200,000 Hydro Testing Bounty for Wordpress 2.0 Plugin (Open to Any Devs / Users alike)

[HarshRajat]

The task is an extension of the task described in issued #230

What are the deliverables?

1. Download WP Plugin 2.0 and install it on your Wordpress site.
2. Find a bug and report it in the comment below along with the severity you think the bug has and why so.

Oversight Process I (@HarshRajat) along with Tim (@mitdralla) will be overseeing the completion of this task. In the end, the decision on the severity of the bug lies on us.

Bounty Structure / How you a user can earn Hydro? 200,000 Hydro as a reward is reserved for testing and quality evaluation of the code and will only be released to the developer (@adrenth) after 3 months if certain conditions are met as outlined below.

Till then the testing bounty will be open for claims by anyone in the community who can find severe issues with the plugins within 3 months of the development.

Each severe issue if found to be true will reward the discoverer with a maximum of 10,000 hydro taken from the reserved bounty of developer. If there are more than 20 issues, then all the reserved testing bounty would be divided equally between each verified tester).

At the end of 3 months, the rest of the remaining bounty (if any) will be given to the developer. Happy Testing Everyone!

[realquink]

I had an older version installed. I clicked update in my plugin admin area to update to the latest version. I go to the settings area and both the API and Customization area are blank for me. I also tried clearing my browser cache too:

[HarshRajat]

@realquink Thanks for the bug report. Portion of the Bounty has been reserved for you according to the rules. Addressed this in v2.0.1, have another go at it :).

[realquink]

@HarshRajat Thank you!

Updated to the latest version and it's working great, thanks!

[Riskex1]

With plugin version 2.0.1 activated, unable to publish articles from external programs like Live Writer. I imagine a large number of blogger would be using Live Writer

[HarshRajat]

Hi @Riskex1, we are looking into this. Will reply shortly.

[HarshRajat]

@Riskex1 Thanks for the bug report. XMLRPC was never a part of the scope so great job finding this. Portion of the Bounty has been reserved for you according to the rules. Addressed this in v2.0.2, have another go at it :).

[Riskex1]

Works now thanks. All I have to do now is figure out how to get an API - still confused🥴

[HarshRajat]

Would love to help if this is in regards to the plugin. Feel free to share even if it's not, and we will try to co-figure it out :)

[Riskex1]

I can’t figure out where to find the API to set up the plugin - can I get one in sandbox mode or do I need developer approval? Is there any simple instructions anywhere for laymen?

[HarshRajat]

You need to sign up on hydrogenplatform.com and login there to get the API keys. It’s instant to get one in sandbox mode though it’s recommended to apply for production which usually doesn’t take more than 12-24 hours for approval.

On Sat, Nov 17, 2018 at 12:46 PM Riskex1 notifications@github.com wrote:

I can’t figure out where to find the API to set up the plugin - can I get one in sandbox mode or do I need developer approval? Is there any simple instructions anywhere for laymen?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/HydroCommunity/hcdp/issues/236#issuecomment-439595052, or mute the thread https://github.com/notifications/unsubscribe-auth/AVnPeIkuB8czUs95D2aRDhXQ9WKX6Y-iks5uv7e_gaJpZM4YIbJD .

[Riskex1]

I’ve gone thru that whole process but can’t find where the API key is? I found the client ID and client secret but where do I find API?????

[Riskex1]

Ok - it wouldn’t let me set up an application previously - now it works????

[HarshRajat]

Ahh, ok. You need to go to Raindrop section and add a new application for that code.

On Sat, Nov 17, 2018 at 1:04 PM Riskex1 notifications@github.com wrote:

I’ve gone thru that whole process but can’t find where the API key is? I found the other two key codes

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/HydroCommunity/hcdp/issues/236#issuecomment-439596211, or mute the thread https://github.com/notifications/unsubscribe-auth/AVnPeA9sHAaTIJ8yYzYQxKmTIHIbFywVks5uv7wcgaJpZM4YIbJD .

[Riskex1]

Yes I tried that a few times all day but got an error message saying it couldn’t be set up. However, it works now?? Now I’m struggling to get the app to recognise my site - I’ll try again tmw

[Riskex1]

Would it be possible to get some sort of logo or seal saying something to the effect of “Secured by Hydro” that I could publish on my site - perhaps even a link for more info? I get over 10k views per day and it may help your publicity? Id also like to publish an article about using hydro for 2FA - can you help me with that or tell me what I can republish with permission?

[HarshRajat]

That would be awesome @Riskex1, Do you use discord? if so, let's connect over there so my fellow DAs can also help :). My id is Harsh#3931.

[Riskex1]

Cool - I don’t know anything about discord but I’ll go and check it out in the morning

[Riskex1]

My discord id is Dav23a #7622

[damsalem]

Installed plugin 2.0.2 and activated successfully. However, the activation message is all whited out. See screenshot.

I then highlighted any apparently invisible text and found that it was just white (text) on white (background). See screenshot.

[damsalem]

NOTE: This is not an error, but it is UI/UX flaw. The process to get the API data is not user-friendly. The WP page says to go to the website, create an account, and "apply for Production Access". This last step is a bit of a jump with no direct step named as such.

I believe you wanted us to do the following:

1. From the dashboard, under "Hydro" click on [Request Access].
2. Connect my Github account.
3. Describe my project
4. Click on [Submit].

The confirmation screen does not provide users with certainty that this is the correct process because after the confirmation it says the Hydro airdrop has concluded. In addition, there is a bad link here with an Erro404. See screenshot

[damsalem]

Severe Error Found I discovered what appears to be a severe error. After installing the WP plugin, I tried to connect it to my app by entering my HydroID. Unfortunately, the WP plugin seems to be locked into some sort of uppercase mode and the values appear case sensitive.

In other words, I cannot connect my iOS Hydro app with the WP plugin.

[HarshRajat]

ntly invisible text and found that it was just white (text) on white (background). See screenshot.

Hey, this seems to be a css issue which depends on how the theme is over riding the functionality. It doesn't happen on other themes which we have tested. Let us know if you find it to reoccur on other themes as well.

[HarshRajat]

NOTE: This is not an error, but it is UI/UX flaw. The process to get the API data is not user-friendly. The WP page says to go to the website, create an account, and "apply for Production Access". This last step is a bit of a jump with no direct step named as such.

I believe you wanted us to do the following:

1. From the dashboard, under "Hydro" click on [Request Access].
2. Connect my Github account.
3. Describe my project
4. Click on [Submit].

The confirmation screen does not provide users with certainty that this is the correct process because after the confirmation it says the Hydro airdrop has concluded. In addition, there is a bad link here with an Erro404. See screenshot

@damsalem Thanks for providing this feedback, I will be passing it to Hydro Core so that they can take a call on the UI/UX part.

[HarshRajat]

Severe Error Found I discovered what appears to be a severe error. After installing the WP plugin, I tried to connect it to my app by entering my HydroID. Unfortunately, the WP plugin seems to be locked into some sort of uppercase mode and the values appear case sensitive.

In other words, I cannot connect my iOS Hydro app with the WP plugin.

The process is case-less so it shouldn't be an issue, please retry and confirm..

[damsalem]

Severe Error Found I discovered what appears to be a severe error. After installing the WP plugin, I tried to connect it to my app by entering my HydroID. Unfortunately, the WP plugin seems to be locked into some sort of uppercase mode and the values appear case sensitive. In other words, I cannot connect my iOS Hydro app with the WP plugin.

The process is case-less so it shouldn't be an issue, please retry and confirm..

Thanks for getting back to me. I still cannot register. I get the same error: "Could not register user with Hydro ID 3hog0dr: The given username does not exist."

You can see that it does indeed exist by looking at this screenshot from my phone.

[Riskex1]

I had the same problem. It was because I hadn't yet been approved as a developer and was still in sandbox mode. I had to wait for approval and then set up a new project. It works superbly now and very happy with it. The instructions on setting this plugin up are not very user friendly at all and quite confusing for someone who isn't a developer!! Still I played around and eventually fluked the proper set up and very happy now. I hope they can make the instructions clearer as I was very close to giving up on this (glad i didn't but many others might)

[mitdralla]

Feedback on the documentation is helpful - we will take a look at how we can improve that. Thank you for your feedback. 👍🏼

[mitdralla]

@damsalem can you confirm if you are in a similar scenario as described above? If not we can take a look further.

[Riskex1]

Thanks. Step by step, jargon free instructions with screen shots would be useful. I've been using Wordpress for 10 years but I'm no developer and most WordPress users would be in the same boat unless they do engage their own developer. I'm not expecting plug n play but I got very frustrated trying to implement this plugin and probably only got there in the end by accident after trying lots of different things - may be simple, obvious stuff to you guys but, .......... I'm very happy with the end result!!

[damsalem]

@damsalem can you confirm if you are in a similar scenario as described above? If not we can take a look further.

@Riskex1 it sounds like you correctly identified my circumstances. Yes @mitdralla this seems to be my situation. Looking at Hydro I find I'm still in Sandbox mode (see screenshots)

[HarshRajat]

Severe Error Found I discovered what appears to be a severe error. After installing the WP plugin, I tried to connect it to my app by entering my HydroID. Unfortunately, the WP plugin seems to be locked into some sort of uppercase mode and the values appear case sensitive. In other words, I cannot connect my iOS Hydro app with the WP plugin.

The process is case-less so it shouldn't be an issue, please retry and confirm..

Thanks for getting back to me. I still cannot register. I get the same error: "Could not register user with Hydro ID 3hog0dr: The given username does not exist."

You can see that it does indeed exist by looking at this screenshot from my phone.

Hey, Thanks for getting back. We are investigating this. To be clear, you did select Add New Account on your mobile app and then entered your HydroID on the website... correct?

[damsalem]

Hey, Thanks for getting back. We are investigating this. To be clear, you did select Add New Account on your mobile app and then entered your HydroID on the website... correct?

@HarshRajat yes indeed. I wonder if this problem is because I'm still in sandbox mode? I requested production access only a few minutes ago.

[HarshRajat]

@damsalem Ahh... yeah, that might be the issue. Let's wait and see.

[adrenth]

Bounty can be send to: 0x094E8D8cdA1B1aD799a56358AcF3B4eaa4c35CCA

[nickvalentine19]

Is the bounty still opened? Cause I found a small bug...

[HarshRajat]

@nickvalentine19 The bounty will be closed in 24 hours so please send the bug report for it to be eligible for the reward.

[HarshRajat]

Closing this issue now. @realquink, @Riskex1 Please mention your Eth address here for processing the bounty. As per the rules stated above, you both get 10,000 Hydro each and @adrenth gets the remaining 180,000 Hydro. Congrats to all of you.

[Riskex1]

Thank you - please send to 0xA91caB77D0a3f18159b358697e573500fE812844

[HarshRajat]

Congrats and Thanks for your participation in making the plugin bulletproof. Bounties have been sent. PFA transaction hashes below.

@adrenth: https://etherscan.io/tx/0xc292c3ab327fa303453b7dfc7ae246d0de1529344d80644e9ecf4aecb15b7017

@realquink: https://etherscan.io/tx/0xb72e5b379f8c81914f7fcc56c38d15a3db79a61dfb44508b03874ba069177501

@Riskex1: https://etherscan.io/tx/0xbceffe3a0ddb2f41b2134b2c47bf4d881dc492f5689bcc755e81eaeb97c3b86f