GitHub bot and API server for Gitbank. Handles webhook events, parses natural-language commands, and submits transactions to the vault contracts on Base L2.
api-server/ Express 5 API server + GitHub bot webhook handler
db/ PostgreSQL schema (Drizzle ORM)
api-spec/ OpenAPI 3.1 spec (source of truth for API contract)
api-zod/ Generated Zod schemas from OpenAPI spec
scripts/ Utility scripts
- User mentions
@gitbankbotin a GitHub Issue or PR comment - GitHub sends a webhook to
POST /api/webhook - Server verifies HMAC signature
- Claude Haiku parses the natural-language command into structured intent
- Relayer builds and submits the transaction using the user's encrypted execution keypair
- Bot replies to the thread with a plain-English receipt
- Node.js 20+
- pnpm 10+
- PostgreSQL 15+
pnpm installDATABASE_URL= # postgresql://...
SESSION_SECRET= # random 64-char hex
ENCRYPTION_MASTER_KEY= # random 64-char hex (AES-256-GCM master key)
GITHUB_APP_ID=
GITHUB_APP_PEM= # full PEM with newlines
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GITHUB_WEBHOOK_SECRET=
BASE_SEPOLIA_RPC_URL=
BASE_MAINNET_RPC_URL=
BASE_NETWORK= # "mainnet" or leave empty for sepolia
GIT_VAULT_FACTORY_ADDRESS=
RELAYER_SIGNING_KEY= # 0x-prefixed private key for relayer ECDSA signing
ANTHROPIC_API_KEY=
ALLOWED_DOMAINS= # comma-separated allowed CORS origins# Push DB schema
pnpm --filter @workspace/db run push
# Start API server (port 8080 by default)
pnpm --filter @workspace/api-server run devAfter changing api-spec/openapi.yaml, regenerate Zod schemas and React Query hooks:
pnpm --filter @workspace/api-spec run codegen- Create a GitHub App with webhook URL pointing to
https://yourdomain.com/api/webhook - Enable
IssuesandPull requestsread/write permissions - Subscribe to
issue_commentandpull_request_review_commentevents - Generate and download a private key (PEM)
- Set
GITHUB_APP_ID,GITHUB_APP_PEM, andGITHUB_WEBHOOK_SECRET
See CONTRIBUTING.md.
MIT. See LICENSE.