Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
web3-core
Advanced tools
The web3-core package is a core module of the Web3.js library, which is used to interact with the Ethereum blockchain. It provides essential functionalities such as managing accounts, sending transactions, and interacting with smart contracts.
Managing Accounts
This feature allows you to create and manage Ethereum accounts. The code sample demonstrates how to create a new Ethereum account using the web3-core package.
const Web3 = require('web3');
const web3 = new Web3('https://mainnet.infura.io/v3/YOUR_INFURA_PROJECT_ID');
// Create a new account
const account = web3.eth.accounts.create();
console.log(account);
Sending Transactions
This feature allows you to send transactions on the Ethereum network. The code sample demonstrates how to sign and send a transaction using the web3-core package.
const Web3 = require('web3');
const web3 = new Web3('https://mainnet.infura.io/v3/YOUR_INFURA_PROJECT_ID');
const transaction = {
to: '0xRecipientAddress',
value: web3.utils.toWei('0.1', 'ether'),
gas: 2000000
};
web3.eth.accounts.signTransaction(transaction, 'YOUR_PRIVATE_KEY').then(signedTx => {
web3.eth.sendSignedTransaction(signedTx.rawTransaction).on('receipt', console.log);
});
Interacting with Smart Contracts
This feature allows you to interact with smart contracts deployed on the Ethereum network. The code sample demonstrates how to call a method on a smart contract using the web3-core package.
const Web3 = require('web3');
const web3 = new Web3('https://mainnet.infura.io/v3/YOUR_INFURA_PROJECT_ID');
const contractABI = [/* ABI array */];
const contractAddress = '0xContractAddress';
const contract = new web3.eth.Contract(contractABI, contractAddress);
contract.methods.myMethod().call().then(console.log);
The ethers.js library is a complete and compact library for interacting with the Ethereum blockchain and its ecosystem. It provides similar functionalities to web3-core, such as managing accounts, sending transactions, and interacting with smart contracts. Ethers.js is known for its simplicity and ease of use.
Truffle Contract is a library that provides a better abstraction for interacting with Ethereum smart contracts. It is part of the Truffle Suite and offers a higher-level API compared to web3-core, making it easier to work with smart contracts. It integrates seamlessly with the Truffle framework for development and testing.
This is a sub-package of web3.js.
web3-core
package contains core functions for web3.js packages.
You can install the package either using NPM or using Yarn
npm install web3-core
yarn add web3-core
Script | Description |
---|---|
clean | Uses rimraf to remove dist/ |
build | Uses tsc to build package and dependent packages |
lint | Uses eslint to lint package |
lint:fix | Uses eslint to check and fix any warnings |
format | Uses prettier to format the code |
test | Uses jest to run unit tests |
test:integration | Uses jest to run tests under /test/integration |
test:unit | Uses jest to run tests under /test/unit |
FAQs
Web3 core tools for sub-packages. This is an internal package.
The npm package web3-core receives a total of 399,411 weekly downloads. As such, web3-core popularity was classified as popular.
We found that web3-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.