Status Open Bounty
Allows you to set bounties for GitHub issues, paid out in Ether or any ERC-20 token.
More information:https://wiki.status.im/Status_Open_Bounty
Live production version:https://openbounty.status.imThe master branch is automatically deployed here.
Live testnet (Ropsten) version:https://openbounty.status.im:444The develop branch is automatically deployed here.
Table of contents
Prerequisites
You will need Leiningen 2.0 or above installed. Also, make sure that you have wkhtmltoimage available in your PATH. On macOS, it can be installed via brew cask install wkhtmltopdf.
PostgreSQL
Install PostgreSQL, and set it up properly:
psql postgres -c "CREATE USER commiteth WITH PASSWORD 'commiteth';"
psql postgres -c "CREATE DATABASE commiteth;"
Application config
Create /config-dev.edn, and populate it correctly, according to env/dev/resources/config.edn. The config fields are described below:
| Key | Description |
|---|---|
| dev | Currently specifies whether Swagger UI endpoints should be added to routes |
| port | HTTP port for the Ring web app |
| dev-login | Local development only. Set it to the GitHub name of your dev user in order to log in to the system and to bypass OAuth. Following this, set server-address according to your localhost address. |
| nrepl-port | nREPL port for development |
| jdbc-database-url | PostgreSQL database URL; for instance, the URL to the local db would be jdbc:postgresql://localhost/commiteth?user=commiteth&password=commiteth |
| server-address | The URL and port of the local server that can be resolved from public internet. It will be used as a redirect URI during GitHub OAuth authorization process. |
| eth-account | Ethereum account ID for the bot. Make sure it has some test ether to cover the cost of gas for deploying contracts |
| eth-password | Ethereum account password for the bot |
| eth-rpc-url | RPC URL to the Ethereum node, e.g. Geth. Either local or remote |
| eth-wallet-file | Location of the wallet file. If Geth is run with the parameters specified below, it will reside under $HOME/.ropsten/keystore. |
| offline-signing | Specifies whether to sign transactions locally before sending. Default is true. Set to false when connecting to the local Geth node that unlocks accounts. |
| tokenreg-base-format | Should be set to :status |
| github-client-id | Related to OAuth. Copied from the GitHub account: Settings -> Developer settings -> OAuth Apps |
| github-client-secret | Related to OAuth. Copied from theGitHub account: Settings -> Developer settings -> OAuth Apps |
| github-user | GitHub username for a bot account. It is used for posting bounty comments. |
| github-password | GitHub password for a bot account. |
| webhook-secret | Secret string to be used when creating a GitHub App |
| user-whitelist | Set of GitHub user/org IDs to be whitelisted. E.g. #{"status-im" "your_org"} |
| testnet-token-data | Token data map; useful if there are Geth connectivity problems |
GitHub integration
Open Bounty uses both OAuth App and GitHub App integration.
OAuth App
Follow the steps here. Specify the value of :server-address as "Homepage URL", and :server-address + /callback as "Authorization callback URL". Be sure to copy the Client ID and Client Secret values in the config file.
GitHub App
Follow the steps here. Be sure to specify :server-address + /webhook-app as "Webhook URL", and :webhook-secret as "Webhook Secret".
Contracts
All information related to development of OpenBounty smart contracts can be found in contracts/.
Running
Ethereum node
There are two options for connecting to an Ethereum node: either run a local node with an unlocked account, or connect to a remote Geth node or Infura. We will be connecting to Ropsten, which is an Ethereum network used for testing.
Local
To launch a local geth node with the bot account unlocked, issue the following command:
#!/bin/bash
geth --fast --testnet --cache=1024 --datadir=$HOME/.ropsten --verbosity 4 --port 50100 --ipcpath ~/.ropsten/geth.ipc --rpc --rpcaddr 127.0.0.1 --rpcport 8545 --rpcapi db,eth,net,web3,personal --rpccorsdomain "https://wallet.ethereum.org" --unlock "0xYOUR_ADDR" --password <(echo "YOUR_PASSPHRASE")
Remote
Register at Infura. You will receive an email with the provider's URLs. Paste a URL for the Ropsten network into config.edn under the :eth-rpc-url key, and set :offline-signing to true.
CSS auto-compilation
Launch the following command in a separate shell:
lein less auto
Solidity compilation
Compile Solidity files into Java classes with:
cd contracts && ./build.sh
Clojure app without REPL
Launch the following commands, each in its own shell:
lein run
lein figwheel
Clojure app with REPL
You'll have to start a REPL on the backend and frontend.
lein repl
Now you can start a CLJS REPL:
(use 'figwheel-sidecar.repl-api)
(start-figwheel!)
(cljs-repl)
(Alternatively, if you use emacs and CIDER, you can run cider-jack-in. Details here)
Next, start the application from the clojure REPL with:
(reset)
Uberjar build
To create a standalone uberjar:
lein uberjar
This creates target/uberjar/commiteth.jar. You can run it with the following command from within the project's root:
java -Dconf=<path_to_config.edn> -jar target/uberjar/commiteth.jar
Testing
QA
Please refer to doc/testing.md.
Clojure tests
lein test
ClojureScript tests
lein with-profile test doo phantom test
Reagent component devcards
lein with-profile test figwheel devcards
Open http://localhost:3449/cards.html
CircleCI
We use CircleCI to run unit tests. For this to work, set the following env vars:
These env vars override the configuration parameters that are usually set using the
config.ednfile.
ETH_ACCOUNT- as inconfig.ednETH_PASSWORD- as inconfig.ednETH_RPC_URL- as inconfig.ednETH_WALLET_FILE- as inconfig.ednETH_WALLET_JSON- contents of this will be written toETH_WALLET_FILE
Update landing page
Landing page is static and different CSS and JS due to time constraints.
- Build CSS with Gulp (see
static_landing_page/README.md - Make changes and
./build-landing-page.sh
This copies the necessary artifacts over to the resources dir.
More info
Detailed information on code structure, troubleshooting, and more can be found here.
License
Licensed under the Affero General Public License v3.0
-
听说bug bounty 最近很流行 于是想在YouTube上找一些视频自学,记录一些学习笔记。 选择什么样的virtual hosting software VirtualBox 开始不错 但后面要花钱 VMware (60天免费) 扫描工具 为了防止被封IP 选择扫描工具是必须的, 尽量减慢扫描速度 Nmap (Network Mapper) is a network scanner crea
-
introduction Testing for vulnerabilities by manually entering input can be unmanageable. In these days and age where people have low levels of time and patience, the idea of manually providing inp
-
描述 (Description) 此函数使用指定的文件句柄打开文件。 文件句柄可以是表达式,结果值用作句柄。 如果没有指定文件名,则使用与所使用的文件句柄同名的变量(这应该是一个标量变量,其字符串值引用文件名)。 特殊文件名' - '表示STDIN,'> - '表示STDOUT。 语法 (Syntax) 以下是此函数的简单语法 - open FILEHANDLE, EXPR, LIST open
-
open(打开文件) 相关函数 read,write,fcntl,close,link,stat,umask,unlink,fopen 表头文件 #include<sys/types.h> #include<sys/stat.h> #include<fcntl.h> 定义函数 int open( const char * pathname, int flags); int open( const
-
open 打开文件 相关函数 read,write,fcntl,close,link,stat,umask,unlink,fopen 表头文件 #include<sys/types.h> #include<sys/stat.h> #include<fcntl.h> 定义函数 int open( const char *pathname, int flags); int open( const c
-
主要内容:open()是否需要缓冲区,open()文件对象常用的属性在Python 中,如果想要操作文件,首先需要创建或者打开指定的文件,并创建一个文件对象,而这些工作可以通过内置的 open() 函数实现。 open() 函数用于创建或打开指定文件,该函数的常用语法格式如下: file = open(file_name [, mode='r' [ , buffering=-1 [ , encoding = None ]]]) 此格式中,用 [] 括起来的部分为
-
因为智能合约往往涉及金钱,保证Soldity代码没有错误,以及足够的安全是非常根本的。Zeppelin Solutions,一个智能合约审查服务商,已经意识到相关的需求。建立在他们的合约审查经验之上,他们把一些最佳实践整理到了OpenZeppelin。
-
基于文件描述符的文件打开方式 函数原型 #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> int open(const char* pathname,int flags); int open(const char* pathname,int flags,mode_t mode); int creat(const char