Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
serum-vial
Advanced tools
That will start serum-vial server running on port 8000
npx serum-vial
If you'd like to switch to different Serum Node endpoint, change port or run with debug logs enabled, just add one of the available CLI options:
npx serum-vial --endpoint https://solana-api.projectserum.com --log-level debug --port 8080
Run npx serum-vial --help
to see all available startup options (node endpoint url, port etc.)
Installs serum-vial
globally and runs it on port 8000
.
npm install -g serum-vial
serum-vial
If you'd like to switch to different Serum Node endpoint, change port or run with debug logs enabled, just add one of the available CLI options:
serum-vial --endpoint https://solana-api.projectserum.com --debug --port 8080
Run serum-vial --help
to see all available startup options (node endpoint url, port etc.)
Pulls and runs latest version of tardisdev/serum-vial
image. Serum Matchine server will available on host via 8000
port (for example http://localhost:8000/v1/markets) with debug logs enabled (SV_LOG_LEVEL
env var).
docker run -p 8000:8000 -e "SM_ENDPOINT=https://solana-api.projectserum.com" -e "SV_LOG_LEVEL=debug" -d tardisdev/serum-vial:latest
Minions
worker threads and multiple Serum Producers
Minions
are responsible for WebSockets subscriptions management, constructing L2 & L1 messages out of L3 messages published by Serum Producer
and broadcasting all those messages to all subscribed clientsSerum Producer
is responsible for connecting to Serum Node RPC WS API and subscribing all relevant accounts changes (event & request queue, bids & asks) for all supported markets as well as producing L3 market data messages that are then passed to minions and published as WebSocket messages to all subscribed clients* multi core support via worker_threads
for Minions
is linux only feature which allows multiple threads to bind to the same port, see https://github.com/uNetworking/uWebSockets.js/issues/304 and https://lwn.net/Articles/542629/ - for other OSes there's only one worker thread running
/ws
endpointAllows subscribing to Serum DEX real-market data streams.
const ws = new WebSocket('ws://localhost:8000/v1/ws')
ws.onmessage = (message) => {
console.log(message)
}
ws.onopen = () => {
const subscribePayload = {
op: 'subscribe',
channel: 'level2', // or level1, level3, trades
markets: ['BTC/USDC']
}
ws.send(JSON.stringify(subscribePayload))
}
/markets
Accepts no params and returns non depreciated Serum markets.
http://localhost:8000/v1/markets
[
{
"symbol": "BTC/USDT",
"deprecated": false,
"address": "EXnGBBSamqzd3uxEdRLUiYzjJkTwQyorAaFXdfteuGXe",
"programId": "EUqojwWA2rd19FZrzeBncJsm38Jm1hEhE3zsmX3bRc2o",
"tickSize": 0.1,
"minOrderSize": 0.0001,
"supportsReferralFees": true,
"supportsSrmFeeDiscounts": true
},
{
"symbol": "BTC/USDC",
"deprecated": false,
"address": "5LgJphS6D5zXwUVPU7eCryDBkyta3AidrJ5vjNU6BcGW",
"programId": "EUqojwWA2rd19FZrzeBncJsm38Jm1hEhE3zsmX3bRc2o",
"tickSize": 0.1,
"minOrderSize": 0.0001,
"supportsReferralFees": true,
"supportsSrmFeeDiscounts": true
}
...
]
FAQs
Real-time WebSocket market data API server for Serum DEX
The npm package serum-vial receives a total of 9 weekly downloads. As such, serum-vial popularity was classified as not popular.
We found that serum-vial demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.