Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
ZeppelinOS JavaScript Library (zos-lib)
JavaScript library for the ZeppelinOS smart contract platform.
ZeppelinOS is a platform to develop, deploy and operate smart contract projects on Ethereum and every other EVM and eWASM-powered blockchain.
This is the repository for the ZeppelinOS JavaScript library. It is mainly used
by the
zos command-line interface,
which is the recommended way to use ZeppelinOS; but this library can also be
used directly to operate ZeppelinOS projects when a programmatic interface is
preferred or more flexibility and lower-level access is required.
Install
First, install Node.js and npm. Then, install the ZeppelinOS JavaScript Library running:
npm install zos-lib
Usage
Suppose there is a contract called MyContract in the file
contracts/MyContract.sol, already compiled to
build/contracts/MyContract.json, and that there is a development blockchain
network running locally in port 9545.
Open a Node.js console:
node
> const { ZWeb3, Contracts, SimpleProject } = require('zos-lib')
> // Initialize a web3 provider.
> ZWeb3.initialize("http://localhost:9545")
> // Load the contract.
> const MyContract = Contracts.getFromLocal('MyContract')
> // Instantiate a project.
> myProject = new SimpleProject('MyProject', { from: await ZWeb3.defaultAccount() })
> // Create a proxy for the contract.
> myProject.createProxy(MyContract).then(proxy => myProxy = proxy)
> // Make a change on the contract, and compile it.
> const MyContractUpgraded = Contracts.getFromLocal('MyContract')
> myProject.upgradeProxy(proxy, MyContractUpgraded)
Security
If you find a security issue, please contact us at security@zeppelinos.org. We give rewards for reported issues, according to impact and severity.
API
TODO.
Maintainers
Contribute
To contribute, join our community channel on Telegram where you can talk to all the ZeppelinOS developers, contributors, partners and users.
You can also follow the recent developments of the project in our blog and Twitter account.
License
MIT © Zeppelin
FAQs
JavaScript library for the ZeppelinOS smart contract platform
We found that zos-lib demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 20 Feb 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025