https://github.com/openzeppelin/defender-sdk

Defender SDK
https://github.com/openzeppelin/defender-sdk

openzeppelin openzeppelin-defender security web3

Last synced: 10 months ago
JSON representation

Defender SDK

• Host: GitHub
• URL: https://github.com/openzeppelin/defender-sdk
• Owner: OpenZeppelin
• License: mit
• Created: 2023-05-05T22:18:48.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2025-05-26T20:50:11.000Z (11 months ago)
• Last Synced: 2025-06-09T10:37:31.516Z (11 months ago)
• Topics: openzeppelin, openzeppelin-defender, security, web3
• Language: TypeScript
• Homepage: https://api-docs.defender.openzeppelin.com
• Size: 2.81 MB
• Stars: 26
• Watchers: 12
• Forks: 17
• Open Issues: 52
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Codeowners: CODEOWNERS
  • Security: SECURITY.md

Awesome Lists containing this project

README

          
# 

[![NPM Package](https://img.shields.io/npm/v/@openzeppelin/defender-sdk.svg)](https://www.npmjs.org/package/@openzeppelin/defender-sdk)

[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/OpenZeppelin/defender-sdk/badge)](https://api.securityscorecards.dev/projects/github.com/OpenZeppelin/defender-sdk)

[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7782/badge)](https://www.bestpractices.dev/projects/7782)

[![Scorecard supply-chain security](https://github.com/OpenZeppelin/defender-sdk/actions/workflows/scorecard.yml/badge.svg)](https://github.com/OpenZeppelin/defender-sdk/actions/workflows/scorecard.yml)

[![CI](https://github.com/OpenZeppelin/defender-sdk/actions/workflows/ci.yml/badge.svg)](https://github.com/OpenZeppelin/defender-sdk/actions/workflows/ci.yml)

This monorepo contains individual OpenZeppelin Defender TypeScript clients and publishes the collection of clients as `@openzeppelin/defender-sdk`

## Usage

For detailed instructions on how to use the SDK, please refer to our [SDK Documentation](https://api-docs.defender.openzeppelin.com/).

## Development Setup

- `pnpm` for workspaces & dependency management.

- `nx` for build & tests.

- `changesets` for versioning, changelog management & publishing.

- Checkout the repo and run `pnpm i --ignore-scripts --prefer-offline && pnpm run build`.

  > Install pnpm globally with `npm i -g pnpm` if you haven't already.

- To skip cache on the subsequent build steps you can use `pnpm nx-build-skip-cache`.

## Testing

- Run `pnpm nx-test-skip-cache` to run unit tests across all packages.

## Linting & Styling

- Run `pnpm lint:check` or `pnpm prettier:check` at the project root. For fixing `pnpm lint:fix`

## Combining style, build & test in single command

- Run `pnpm nx-build-test-skip-cache`.

## Examples

The `examples` repo has sample code - note that most examples rely on `dotenv` for loading API keys and secrets.

## Lower Environments

You can set the following environment variables to control to which instance your client will connect to:

```bash

# all modules/clients besides relay signer

DEFENDER_API_URL=

DEFENDER_POOL_ID=

DEFENDER_POOL_CLIENT_ID=

# relay signer

DEFENDER_RELAY_SIGNER_API_URL=

DEFENDER_RELAY_SIGNER_POOL_ID=

DEFENDER_RELAY_SIGNER_POOL_CLIENT_ID=

```

---

### Determinstic Builds & Secure Publishes

- We use [slsa framework](https://slsa.dev/) _pronounced "salsa"_ for reproducible builds & secure pushes. Verification is done using [provenance](https://slsa.dev/provenance/v1)