Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
This project provides a consolidated set of resources that together can allow a developer, whether working on ElectrumSV directly or on an application based on ElectrumSV, to develop, run and test while offline (and is especially aimed at facilitating rigourous CI/CD functional testing).
Licence: The Open BSV License
Maintainers: Roger Taylor, AustEcon
Project Lead: Roger Taylor
Language: Python (>=3.9)
Homepage: https://electrumsv.io/
Detailed documentation is hosted here
To install from pypi:
> pip install --upgrade electrumsv-sdk
Now you have global access to a script called 'electrumsv-sdk.exe' from any console window.
For help:
> electrumsv-sdk --help
Note: You must run electrumsv-sdk install <component type>
first for each component type. This may require system dependencies
you also need - please read the documentation.
If you want help for one of the subcommands (e.g. 'start') do:
> electrumsv-sdk start --help
Which will show:
usage: electrumsv-sdk start [-h] [--new] [--gui] [--background] [--inline] [--new-terminal] [--id ID] [--repo REPO] [--branch BRANCH] {electrumsv,merchant_api,node,status_monitor,whatsonchain,whatsonchain_api} ...
positional arguments:
{electrumsv,merchant_api,node,status_monitor,whatsonchain,whatsonchain_api}
subcommand
electrumsv start electrumsv
merchant_api start merchant_api
node start node
status_monitor start status_monitor
whatsonchain start whatsonchain
whatsonchain_api start whatsonchain_api
optional arguments:
-h, --help show this help message and exit
--new run a new instance with unique 'id'
--gui run in gui mode (electrumsv only)
--background spawn in background
--inline spawn in current shell
--new-terminal spawn in a new terminal window
--id ID human-readable identifier for component (e.g. 'worker1_esv')
--repo REPO git repo as either an https://github.com url or a local git repo path e.g. G:/electrumsv (optional)
--branch BRANCH git repo branch (optional)
Note: The "optional arguments" come before specifying the component_type
e.g.:
> electrumsv-sdk start --new --id=myspecialnode node
Docker support is here: https://github.com/electrumsv/electrumsv-sdk-docker. However, do note that we cannot promise to keep the docker support up-to-date as we are stretched too thin and have other priorities. Nevertheless, help will be gladly accepted.
You might also find what you need here: https://github.com/jadwahab/regtest-stack. Please check that one out too. Jad and co. are better placed to keep up with the bleeding edge versioning of the node, mAPI and LiteClient services as they are directly involved with many of those projects. They also do not have the additional python layer of abstraction to sort out when it comes to docker.
The current versions of each component are maintained in
electrumsv_sdk/app_versions.py
.
FAQs
ElectrumSV SDK
We found that electrumsv-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.