-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Restrict assignment on lack of funds #264
Comments
I still think there is potential for encoding call data inside of the transaction for analytics and auditing purposes. This can probably be done on pay.ubq.fi claim transaction initializer in the UI code? |
Without forking the original permit2 contract or creating our own "proxy analytics" contract (which would save github's issue id, org and repo names and then would execute a payout) we can only pass a github issue id. But we also need org and repo names for analytics. |
So there isn't a way to encode an arbitrary string inside of the calldata? For example, when people send messages to each other on chain they commonly call transfer with an amount of 0 but then encode their plain English message in the transaction. I propose that we do the same and come up with a simple encoding method, like separating each field with a comma etc. |
pls check ubiquity/audit.ubq.fi#12 |
I propose we change this into a warning logged by the bot in a comment: e.g. The funding wallet currently does not have enough money to pay for this bounty. Treasurers should top up the funding source soon. If you would like to proceed with the bounty please comment and have bounty hunters override the warning (and assign themselves) with a new command. This will allow more optimistic bounty hunters to have their expectations managed and continue pushing the project forward preventing unnecessary slowdowns. |
So for a bounty hunter the flow is the following:
|
@rndquu that flow appears to be correct according to my proposal. |
Depends on #262
We should restrict an issue assignment if there are not enough funds to cover a bounty payout.
When a bounty hunter posts
/assign
the bot should:bounty payout >= wallet balance - sum of payouts of opened assigned issues
Notice that we are being optimistic here in terms that we don't cover this edge case because it is tricky and resource intensive to match an issue with an ethereum payout transaction:
So internally we consider all closed issues as paid out for simplicity. We have plans for a "function as a service" for matching issues with ethereum transactions. When this "function as a service" is implemented we can update the restriction logic to be more accurate.
The text was updated successfully, but these errors were encountered: