Auto check-in

[makoto]

Prize Bounty

1st : $500 2nd: $200 3nd: $100

Challenge Description

Currently each admin has to manually check in each attendee which have multiple drawbacks.

• 1. Labor intensive making Kickback unsuitable for large event where check-in is not strict.
• 2. Prone to check-in error by organisers.
• 3. The decision is centralised and could lead the event organiser acts maliciously.

  Can you create a solution to allow attendees into self check-in via GPS, IOT device, “Bump” style peer 2 peer check in, or integrating with other protocols such as https://foam.space/ , http://poap.xyz/ , https://xyo.network/?

Submission Requirements

• Due to the fact that our server side is not open sourced, we accept application which lacks server side validation and checks as long as you can describe how to implement.
• We don't expect your solution to solve all of our problems. Please describe clearly which problems (1~3 or any other problems we haven't thought about) your submission is solving.
• Ideal submissions should have something working on website where backend is pointing to our Kovan endpoint.
• In case your change needs modification on server side or on smart contract, which is too difficult to deploy (or your solution uses some sort of hardware), then Youtube video to demonstrate is allowed.

Submission Deadline

23rd Jan 2020

Judging Criteria

• We prefer realistic approach which can be used in production system with minimum change in smart contract or on server side.
• Good documentation describing how to productionize is as good as the demo itself.
• We don't expect your submission to be able to integrate as is. If you write down detailed description of what else is missing and how much work is needed, it may lead to commissioning extra work.

Winner Announcement Date

31st Jan 2020

---

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

This issue now has a funding of 500.0 DAI (500.0 USD @ $1.0/DAI) attached to it.

• If you would like to work on this issue you can 'start work' on the Gitcoin Issue Details page.
  • Want to chip in? Add your own contribution here.
  • Questions? Checkout Gitcoin Help or the Gitcoin Slack
  • $102,236.80 more funded OSS Work available on the Gitcoin Issue Explorer

[makoto]

If you have any questions please either ask here or via discord channel. https://discord.gg/B5ZZUZ

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

Work has been started.

These users each claimed they can complete the work by 2 years, 1 month ago. Please review their action plans below:

1) hammadtq has started work.

I have some ideas on how this can work, also have experience with FOAM, IoT and Bump style sign-ups. Will figure out most optimum way to implement this. 2) nukemandan has started work.

IPFS and Ethereum used to lock an image wit metadata baked into the JPEG file about the location/event and the location it was taken. A Content Identifier (CID) is generated that is a hash of the image w/ metadata that is then locked into a blockchain by the same account as the one associated with a kickback stake. Thus the user also signs a proof that they are the one that took this image and when specifically as proof they should get their kickback stake without the need for any other checkin. In the event of a dispute, this can be used as evidence to reference. 3) crisgarner has started work.

I plan to implement a small frontend to test auto check-in that could be easily integrated with the main project 4) snaketh4x0r has started work.

I have worked on a prototype which just requires only a PC/laptop to setup and possibly can be expanded to require only mobile currently there is no front end and will require to make it as one click deployment solution without any technical knowledge event organizers will only have to download a electron app from kickback website and press a single button to create forms,deploy the server on local network and send emails/alerts. 5) tomafrench has started work.

MVP:

1. Modification of server code to handle verification of updated proof of attendance format.
2. Addition of backend endpoint to store verified proofs.
3. Update frontend admin panel to load attendance proofs for submission.
4. Update frontend admin panel to add QR generator for distributing signer ip address.

Polish:

1. Modification of signer to push signer's local ip address to Kickback backend.
2. Update frontend to add "check in" button pointing at signer.

Learn more on the Gitcoin Issue Details page.

[nuke-web3]

Rethink:

After further thinking about this, I think the real value will be in starting with a way to scan a time cycling code that we can use to have attendees scan.

Work on my end will include:

Event Check-in App

• An app to generate a QR code to scan at the event itself. Thus all organizers need to do is open a webapp/install one on a device to display this code at the event - no further action needed by them.
  • This could be integrated into kickback itself, but as a stand alone application makes more sense in my mind.
  • The UI will look very much like an authenticator app - A simple single page with a countdown spinner, and a QR displayed with the name of the event, and possibly customizable theming of the page. Example of rough idea for UI: https://otplib.yeojz.dev/ (Note that this not the correct components to include, but the look is correct.)

Kickback Check-in Extention

• A QR code scanner to read a TOTP code from the checkin app and then verify with the kickback servers that it is valid in a tight window ( something on the lines of 5 seconds to make it difficult for someone sending the code to another off site to check-in without being at the station itself {someone sharing a live video of this would defeat this security model... :thinking: but a start})

• If validated, the the user is checked-in, for review by the organizers after the event, or optionally automatically trusted and kickback would auto issue stake & kickback out to attendees.

Work I need support from Kickback on:

Kickback Backend Service

I will need Kickback (@makoto ) to update the backend of kickback to implemented the generation of a TOTP secret for each event.

• The TOPT Seceret will be generated by/for the organizer to be used in the checkin-app.
• The codes generated will be scanned by the proposed kickback extention and then reported to the backend to check-in
  • So we will need this code check functionality added as well (An API?)

There are options for this: https://awesomeopensource.com/projects/two-factor-authentication

One of the most common that i would suggest: https://github.com/yeojz/otplib

[makoto]

Hi @NukeManDan . Thank you for the suggestions. For the scope of this hackathon you can create a simple api server which offers TOTP service and update the checked in info in your database. Then from the admin page, admin can pull the check in info and call MARK_USER_ATTENDED.

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

Work for 500.0 DAI (500.0 USD @ $1.0/DAI) has been submitted by:

1. @hammadtq
2. @hammadtq
3. @nukemandan
4. @snaketh4x0r
5. @crisgarner
6. @crisgarner
7. @tomafrench

@vs77bb please take a look at the submitted work:

• PR by @TomAFrench
• PR by @crisgarner
• PR by @crisgarner
• PR by @snaketh4x0r
• PR by @NukeManDan
• PR by @hammadtq
• PR by @hammadtq

---

• Learn more on the Gitcoin Issue Details page
• Want to chip in? Add your own contribution here.
• Questions? Checkout Gitcoin Help or the Gitcoin Slack
• $73,128.09 more funded OSS Work available on the Gitcoin Issue Explorer

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

This issue now has a funding of 300.0 DAI (300.0 USD @ $1.0/DAI) attached to it as part of the EthereumFoundationOfficial fund.

• If you would like to work on this issue you can 'start work' on the Gitcoin Issue Details page.
  • Want to chip in? Add your own contribution here.
  • Questions? Checkout Gitcoin Help or the Gitcoin Slack
  • $68,347.14 more funded OSS Work available on the Gitcoin Issue Explorer

[gitcoinbot]

Issue Status: 1. Open 2. Cancelled

---

The funding of 300.0 DAI (300.0 USD @ $1.0/DAI) attached to this issue has been cancelled by the bounty submitter

• Questions? Checkout Gitcoin Help or the Gitcoin Slack
• $74,011.26 more funded OSS Work available on the Gitcoin Issue Explorer

[snaketh4x0r]

here is my submission https://github.com/snaketh4x0r/mycheckin

[TomAFrench]

I wouldn't mind having a go at a bounty for this at some point after the hackathon as it seems like an interesting issue.

It seems like POAP could be quite easily altered to work for this purpose although it would require changes to the smart contracts as well (Actually this isn't needed but would massively decrease the complexity on the organiser's end). My only concern is situations with AP isolation might cause issues with attendees being able to connect to the signer.

[TomAFrench]

I have a proof of concept which I've knocked together, all that needs to be done is to point it at Kickback's backend and add some method to store the proofs (Just need to dump it in a database somewhere).

At that point you can just print out a list of addresses (along with the proofs) to give to the event admin for them to finalise with. In future the contract could be altered so that attendees can use the proof directly to mark themselves as present onchain (but there's increased cost associated with that).

[crisgarner]

Putting my submission here since it seems there is a bug on the frontend. https://github.com/crisgarner/autocheckin

[makoto]

@TomAFrench Can you submit what you have right now?

all that needs to be done is to point it at Kickback's backend and add some method to store the proofs you can build a simple dummy backend for the demo purpose (like https://github.com/hammadtq/kickback-checkin )

[TomAFrench]

Erm, it's really rough and I'm afraid I don't have time at the minute to make the necessary modifications to do the verification of proofs.

I can do a small write up of the check in process (and my plans for completion) if you like but I won't be able to give a working demo just yet.

[TomAFrench]

I've done a small write up on the check in process here where you can also see the code. I'm happy to answer any questions.

[TomAFrench]

@makoto I've had a bit of free time so I've thrown together an implementation of signing/verifying proofs of attendance

You can see them in:

poap-signer.ts and verify_proof.ts for the signer

routes.ts and verify_proof.ts for the server

It needs a bunch more work (atm it doesn't verify addresses against the contract but I've commented in the extra steps needed) but it should give a good idea of the finished product along with the writeup

[makoto]

Hey @TomAFrench can you join our discord https://discord.gg/RD2ZN5 so that I can ask a couple of questions?

[makoto]

Results!

1st prize (500 DAI) goes to @crisgarner for staking POAP (Proof of Attendance) token.

He created his own smart contract (AutoCheckIn.sol) which allows attendees to stake for a certain period to prevent people from transferring to others to double spend. The ability to temporarily freeze the token transfer allows Kickback admin to check-in people in real-time.

One question remains whether we should force people to make 3 additional mainnet transactions (approve, stake, and withdraw) for auto check-in purposes.

Nonetheless, it was the most complete submission among all. Congratulations!

2nd prize (200 DAI) goes to @TomAFrench for the forked version of POAP + signer.

His submission was a bit scattered around but he gave us a well thought out logic to see how feasible to use Wifi as a check-in mechanism as a whole.

3rd prize (100 DAI) goes to @NukeManDan for using TOTP

Despite his solution was incomplete, his idea of using TOTP(Time-based One-Time Password) was something I didn't think about so it gave us a good inspiration. Even though TOTP does not prevent 100% of malicious attempt, it is a pragmatic approach which could work in a variety of conditions without needing for local WIFI. This could be a useful solution for outdoor events where you cannot rely on Wifi.

[TomAFrench]

Thanks @makoto!

One issue I see with @crisgarner's solution is that it just turns the check in problem into a token distribution problem. Seems like we could just read the events emitted by POAP during distribution anyway.

Just to make a record of the thoughts on discord...

Short term:

QR codes are the only reliable method of users receiving information locally at the venue. The issue then is how to generate these QRs in a simple way and easily feed check ins back to Kickback's api. One option could to encode a "check in" message signed by an event admin which users sign and upload to kickback. Should signatures both correspond to the correct roles in the event then the user is checked in.

This would require a new endpoint on the api to handle the new format of check in proof.

For extra security TOTP through timestamping could be added.

Long term:

FOAM gives a cast iron proof of attendance however it relies on network coverage at the location and sufficient market penetration of phones which can connect to LPWAN (Will this occur?). It also will require attendees to own FOAM tokens in order to check in, although its possible that this could be abstracted.

[nuke-web3]

Thank you for the honor - I hope to come back to make a stand-alone TOTP check-in set of apps: react app w/ user facing & organizer facing components, and a backend w/ GraphQL . If and when I do, I will report back here! Very happy to collaborate on one as well when that time comes (maybe @TomAFrench ? :grin: )

[TomAFrench]

Am I right in thinking we need to ping @vs77bb to mark this as completed?

@NukeManDan, Having a standalone app for generating signed qrcodes of arbitrary data and a server for authentication of them which projects can easily drop in and integrate into existing infrastructure does strike me as useful as it avoids replication of effort. (Not sure how much of this exists in the right form today)

I don't think I'll have much time to work on blockchain stuff in the near future due to other commitments but I can check in in future. The server in my submission could probably be a good starting point, with you just needing to set up the react apps to get it running.

[crisgarner]

Great news! I just read this.

@TomAFrench token distribution isn't really an issue. I have organized a few meetups and handled POAP tokens, POAP has some nice stickers with unique QR code per token which attendees scan to claim. 3 transactions for a check-in might be an issue. I'm sure it can be reduced to two and with meta-transactions UX can be improved. Using event logs is a good idea worth exploring.

[makoto]

I just pinged Gitcoin team for the payment.

[makoto]

just pinged again.

[gitcoinbot]

⚡️ A tip worth 500.00000 DAI (500.0 USD @ $1.0/DAI) has been granted to @crisgarner for this issue from @vs77bb. ⚡️

Nice work @crisgarner! Your tip has automatically been deposited in the ETH address we have on file.

• $87526.02 in Funded OSS Work Available at: https://gitcoin.co/explorer
• Incentivize contributions to your repo: Send a Tip or Fund a PR
• No Email? Get help on the Gitcoin Slack

[gitcoinbot]

⚡️ A tip worth 200.00000 DAI (200.0 USD @ $1.0/DAI) has been granted to @tomafrench for this issue from @vs77bb. ⚡️

Nice work @tomafrench! Your tip has automatically been deposited in the ETH address we have on file.

• $87026.02 in Funded OSS Work Available at: https://gitcoin.co/explorer
• Incentivize contributions to your repo: Send a Tip or Fund a PR
• No Email? Get help on the Gitcoin Slack

[gitcoinbot]

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

---

This Bounty has been completed.

Additional Tips for this Bounty:

• vs77bb tipped 200.0000 DAI worth 200.0 USD to tomafrench.
• vs77bb tipped 500.0000 DAI worth 500.0 USD to crisgarner.

---

• Learn more on the Gitcoin Issue Details page
• Questions? Checkout Gitcoin Help or the Gitcoin Slack
• $87,026.02 more funded OSS Work available on the Gitcoin Issue Explorer

[gitcoinbot]

⚡️ A tip worth 100.00000 DAI (100.0 USD @ $1.0/DAI) has been granted to @nukemandan for this issue from @vs77bb. ⚡️

Nice work @nukemandan! Your tip has automatically been deposited in the ETH address we have on file.

• $87026.02 in Funded OSS Work Available at: https://gitcoin.co/explorer
• Incentivize contributions to your repo: Send a Tip or Fund a PR
• No Email? Get help on the Gitcoin Slack

[vs77bb]

Just paid out @NukeManDan @TomAFrench @crisgarner -- sorry for the delay all, thanks to each of you for participating in this challenge. Some really great progress in a short period. I'm personally really excited to see this in Kickback!