Upgrade web3 module - Githubissues

WhiteflagProtocol / whiteflag-api

Reference implementation of the Whiteflag protocol in Node.js that acts as an API to connect applications with the underlying blockchains

https://api.whiteflagprotocol.org

Other

4 stars 5 forks source link

Upgrade web3 module #20

Closed ts5746 closed 4 years ago

ts5746 commented 4 years ago

The Whiteflag API is using v2.0.0-alpha.1 of the web3.js Ethereum JavaScript API. Although this version provides the future API, it is not as well maintained as v1.x. As a result v2.0.0-alpha.1 of the package currently introduces a security vulnerability due to its dependency on the elliptic package. See https://npmjs.com/advisories/1547

Consider reverting to v1.x of the web3.js Ethereum JavaScript API.

ts5746 commented 4 years ago

Reverted to v1.2.11 of the web3.js Ethereum JavaScript API. Reviewed all methods and tested Ethereum connectivity and transaction processing. Solution merged into develop with commit 3dfbdfee1d13b4f0132c633981f65bc8f9eb6fde.