
Security News
libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden
Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure.
DApp Toolkit for Solana.
Example: Connect to Solana devnet
RPC:
const conn = solana.connect("dev")
See: @solana/web3.js
Connection
const conn = solana.connect("dev")
const mnemonic = Wallet.generateMnemonic()
const wallet = await Wallet.fromMnemonic(mnemonic, conn)
const conn = solana.connect("dev")
const mnemonic = "spin canyon tuition upset pioneer celery liquid conduct boy bargain dust seed"
const wallet = await Wallet.fromMnemonic(mnemonic, conn)
console.log(wallet.address)
await conn.requestAirdrop(wallet.pubkey, 1e9)
Visit explorer to see account info:
https://explorer.solana.com/address/4i7YkLD9RiiACd4gbG9HdTUUH2wTfTycuRwB8GcehzMd?cluster=devnet
const conn = solana.connect("dev")
const mnemonic = "spin canyon tuition upset pioneer celery liquid conduct boy bargain dust seed"
const wallet = await Wallet.fromMnemonic(mnemonic, conn)
for (let i = 0; i < 10; i++) {
// generate a subwallet on a hardened path
const subwallet = wallet.derive(`${i}'`)
console.log(i, subwallet.address)
}
Outputs:
0 GziwkGpdZDhfGiVm6XbhHE7AxqWz3jsFqcj8RgS9vkjp
1 BiZj86nxypouBDuuzv4uzzsdwQHiMGK7v1RA3JqAhwqE
2 vTwNcpSuZ9uKBBm4KzGsF7bNmBTqXCo5KvK88LZVhCX
3 9A6c6CCekFfcMt2uhjhNMoZnHnNMW5sDqEUVPHb8FW1N
4 FDnToGeENVcF6NYAAedGAn8ZoXbf3vDuVzE7GsCyegD9
5 Ef413p9kVUSPmwJbcmHwF8b8YUDiiNCs5F4jQdfv3bzx
6 CFt5muH2K53VFd7Fi5W7s8LhrJnNZZidm9tRNA671k1G
7 GMC8dHpXHnMteKSpiFbD1d6v9Kxx3y2GCXAaFFtfrKoX
8 g3FjgBPctNjhQA5639oR7gk2dpVFkkePBo71rzGJ9u1
9 8dUEQMXWoiWve3xh1Udq1NWY9WynFXhE6o6jUkeF5Y4N
The BaseProgram
is an abstract class that you can extend to build concise API that interacts with programs deployed on Solana.
The BaseProgram
constructor requires Wallet
and the programID
, so that an instance of base program will use the wallet's account to sign transactions, as well as using the specified programID to create instructions.
// Create an instance of the Faucet program
const faucet = new Faucet(wallet, facuetProgramID)
// Request the faucet to send tokens a receiver
await faucet.request({
receiver: receiver.pubkey,
tokenAccount: faucetTokenAccountPubkey,
tokenOwner: faucetTokenOwner,
})
The Faucet
program extends BaseProgram
:
import {
PublicKey,
BaseProgram,
ProgramAccount,
SPLToken,
} from "soldo"
interface RequestParams {
receiver: PublicKey
tokenAccount: PublicKey
tokenOwner: ProgramAccount
}
export class Faucet extends BaseProgram {
public async request(params: RequestParams) {
return this.sendTx([
// instructions
this.requestInstruction(params),
], [
// signers
this.account,
])
}
private requestInstruction(params: RequestParams) {
const data = params.tokenOwner.noncedSeed
return this.instruction(data, [
// writable: true, isSigned: false
{ write: params.receiver },
// writable: false, isSigned: false
SPLToken.programID,
// writable: true, isSigned: false
{ write: params.tokenAccount },
// writable: false, isSigned: false
params.tokenOwner.pubkey,
])
}
}
FAQs
DApp Toolkit for Solana.
The npm package solray receives a total of 0 weekly downloads. As such, solray popularity was classified as not popular.
We found that solray demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure.
Research
Security News
Socket investigates hidden protestware in npm packages that blocks user interaction and plays the Ukrainian anthem for Russian-language visitors.
Research
Security News
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.