Skip to content

benschac/GateRepo

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits

components

components

 
 

pages

pages

 
 

prisma

prisma

 
 

public

public

 
 

styles

styles

 
 

.env.sample

.env.sample

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

auth.d.ts

auth.d.ts

 
 

next-env.d.ts

next-env.d.ts

 
 

next.config.js

next.config.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

GateRepo

About | Implementation | License

About

Simple implementation of ERC20 token-gating GitHub repositories.

Fueled by Mike's tweet.

Implementation

  1. Users login with GitHub OAuth, we store their access token to take actions on their behalf.
  2. Users can create new Gates for their repositories, specifying contract address, number of tokens needed, and number of invites to open. In the back-end, token name + decimals, and current latest block number is stored.
  3. Users can share links to Gates.
  4. Upon accessing a Gate invitation, users can sign-in with GitHub (again giving us their access token). Then, they connect their wallet and sign a message to verify ownership for our back-end.
  5. Finally, in /api/gates/access we run a multi-step process:
    1. Check that requesting user is authenticated
    2. Check that all parameters have been posted (address, signature, gated repo ID)
    3. Verify address ownership by matching address to signature
    4. Check if gated repo by ID exists
    5. Check if gated repo has available open invitations
    6. Check if address held necessary balance at block number
    7. Check if we have access token for requesting user
    8. Check if requesting user is not already a collaborator on private repo
    9. Check if we have access token for private repo owner
    10. Send invite from owner to requesting user to join private repo
    11. Accept invite from owner via requesting user to join private repo
    12. Increment number of used invites (decreasing available slots)

Build and run locally

# Collect repo
git clone https://github.com/anish-agnihotri/GateRepo
cd GateRepo

# Install dependencies
npm install

# Update environment variables
cp .env.sample .env
vim .env

# Run application
npm run dev

Limitations

  1. GitHub API has a rate-limit of sending a maximum of 50 invitations for a repository per 24 hour period.
  2. Application does not run a scheduled job to check continuing token ownership (to remove users who transfer their tokens). This is deferred to the user if desired functionality.
  3. Application currently only supports ERC20 tokens but is easily extensible to other token formats by updating the snapshot strategy in /pages/api/gates/access.ts.
  4. Allows a single address to verify token ownership on behalf of multiple GitHub users (not a one-to-one between GitHub users and addresses). Easily changeable should user require uniqueness by tracking address-to-gateId in database in /pages/api/gates/access.ts.
  5. GitHub OAuth scopes are fairly invasive (repo,read:user,user:email). If you are privacy-aware, I'd recommended running your own fork or migrating to an app-based system?

License

GNU Affero GPL v3.0

About

Token-gated repositories via GitHub API.

gaterepo.com

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 81.6%
  • SCSS 18.2%
  • JavaScript 0.2%