search

ubiquity / ubiquibot

Putting the 'A' in 'DAO'
https://github.com/marketplace/ubiquibot
MIT License
17 stars 60 forks source link

Payments Initial Setup Automation #143

Open 0x4007 opened 1 year ago

0x4007 commented 1 year ago

The current manual steps are in the initial setup. It would be great to automate:

Iteration 1 - Currently (Manual)

  1. Deposit ETH into the bot signing key's wallet address.
  2. Call approve on payment token contract address for Permit2 spender from this new wallet.

I wish we could use a relayer to handle 2. That way it would be very clean from a new partner setup perspective. All they would need to do is deposit the spending token (e.g. DAI) in the new wallet, and then generate a signature to authorize the approve call and pass it along to a relayer.

Iteration 2 - Next (Automated)

  1. Bot generates a private key
  2. Bot updates the repository secret with its private key
  3. Bot requests for a top-up of the wallet in DAI or whatever
  4. After the bot is topped up, it gets a relayer to call approve on DAI for permit2 spender
  5. Bot is initialized.
hashedMae commented 1 year ago

A couple of clarifications.

Is a new Private Key being generated only once? Or is a new one generated for each issue or bounty hunter?

How is the top-up request being presented? Is it generating a transaction to be signed or is it more of a message to an admin?

DAI doesn't contain an allow function, are you referring to the permit pattern which is signature based? Who or what are the relayer and permit2?

0x4007 commented 1 year ago

Is a new Private Key being generated only once? Or is a new one generated for each issue or bounty hunter?

The current vision is to have a new private key generated PER instance of the bounty-bot. So only a one time setup per partner.

How is the top-up request being presented? Is it generating a transaction to be signed or is it more of a message to an admin?

In the future vision I anticipate we'll be using Gnosis Multisigs. The bot can have an individual signing key and queue a top-up transaction. Code maintainers can get push notifications conveniently for this on the Safe iOS app (not sure if they have an android app, but I use the iOS app all the time, and its great.)

DAI doesn't contain an allow function, are you referring to the permit pattern which is signature based?

Sorry! I meant approve

Who or what are the relayer and permit2?

We're currently using Permit2 which is a separate contract created by the Uniswap team. More information on that is available here https://dao.ubq.fi/ubiquibot-setup.

hashedMae commented 1 year ago

I can get this done within the week.

0x4007 commented 1 year ago

There is a new slash command (assign) that will tell the bot to assign you now even without maintainer capabilities fyi!

0xcodercrane commented 1 year ago

Lol. would you please use the /assign command to get assigned since the next time?

image

hashedMae commented 1 year ago

Can do

On Tue, Mar 7, 2023 at 7:27 PM, 0xCodercrane @.***> wrote:

Lol. would you please use the /assign command to get assigned since the next time?

image

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were assigned.Message ID: @.***>

0x4007 commented 1 year ago

@0xcodercrane why didn't the bot follow up on this issue?

devpanther commented 1 year ago

assign

I think he did not use the /assign feature.. probably some other implementation at the time of this bounty