Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The web3-net package is a sub-package of the web3.js library that provides network-related functionalities for interacting with Ethereum nodes. It allows developers to retrieve information about the network, such as the network ID, peer count, and listening status.
Get Network ID
This feature allows you to retrieve the network ID of the connected Ethereum network. The network ID is a unique identifier for different Ethereum networks (e.g., Mainnet, Ropsten, Rinkeby).
const Web3 = require('web3');
const web3 = new Web3('http://localhost:8545');
web3.eth.net.getId().then(console.log);
Get Peer Count
This feature allows you to get the number of peers currently connected to the Ethereum node. This can be useful for monitoring the health and connectivity of your node.
const Web3 = require('web3');
const web3 = new Web3('http://localhost:8545');
web3.eth.net.getPeerCount().then(console.log);
Check if Node is Listening
This feature checks if the Ethereum node is currently listening for network connections. It returns a boolean value indicating the listening status.
const Web3 = require('web3');
const web3 = new Web3('http://localhost:8545');
web3.eth.net.isListening().then(console.log);
The ethers.js library is a complete and compact library for interacting with the Ethereum blockchain. It provides similar functionalities to web3-net, such as network information retrieval, but also includes additional features like contract interaction, wallet management, and utilities for working with Ethereum data structures.
Ethjs is a highly modular and lightweight library for interacting with the Ethereum network. It offers similar network-related functionalities as web3-net, such as retrieving network ID and peer count, but is designed to be more modular and minimalistic, allowing developers to include only the parts they need.
The web3.js library is the parent package of web3-net and provides a comprehensive suite of tools for interacting with the Ethereum blockchain. It includes all the functionalities of web3-net along with additional modules for contract interaction, account management, and more.
This is a sub-package of web3.js.
web3-net
package allows to interact with an Ethereum node’s network properties.
You can install the package either using NPM or using Yarn
npm install web3-net
yarn add web3-net
Script | Description |
---|---|
clean | Uses rimraf to remove dist/ |
build | Uses tsc to build package and dependent packages |
lint | Uses eslint to lint package |
lint:fix | Uses eslint to check and fix any warnings |
format | Uses prettier to format the code |
test | Uses jest to run unit tests |
test:integration | Uses jest to run tests under /test/integration |
test:unit | Uses jest to run tests under /test/unit |
[4.1.0]
RpcErrorMessages
that contains mapping for standard RPC Errors and their messages. (#6230)TransactionGasMismatchInnerError
for clarity on the error in TransactionGasMismatchError
(#6215)MissingGasInnerError
for clarity on the error in MissingGasError
(#6215)rpc_method_wrapper
(signTypedData
) for the rpc calls eth_signTypedData
and eth_signTypedData_v4
(#6286)signTypedData
method to the Web3Eth
class (#6286)getEncodedEip712Data
method that takes an EIP-712 typed data object and returns the encoded data with the option to also keccak256 hash it (#6286)signTypedData
method to eth_rpc_methods
for the rpc calls eth_signTypedData
and eth_signTypedData_v4
(#6286)eth_signTypedData
and eth_signTypedData_v4
to web3_eth_execution_api
(#6286)Eip712TypeDetails
and Eip712TypedData
to eth_types
(#6286)json-schema
as a main json schema type (#6264)estimateGas
unless transaction builder options.fillGas
is false. (#6249)blockHeaderSchema
properties causing some properties to not appear in response of newHeads
subscription (#6243)blockHeaderSchema
properties causing some properties to not appear in response of newHeads
subscription (#6243)CommonSubscriptionEvents &
at every child class of Web3Subscription
(#6262)_processSubscriptionResult
and _processSubscriptionError
has been written in the base class Web3Subscription
and maid public
. (#6262)formatSubscriptionResult
could be used to customize data formatting instead of re-implementing _processSubscriptionResult
. (#6262)CommonSubscriptionEvents &
for the first generic parameter of Web3Subscription
when inheriting from it. (#6262)MissingGasError
error message changed for clarity (#6215)input
and data
are no longer auto populated for transaction objects if they are not present. Instead, whichever property is provided by the user is formatted and sent to the RPC provider. Transaction objects returned from RPC responses are still formatted to contain both input
and data
properties (#6294)input
and data
are now optional properties on PopulatedUnsignedBaseTransaction
(previously input
was a required property, and data
was not available) (#6294)is-my-json-valid
with zod
dependency. Related code was changed (#6264)ValidationError
and JsonSchema
were changed (#6264)blockHeaderSchema
properties causing some properties to not appear in response of newHeads
subscription (#6243)RawValidationError
was removed (#6264)RawValidationError
was removed (#6264)FAQs
Web3 module to interact with the Ethereum nodes networking properties.
The npm package web3-net receives a total of 352,764 weekly downloads. As such, web3-net popularity was classified as popular.
We found that web3-net demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.