Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Py-EVM is an implementation of the Ethereum protocol in Python. It contains the low level primitives for the original proof-of-work (POW), (formerly known as Ethereum 1.0) chain as well as emerging support for the proof-of-stake (POS) (formerly known as Ethereum 2.0) spec.
Py-EVM aims to eventually become the defacto Python implementation of the Ethereum protocol, enabling a wide array of use cases for both public and private chains.
In particular Py-EVM aims to:
be a reference implementation of the Ethereum POW and POS implementations in one of the most widely used and understood languages, Python.
be easy to understand and modifiable
have clear and simple APIs
come with solid, friendly documentation
deliver the low level primitives to build various clients on top (including full and light clients)
be highly flexible to support both research as well as alternate use cases like private chains.
python -m pip install py-evm
Check out the documentation on our official website
If you would like to hack on py-evm, please check out the Snake Charmers Tactical Manual for information on how we do:
We use pre-commit to maintain consistent code style. Once
installed, it will run automatically with every commit. You can also run it manually
with make lint
. If you need to make a commit that skips the pre-commit
checks, you
can do so with git commit --no-verify
.
git clone git@github.com:ethereum/py-evm.git
cd py-evm
virtualenv -p python3 venv
. venv/bin/activate
python -m pip install -e ".[dev]"
pre-commit install
To release a new version:
make release bump=$$VERSION_PART_TO_BUMP$$
To issue the next version in line, specify which part to bump,
like make release bump=minor
or make release bump=devnum
. This is typically done from the
main branch, except when releasing a beta (in which case the beta is released from main,
and the previous stable branch is released from said branch).
Want to file a bug, contribute some code, or improve documentation? Excellent! Read up on our guidelines for contributing and then check out one of our issues that are labeled Good First Issue.
FAQs
Python implementation of the Ethereum Virtual Machine
We found that py-evm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.