralFees": true,
"supportsSrmFeeDiscounts": true
},
{
"symbol": "BTC/USDC",
"deprecated": false,
"address": "5LgJphS6D5zXwUVPU7eCryDBkyta3AidrJ5vjNU6BcGW",
"programId": "EUqojwWA2rd19FZrzeBncJsm38Jm1hEhE3zsmX3bRc2o",
"tickSize": 0.1,
"minOrderSize": 0.0001,
"supportsReferralFees": true,
"supportsSrmFeeDiscounts": true
}
...
]
FAQs
Real-time WebSocket market data API server for Serum DEX
The npm package serum-vial receives a total of 9 weekly downloads. As such, serum-vial popularity was classified as not popular.
We found that serum-vial demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.