Blowfish makes it easy to identify & stop fraud before it happens. Join the leading wallets protecting their users funds with the blowfish security engine. For more details on Blowfish, and for a full documentation reference, you can check https://blowfish.xyz/ and https://docs.blowfish.xyz/api-docs/ respectively.
npm i @k-xo/blowfish-js
To setup a Blowfish instance, simply pass your api key, which you can get from https://blowfish.xyz/, into the constructor, note some api keys only work for the 'free' blowfish url, the snippet below describes the differences in setup.
import { Blowfish } from '@k-xo/blowfish-js';
// or
const { Blowfish } = require('@k-xo/blowfish-js');
// If making requests to https://api.blowfish.xyz/
const blowfish = new Blowfish(API_KEY);
// If making requests to https://free.api.blowfish.xyz/
const blowfish = new Blowfish(API_KEY, 'sandbox');
Scan proposed transactions for malicious intent, simulate expected state changes if the transaction were to be submitted on-chain.
const tx_data = {
transaction: {
from: '0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045',
to: '0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2',
data: '0xa9059cbb000000000000000000000000c02aaa39b223fe8d0a0e5c4f27ead9083c756cc20000000000000000000000000000000000000000000000000de0b6b3a7640000',
value: '0',
},
dappUrl: 'https://scamsite.com',
network: 'mainnet',
chain: 'ethereum',
userAccount: '0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045',
};
const response = await blowfish.scanTransaction(tx_data);
Parameter | Type | Description |
---|---|---|
chain |
string | The chain which the transaction to be scanned is on, currently only Ethereum, Polygon and Solana are supported |
transaction |
object | A transaction is an object which contains the from, to, value and data fields |
dappUrl |
string | The domain of the web application requesting the transaction |
userAccount |
string | The user account who is being asked to sign / execute the transaction |
network |
string | The network of the chain being executed on, for Solana this can be 'mainnet, 'devnet', 'testnet, for Ethereum this can be 'mainnet' and 'goerli', for Polygon this can be 'mainnet' |
Currently in Beta, -- check here for the full API specification -- https://docs.blowfish.xyz/api-docs/reference/api-reference/scan-message/evm
(h/t) @njokuScript