Open owocki opened 3 years ago
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
This issue now has a funding of 5000.0 DAI (5000.0 USD @ $1.0/DAI) attached to it.
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work has been started.
These users each claimed they can complete the work by 1 year, 2 months ago. Please review their action plans below:
1) irhonin has been approved to start work.
I will implement integration with google 2) developerfred has been approved to start work.
I will implement Duniter P2P “freedom-enabling” 3) elhamne has been approved to start work.
I will build facebook integration. 4) hhio618 has been approved to start work.
I'll implement POAP integration based on ERC-721 NFT. 5) moonniy has been approved to start work.
I like implement ENS lookup for Sybil attack resistance
Learn more on the Gitcoin Issue Details page.
makoto
commented
3 years ago Hi, Makoto from ENS team.
This is what I think you need to do to support "Verify with ENS" feature
Check if the Eth address tied into Gitcoin has ENS name reverse record setup as well as it matches with the forward lookup.
import ENS, { getEnsAddress } from '@ensdomains/ensjs'
const ensAddress = getEnsAddress('1')
const ens = new ENS({ provider, ensAddress })
// Reverse lookup
const { name:myName } = await ens.getName(gitcoinAddress)
// Forward lookup
const myAddress = await ens.name(myName).getAddress()
// Check if address matches.
return myAddress === gitcoinAddressIf the above returns true, treat as verified.
If not, show the following message.
Verify with ENS.
Assign ENS name to your Eth address as well as setup a reverse name lookup.
[Learn more](https://medium.com/whois0x/ens-setup-for-dummies-a-visual-step-by-step-e3382fe00545)You can read more about how our ensjs library works here https://medium.com/the-ethereum-name-service/releasing-ensjs-and-announcing-ens-integration-workshop-63ffad001446 and ask questions at our Integration workshop next week, or jus ping me on our discord https://discord.gg/AskZbFx
poapxyz
commented
3 years ago Hey there. POAP here 👋🏻 We are willing to help and support the team/individual looking to complete this bounty. For a successful submission we will be matching with additional 1000 DAI). If a candidate is willing to work on this and 2000 DAI sounds like too little incentive, we are open to hear what would be proper compensation.
POAP contracts run at the address 0x22C1f6050E56d2876009903609a2cC3fEf83B415 both on Ethereum Mainnet and xdai network. Very easy to query subgraphs are available here: https://thegraph.com/explorer/subgraph/poap-xyz/poap https://thegraph.com/explorer/subgraph/poap-xyz/poap-xdai
We also provide a http API, very clear documentation available here: https://development-dot-poapapp.appspot.com/documentation/static/index.html
The way the mechanism should work is: If the ethereum account logged in on Gitcoin holds a POAP NFT that has been sitting in that wallet for more than 15 days, it can be assumed that it's a unique human.
This mechanism is quite rudimentary and it can happen that: 1) Someone holds his POAP on a wallet different than the one using on Gitcoin (a "validate ownership" of an external account not tied to Gitcoin is a nice to have but not necessary in the scope of this integration) 2) Someone has prepared beforehand the round (more than fifteen days earlier) and shuffled the POAPs to many different accounts. This is a lot of work and very impractical, also very easy to spot programatically. I would mark it as a minor concern.
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 5000.0 DAI (5000.00 USD @ $1.0/DAI) has been submitted by:
deepsi43
commented
3 years ago Will be looking into the integration based on
Hi, Makoto from ENS team.
This is what I think you need to do to support "Verify with ENS" feature
Step 1
Check if the Eth address tied into Gitcoin has ENS name reverse record setup as well as it matches with the forward lookup.
import ENS, { getEnsAddress } from '@ensdomains/ensjs' const ensAddress = getEnsAddress('1') const ens = new ENS({ provider, ensAddress }) // Reverse lookup const { name:myName } = await ens.getName(gitcoinAddress) // Forward lookup const myAddress = await ens.name(myName).getAddress() // Check if address matches. return myAddress === gitcoinAddressStep 2
If the above returns true, treat as verified.
Step 3
If not, show the following message.
Verify with ENS. Assign ENS name to your Eth address as well as setup a reverse name lookup. [Learn more](https://medium.com/whois0x/ens-setup-for-dummies-a-visual-step-by-step-e3382fe00545)Ref
You can read more about how our ensjs library works here https://medium.com/the-ethereum-name-service/releasing-ensjs-and-announcing-ens-integration-workshop-63ffad001446 and ask questions at our Integration workshop next week, or jus ping me on our discord https://discord.gg/AskZbFx
Sure I would like to start working on ENS reverse lookup
deepsi43
commented
3 years ago I would also be looking into duniter integration
iRhonin
commented
3 years ago Hey there. POAP here 👋🏻 We are willing to help and support the team/individual looking to complete this bounty. For a successful submission we will be matching with additional 1000 DAI). If a candidate is willing to work on this and 2000 DAI sounds like too little incentive, we are open to hear what would be proper compensation.
POAP contracts run at the address 0x22C1f6050E56d2876009903609a2cC3fEf83B415 both on Ethereum Mainnet and xdai network. Very easy to query subgraphs are available here: https://thegraph.com/explorer/subgraph/poap-xyz/poap https://thegraph.com/explorer/subgraph/poap-xyz/poap-xdai
We also provide a http API, very clear documentation available here: https://development-dot-poapapp.appspot.com/documentation/static/index.html
The way the mechanism should work is: If the ethereum account logged in on Gitcoin holds a POAP NFT that has been sitting in that wallet for more than 15 days, it can be assumed that it's a unique human.
This mechanism is quite rudimentary and it can happen that:
- Someone holds his POAP on a wallet different than the one using on Gitcoin (a "validate ownership" of an external account not tied to Gitcoin is a nice to have but not necessary in the scope of this integration)
- Someone has prepared beforehand the round (more than fifteen days earlier) and shuffled the POAPs to many different accounts. This is a lot of work and very impractical, also very easy to spot programatically. I would mark it as a minor concern.
Hi POAP,
I like to start this task but the bounty on Gitcoin has a limitation of one person per bounty,
I already implemented the google verification,
so I need @owocki verification to start this.
zoek1
commented
3 years ago @poapxyz thanks for the advice, I don't have any stopper so I'm starting to work on this 😀
gitcoinbot
commented
3 years ago Issue Status: 1. Open 2. Started 3. Submitted 4. Done
Work for 5000.0 DAI (5000.00 USD @ $1.0/DAI) has been submitted by:
@owocki please take a look at the submitted work:
hhio618
commented
3 years ago Hey, @poapxyz many thanks for your comment. It helped a lot while I was implementing this feature :) Would it be possible to send me some testnet POAP badges for further testing? If possible my wallet address is as following: My wallet address: 0x68581B09B9F815AD0A37477F340e7E211030C899 Another question: do we need to save any POAP badges in user profiles?
developerfred
commented
3 years ago https://github.com/gitcoinco/web/pull/7844
https://forum.duniter.org/t/integration-trust-bonus-gitcoin/7677
Currently the only metrics I have to validate a human address are the 5 certificates that can be consumed by the wallet, my implementation is like this Trust Bonus tab -> Click VerifyDuniter certificates we consider you to be a legitimate user, these certificates expire in one year, we can do in the background a new verification every year.**
owocki
commented
3 years ago @moonniy @deepsi43 r u still working on the ENS reverse look up?
moonniy
commented
3 years ago hi @owocki, yes i made progress but since the hackathon finished i thought this bounty expired so i didn't submit my work. Can i create the PR so you can review it? i think the work is finished and ready for review
makoto
commented
3 years ago @moonniy I am happy to review the ENS part
owocki
commented
3 years ago yes; happy to review it. thanks!
On Sat, Nov 21, 2020 at 5:27 AM Makoto Inoue notifications@github.com wrote:
@moonniy https://github.com/moonniy I am happy to review the ENS part
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/gitcoinco/skunkworks/issues/187#issuecomment-731572348, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAD5PCORVWZOQFQJJTVE7L3SQ6W3XANCNFSM4R6IQWTA .
--
@owocki http://www.twitter.com/owocki
gitcoin is live and has generated over $7.3mm for Open Source Software - see our results https://gitcoin.co/results
deepsi43
commented
3 years ago @moonniy @deepsi43 r u still working on the ENS reverse look up?
Yes I did have a little progress.Have been looking into implementing the verification of reverse ens of the account address.
zoek1
commented
3 years ago @owocki can i work on the facebook integration?
Elhamne
commented
3 years ago @owocki can i work on the facebook integration?
@zoek1 I'm still working on the facebook.
zoek1
commented
3 years ago Ok ok @Elhamne, as i didn't see a PR and the hackathon finished almost a month ago, I requested work on facebook integration. 🙂 I have some task to fix collections today but if you need it for the monday let me know @owocki
owocki
commented
3 years ago hey hey, im seeing multiple PRs flying around and it's very exciting. as your PRs are merged pls ping me and I can pay you out. thanks again everyone :)
hhio618
commented
3 years ago Hey @owocki, thanks for the payout!
hhio618
commented
3 years ago Hey there. POAP here 👋🏻 We are willing to help and support the team/individual looking to complete this bounty. For a successful submission we will be matching with additional 1000 DAI). If a candidate is willing to work on this and 2000 DAI sounds like too little incentive, we are open to hear what would be proper compensation.
POAP contracts run at the address 0x22C1f6050E56d2876009903609a2cC3fEf83B415 both on Ethereum Mainnet and xdai network. Very easy to query subgraphs are available here: https://thegraph.com/explorer/subgraph/poap-xyz/poap https://thegraph.com/explorer/subgraph/poap-xyz/poap-xdai
We also provide a http API, very clear documentation available here: https://development-dot-poapapp.appspot.com/documentation/static/index.html
The way the mechanism should work is: If the ethereum account logged in on Gitcoin holds a POAP NFT that has been sitting in that wallet for more than 15 days, it can be assumed that it's a unique human.
This mechanism is quite rudimentary and it can happen that:
1. Someone holds his POAP on a wallet different than the one using on Gitcoin (a "validate ownership" of an external account not tied to Gitcoin is a nice to have but not necessary in the scope of this integration) 2. Someone has prepared beforehand the round (more than fifteen days earlier) and shuffled the POAPs to many different accounts. This is a lot of work and very impractical, also very easy to spot programatically. I would mark it as a minor concern.
Hey @poapxyz. I've done the task! I'll be very glad for the bounty as you said :)
poapxyz
commented
3 years ago Please send me your ethereum address to Worthalter@POAP.xyz
owocki
commented
3 years ago i just left some comments on the various PRs. keen to get these fixed up + merged in before we deploy GR9 on monday of next week.
sybil resistence (the ability of an identity based system to prevent sock puppet accounts from signing up) is a key part of gitcoin grants & quadratic funding based systems.
we have a sybil resistence roadmap that looks as follows:
the scope of this bounty is to choose a sybil resistence mechanism off the roadmap, and
dashboard.models.Profileentitledis_SERVICENAME_verified(like the existing fieldsis_twitter_verified).identity_data_SERVICENAME.integrations i would like to see built:
please note which sybil resistence tool you'll be building in the 'start work' comments so that you do not work on the same identity system as someone else!
i will pay DAI for each integration (max one per person, one per integration) for up to a total of 5 integrations.