npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mistransfer

v0.0.2

Published

Recover tokens transferred to a wrong address

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mahmetsonmahmetson

Keywords

Readme

Mistransfer

This is a project submitted to the Chainlink Constellation 2023 Hackathon.

Did you send NFT or Token to the wrong smartcontract?

Mistransfer is a decentralized, automated solution to recover lost assets. Visit the demo website on Vercel to see how it works for the users.

The only thing required from the developers is to extend the smartcontract with UserCaring.sol smartcontract.

import { UserCaring } from "@turkmenson/mistransfer/contracts/UserCaring.sol";

contract Sample is UserCaring {
  constructor(address _userInterface) UserCaring(_userInterface) {}
}

Then, ask users to go to the Mistransfer website.

How it works?

All other options require a centralized responsibility from the decentralized project owner.

A developer needs to check the transaction on the explorer. Then call the function on their smartcontract. It's a hassle as it adds a high responsibility for the user's mistakes.

Mistransfer solves the developer's hassle. We host a website for the users. The transaction to get the lost tokens is executed by the users. All the fees are paid by the users. Not only for a transaction fee, but also to the smartcontract owner too. No actions required from smartcontract owners.

Here is the screenshot of Mistransfer website where user's can reclaim back the mis-transferred NFTs.

screenshot of lost nfts

Is it secure?

Does any user can call withdraw function? Nope!

When a user clicks to Reclaim button by adding transaction id. The smartcontract verifies transaction itself. Then unlocks the tokens if it's valid.

The smartcontract checks transactions using Chainlink Functions. The Chainlink Functions are a decentralized oracles that execute the Javascript code from the smartcontract.

The javascript code to verify the code is hardcoded into the smartcontract:

UserInterface.sol#L51.

Code structure

The project consists of four parts.

The primary component is the smartcontracts which is this repository.

The javascript codes for the oracles are in the scripts/ directory in .txt format.

The third part is the website repository. The website is loaded as a submodule in the website directory.

The fourth parameter is optional. It converts the POST method to GET. Chainlink Functions sometimes doesn't execute POST requests.

The POST-2-GET converter is stored in app directory. The live version hosted at https://eth-get-api-b395abe5e4a3.herokuapp.com

Smartcontracts

The project has two smartcontracts.

UserInterface

The UserInterface is the smartcontract that receives the transaction id. It's then verifies it using Chainlink Functions.

Then unlocks the tokens.

UserCaring

UserCaring adds a token/NFT withdrawing functionality with a permission to UserInterface.

The UserCaring is intended to be used by the project owners. Thus available as the NPM Package.

import { UserCaring } from "@turkmenson/mistransfer/contracts/UserCaring.sol";

contract Sample is UserCaring {
  constructor(address _userInterface) UserCaring(_userInterface) {}
}

Preventing Load

Some dapps require the user assets. For example, games, bridges, or staking contracts may lock the asset. To prevent recovering them, the UserCaring provides the modifiers. Put them in the functions that lock/burn:

    contract UserCaring {
        constructor(address userinterface) UserCaring(userinterface) {}

        modifier intentionalNftAdd(address nft, address user, uint tokenId) {};
        modifier intentionalNftRemove(address nft, address user, uint tokenId);

        modifier intentionalTokenAdd(address token, address user, uint tokenId) {};
        modifier intentionalTokenRemove(address token, address user, uint tokenId);
    }

Usage

Download the user interface as a submodule. Create .env from .env.example.

Compile the smartcontracts:

npx hardhat compile

Once compiled, deploy it.

npx hardhat run scripts/deploy.ts --network sepolia

Then export the abi.

npx hardhat export-abi