Node JS module
Introduction
Existing client API library for Ardor suffer from the following limitations:
- The API library sends the passphrase directly to the remote node in order to sign transactions, this means that the remote node has to be trusted which limits the usability of the API library.
- Some client libraries does implement local transaction signing but still were unable to validate unsigned bytes data returned from a random remote node thus still making it somewhat insecure to submit transactions to a random remote node.
- Client API libraries are developed by 3rd party developers so sometimes lag behind recent changes.
To address these problems we introduced a simple Node JS module which can be used for JavaScript application development using the Ardor platform APIs.
This node JS module is now integral part of the core. It is wrapper of the existing Ardor Wallet JavaScript code configured as a node JS module.
Use Cases
- The Node JS module is able to work securely against any random Ardor node without trusting the node.
- When submitting a transaction, data submitted to a remote node is validated against the returned unsigned bytes.
- Transactions are signed locally so that the account passphrase is never submitted to a remote node.
- Message encrytption can be performed client side.
- API calls work at a higher level compared to the APIs provided by the existing test page, so that for example, complex numeric conversions and various formatting functions are already implemented by the API library.
- Updates to this API library will follow the standard Ardor release process and will be maintained by core developers.
Getting Started
To quickly get started using the node JS module, see instructions in the ./html/www/js/README file of your Nxt or Ardor installation.
The ./html/www/js/sample folder contains several code examples to get you started quickly and provide a reference implementation.
Limitations
The module depends on JQuery and JSDom. This is known to cause problems with integration with some software packages.
The module is currently not deployed to NPM because of the lack of ability to digitally sign NPM packages and verify their authenticity. This might change in the future.