Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'viem' npm package is a versatile library designed for interacting with Ethereum blockchain networks. It provides a range of functionalities including connecting to Ethereum nodes, sending transactions, interacting with smart contracts, and more.
Connecting to Ethereum Nodes
This feature allows you to create a client that connects to an Ethereum node using a specified URL. In this example, the client connects to the Infura mainnet node.
const { createClient } = require('viem');
const client = createClient({
url: 'https://mainnet.infura.io/v3/YOUR_INFURA_PROJECT_ID'
});
Sending Transactions
This feature allows you to send transactions on the Ethereum network. The example demonstrates sending 1 ETH from one address to another.
const { sendTransaction } = require('viem');
const tx = await sendTransaction(client, {
from: '0xYourAddress',
to: '0xRecipientAddress',
value: '1000000000000000000' // 1 ETH in wei
});
Interacting with Smart Contracts
This feature allows you to interact with smart contracts by calling their functions. The example shows how to call a function of a smart contract using its ABI and function name.
const { callContractFunction } = require('viem');
const result = await callContractFunction(client, {
contractAddress: '0xContractAddress',
abi: [
// ABI of the contract
],
functionName: 'functionName',
args: [/* function arguments */]
});
The 'web3' package is a popular library for interacting with the Ethereum blockchain. It provides similar functionalities to 'viem' such as connecting to nodes, sending transactions, and interacting with smart contracts. However, 'web3' is more established and widely used in the Ethereum developer community.
The 'ethers' package is another widely-used library for Ethereum development. It offers a clean and simple API for interacting with the Ethereum blockchain, including functionalities for connecting to nodes, sending transactions, and interacting with smart contracts. 'ethers' is known for its ease of use and comprehensive documentation.
TypeScript Interface for Ethereum
... and a lot lot more.
// 1. Import modules.
import { createPublicClient, http } from 'viem';
import { mainnet } from 'viem/chains';
// 2. Set up your client with desired chain & transport.
const client = createPublicClient({
chain: mainnet,
transport: http(),
});
// 3. Consume an action!
const blockNumber = await client.getBlockNumber();
Check out the following places for more viem-related content:
If you're interested in contributing, please read the contributing docs before submitting a pull request.
MIT License
FAQs
TypeScript Interface for Ethereum
We found that viem demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.