Nonce must encode issue ID.

[0x4007]

I am not sure how our permits are working now as they only encode the user ID.

• Nonce must be unique for every permit.
  • Obviously a user's ID does not change between permits.
• Every permit should be associated with an issue.
• Each issue ID is globally unique, so we should encode that along with the user ID. This will guarantee that each user can only get paid once per issue.

Hey @whilefoo it looks like we are only using the user id which doesn't seem right to me. I thought that we at least encode the issue ID?

https://github.com/ubiquibot/comment-incentives/blob/7b88ed93321d902cf6e7f41cc839ccf105dedbdf/src/handlers/issue/generate-permit-2-signature.ts#L50

I'm not sure what's going on here or how this even possibly works but we should be able to encode just the issue ID because it is globally unique on GitHub (not the issue number.)

    nonce: BigNumber.from(keccak256(toUtf8Bytes(`${username}-${issueId}`))),

_Originally posted by @pavlovcik in https://github.com/ubiquibot/comment-incentives/pull/4#discussion_r1469377654_

[ubiquibot[bot]]

@wannacfuture the deadline is at 2024-01-29T12:34:58.559Z

[0x4007]

@whilefoo you might be able to handle this one quickly since you just finished a similar task. Feel free to take it over.

[whilefoo]

I think this is exactly what I fixed in #12

[ubiquibot[bot]]

# Issue was not closed as completed. Skipping.