Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The Raiden Network is an off-chain scaling solution, enabling near-instant, low-fee and scalable payments. It's complementary to the Ethereum Blockchain and works with any ERC20 compatible token. The Raiden project is work in progress. Its goal is to research state channel technology, define protocols and develop reference implementations.
INFO: The Raiden client and smart contracts have been released for Mainnet for the Alderaan release of the Raiden Network in May 2020.
The Raiden Network is an infrastructure layer on top of the Ethereum Blockchain. While the basic idea is simple, the underlying protocol is quite complex and the implementation non-trivial. Nonetheless the technicalities can be abstracted away, such that developers can interface with a rather simple API to build scalable decentralized applications based on the Raiden Network.
If you haven't used Raiden before, you can
If you want to use Raiden:
Read the tentative specification for the Raiden Network to understand in detail how Raiden works. It is maintained within this repository.
The Raiden Network is getting created with a set of tools, which are maintained in different repositories.
The solidity smart contracts, libraries and deployment tools are used to bootstrap a Raiden Network on an Ethereum Chain.
The Raiden Python client within the current repository is used to manage payment channels and to make token transfers.
A configured matrix server joins a federation of Matrix servers which is used as the transport layer for the Raiden Network.
The Service repository contains the code for following services:
The Light Client repository contains the code for following applications:
The Raiden WebUI is Raiden Web User Inteface to manage channels and make token transfers.
The Raiden Explorer visualizes the nodes of the Raiden Networks and shows more statistical information.
The Raiden Wizard makes it easy to install a Raiden client and join the Raiden Network.
The Scenario Player is an integration testing tool for the Raiden contracts, the Raiden client and the services.
The Workshop Scripts enable workshop facilitators to easily host a Raiden Workshop.
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
Also have a look at the Raiden Development Guide and the Raiden Developer On-boarding Guide for more info.
Distributed under the MIT License.
Dev Chat: Gitter
Twitter: @raiden_network
Website: Raiden Network
Blog: Medium
Mail: contact@raiden.network
The Raiden project is led by brainbot labs Est.
Disclaimer: Please note, that even though we do our best to ensure the quality and accuracy of the information provided, this publication may contain views and opinions, errors and omissions for which the content creator(s) and any represented organization cannot be held liable. The wording and concepts regarding financial terminology (e.g. "payments", "checks", "currency", "transfer" [of value]) are exclusively used in an exemplary way to describe technological principles and do not necessarily conform to the real world or legal equivalents of these terms and concepts.
FAQs
Unknown package
We found that raiden demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.