GithubHelp home page GithubHelp logo

crypto-bug-hunters / bug-less Goto Github PK

View Code? Open in Web Editor NEW
7.0 6.0 5.0 1.55 MB

🪲 Bugless, a bug bounty platform powered by Cartesi Rollups

License: Apache License 2.0

Dockerfile 4.82% Go 16.60% Shell 7.70% Lua 20.44% Makefile 4.84% TypeScript 45.53% JavaScript 0.06%
bug-bounty cartesi dapp evm web3

bug-less's Introduction

Bugless

Bug bounty programs allow developers to discover vulnerabilities in their applications by rewarding hackers that finds them. They are mostly held in the Web2 space, and, thus, rarely provide any form of payment guarantee to whitehats. As a result, developers are able to unfairly underpay whitehats, or even refuse to pay them.

To solve this issue, we have developed Bugless—a trustless bug bounty platform powered by Cartesi Rollups. Running inside a deterministic RISC-V machine that boots Linux, Bugless accepts applications written in any major programming language1. Through a friendly web interface, anyone can submit applications, and sponsor them with Ether to incentivize hackers! All major wallets are supported2. Meanwhile, hackers can test their exploits right on the browser, without even having to sign Web3 transactions! Once the hacker finds a valid exploit, they can finally send a transaction requesting the reward to be transferred to their account. If, however, no one is able to submit a valid exploit until a certain deadline, the sponsors may request a refund.

Dependencies

For your purposes, not all dependencies may be required. To help you figure out which dependencies you actually need, here is a table of dependencies for each part of the code base.

Dependency Version Presentation Back-end Examples Tests Populate CLI Front-end
docker 26.1 ☑️ ☑️ ☑️ ☑️
go 1.21.1 ☑️ ☑️
jq 1.6 ☑️
pnpm 8.15.6 ☑️
cartesi 0.14.0 ☑️ ☑️

Presentation

For more info about the project, check out the slides. To build the slides, run the following command:

make slides

Back-end

Building the machine image

cartesi build

Running the Cartesi Node

cartesi run

Building bounties

Before testing, you need to compile bounties binaries.

make bounties

The following bounties will be compiled and can be used for testing:

./tests/bounties/busybox-bounty/busybox-1.36.1-bounty_riscv64.tar.xz
./tests/bounties/lua-bounty/lua-5.4.3-bounty_riscv64.tar.xz
./tests/bounties/lua-bounty/lua-5.4.6-bounty_riscv64.tar.xz
./tests/bounties/sqlite-bounty/sqlite-3.32.2-bounty_riscv64.tar.xz
./tests/bounties/sqlite-bounty/sqlite-3.43.2-bounty_riscv64.tar.xz

Along with following exploits:

./tests/bounties/busybox-bounty/exploit-busybox-1.36.1.sh
./tests/bounties/lua-bounty/exploit-lua-5.4.3.lua
./tests/bounties/sqlite-bounty/exploit-sqlite-3.32.2.sql

Tests

Before running tests, make sure you built the image and bounties, you can build them with make all.

make test

CLI

To interact with the contract, you may use the Bugless CLI. For all the options, run the command below.

go run ./cli help

Showing the current state

go run ./cli state

Sending dapp address

go run ./cli send dapp-address

Sending bounty

go run ./cli send bounty \
    -n "Lua Bounty" \
    -d "Description of Lua bounty" \
    -c ./tests/bounties/lua-bounty/lua-5.4.3-bounty_riscv64.tar.xz

Sending sponsor

go run ./cli send sponsor -b 0 -n "Sponsor Name" -v 0.05

Sending exploit

go run ./cli send exploit \
    -b 0 \
    -n "Hacker Name" \
    -e ./tests/bounties/lua-bounty/exploit-lua-5.4.3.lua

Withdraw bounty

go run ./cli send withdraw -b 0

Testing exploit

go run ./cli test \
    -b 0 \
    -e ./tests/bounties/lua-bounty/exploit-lua-5.4.3.lua

Populating DApp

Run the following command to fill up the DApp with test data.

make populate

Front-end

To run the frontend, execute the commands below.

cd frontend
pnpm i
pnpm dev

Open http://localhost:3000 in your browser.

Future Work

The initial version of this project was developed in one week for the ETHOnline 2023 hackathon. During this one week, we had to design and implement a project from scratch. With this very tight schedule, some of the features were left out for later implementation. Below are some of those features.

  • Support ENS
  • Support other types of assets (ERC-20, ERC-721, and ERC-1155)
  • Support syntax highlight on code blocks
  • Add optional one-time setup phase for applications
  • Add option to download bounty bundle
  • Sandbox applications with Hypervisor

Debugging

When running Bugless locally, you might want to perform some operations that would otherwise be impossible in a production environment. To this end, we advise you to install the Foundry toolkit.

Time travel

When testing sponsor withdrawals, it's handy to be able to instantly advance time past the expiry date of some bounty. The following command advances time in 30 days, expressed in seconds.

cast rpc evm_increaseTime $((60*60*24*30))

Funding a wallet

In order to publish transactions, you need some Ether. The following command sets the balance of address 0xf39Fd...92266 to 1 Ether, expressed in Wei.

cast rpc anvil_setBalance 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 $(cast to-wei 1 ether)

Footnotes

  1. Some notable examples of programming languages that can run inside Bugless are C, C++, Python, Lua, JavaScript, and Rust.

  2. Bugless supports +300 wallets, such as WalletConnect, MetaMask, Trust Wallet, and Coinbase.

bug-less's People

Contributors

guidanoli avatar gligneul avatar edubart avatar fmoura avatar claudioantonio avatar endersonmaia avatar zzzzhui avatar

Stargazers

avatar Fabio Issamu Oshiro avatar glockchain avatar Bruno Ochotorena avatar avatar avatar Felipe Argento avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

masiedu4 henriquemarlon claudioantonio charchitkumawat04 endersonmaia

bug-less's Issues

Missing `pnpm codegen` step in readme

I was trying to run the frontend, then I got the error:

Import trace for requested module:
./src/app/page.tsx
 ⨯ ./src/model/reader.ts:2:0
Module not found: Can't resolve './__generated__/gql'
  1 | import { useQuery } from "@apollo/client";
> 2 | import { gql } from "./__generated__/gql";
  3 | import { CompletionStatus } from "./__generated__/graphql";
  4 | import { BugLessState, AppBounty, SendExploit, Voucher } from "./state";

The command pnpm codegen should fix this, but readme says nothing about this.

Redesign the frontend to not rely on dynamic routes so it can be hosted as a static website

edubart — Today at 10:37 AM
I think the dapp could be reworked to not need dynamic requests so its frontend can be hosted as a static website. I don't see the need to recompile frontend on every new bounty, just update the bounty list using GraphQL after every submission in the frontend, the whole dapp frontend could be a SPA (single page application).

https://discord.com/channels/600597137524391947/1166042819782258788/1212755480280174652

For more info about dynamic routes on NextJS, check: https://nextjs.org/docs/app/building-your-application/routing/dynamic-routes

Add a Hero page

Instead of creating a website for Bugless, a good enough solution to continue moving forward and don't spend energy with it yet would be to add a Hero page where the user could have some brief description, a link for the README file and also did not face directly the list of bounties, which in a first moment will be kind of empty (with only the solidity compiler bounty).

One proposal for the hero page is presented below. The "Explore Bounties" button will direct users to the list of existing bounties and the "Learn More" link will move users to the README file on the github repo. The text in the image is only a suggestion and can changed at will.
image

Use "Bugless" instead of "BugLess" or "bug-less"

It's good to keep the name of the application consistent throughout our codebase.
For back-end and cloud code, I won't bother, because it might create unnecessary friction.
So, let's at least use "Bugless" for front-end and documentation.

Error in bounty info page when the bounty has a sponsor

Tested with Google chrome on Windows 11

Steps:
With a connected account and with the console tab of google chrome dev tools opened:

  1. Create a bounty
  2. Go to the main page
  3. Click in the recently created bounty for details.
    Expected to see no error in the console tab
  4. Click sponsor button
  5. Send some ETH
  6. Go to the main page
  7. Click in the recently created bounty for details.
    When the page loads,the following error will be presented in the console tab:
Warning: validateDOMNesting(...): <div> cannot appear as a descendant of <p>.
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Badge/Badge.mjs:80:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Group/Group.mjs:75:104)
    at p
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Text/Text.mjs:82:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Stack/Stack.mjs:67:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Group/Group.mjs:75:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Stack/Stack.mjs:67:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Paper/Paper.mjs:62:104)
    at Provider (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/utils/create-safe-context/create-safe-context.mjs:18:23)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Card/Card.mjs:62:104)
    at ProfileCard (webpack-internal:///(app-pages-browser)/./src/components/profileCard.tsx:47:11)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Stack/Stack.mjs:67:104)
    at ParticipantsBox (webpack-internal:///(app-pages-browser)/./src/app/bounty/[bountyId]/page.tsx:255:11)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Stack/Stack.mjs:67:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/Center/Center.mjs:49:104)
    at BountyInfoPage (webpack-internal:///(app-pages-browser)/./src/app/bounty/[bountyId]/page.tsx:299:19)
    at StaticGenerationSearchParamsBailoutProvider (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/static-generation-searchparams-bailout-provider.js:15:11)
    at InnerLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:241:11)
    at RedirectErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:72:9)
    at RedirectBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:80:11)
    at NotFoundBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:62:11)
    at LoadingBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:338:11)
    at ErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/error-boundary.js:110:11)
    at InnerScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:152:9)
    at ScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:227:11)
    at RenderFromTemplateContext (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/render-from-template-context.js:15:44)
    at OuterLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:348:11)
    at InnerLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:241:11)
    at RedirectErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:72:9)
    at RedirectBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:80:11)
    at NotFoundBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:62:11)
    at LoadingBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:338:11)
    at ErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/error-boundary.js:110:11)
    at InnerScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:152:9)
    at ScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:227:11)
    at RenderFromTemplateContext (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/render-from-template-context.js:15:44)
    at OuterLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:348:11)
    at InnerLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:241:11)
    at RedirectErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:72:9)
    at RedirectBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:80:11)
    at NotFoundErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:54:9)
    at NotFoundBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:62:11)
    at LoadingBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:338:11)
    at ErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/error-boundary.js:110:11)
    at InnerScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:152:9)
    at ScrollAndFocusHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:227:11)
    at RenderFromTemplateContext (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/render-from-template-context.js:15:44)
    at OuterLayoutRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/layout-router.js:348:11)
    at main
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/AppShell/AppShellMain/AppShellMain.mjs:49:104)
    at div
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/Box/Box.mjs:62:7)
    at Provider (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/utils/create-safe-context/create-safe-context.mjs:18:23)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/components/AppShell/AppShell.mjs:88:104)
    at Shell (webpack-internal:///(app-pages-browser)/./src/app/shell.tsx:12:11)
    at QueryClientProvider (webpack-internal:///(app-pages-browser)/./node_modules/@tanstack/react-query/build/lib/QueryClientProvider.mjs:48:3)
    at WagmiConfig (webpack-internal:///(app-pages-browser)/./node_modules/wagmi/dist/index.js:135:3)
    at WalletProvider (webpack-internal:///(app-pages-browser)/./src/providers/walletProvider.tsx:50:11)
    at MantineThemeProvider (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/MantineProvider/MantineThemeProvider/MantineThemeProvider.mjs:28:3)
    at MantineProvider (webpack-internal:///(app-pages-browser)/./node_modules/@mantine/core/esm/core/MantineProvider/MantineProvider.mjs:27:3)
    at StyleProvider (webpack-internal:///(app-pages-browser)/./src/providers/styleProvider.tsx:15:19)
    at ApolloProvider (webpack-internal:///(app-pages-browser)/./node_modules/@apollo/client/react/context/ApolloProvider.js:14:21)
    at GraphQLProvider (webpack-internal:///(app-pages-browser)/./src/providers/graphqlProvider.tsx:13:11)
    at body
    at html
    at Layout (webpack-internal:///(app-pages-browser)/./src/app/layout.tsx:33:11)
    at RedirectErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:72:9)
    at RedirectBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/redirect-boundary.js:80:11)
    at NotFoundErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:54:9)
    at NotFoundBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/not-found-boundary.js:62:11)
    at DevRootNotFoundBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/dev-root-not-found-boundary.js:32:11)
    at ReactDevOverlay (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/react-dev-overlay/internal/ReactDevOverlay.js:66:9)
    at HotReload (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/react-dev-overlay/hot-reloader-client.js:294:11)
    at Router (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/app-router.js:157:11)
    at ErrorBoundaryHandler (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/error-boundary.js:82:9)
    at ErrorBoundary (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/error-boundary.js:110:11)
    at AppRouter (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/components/app-router.js:440:13)
    at ServerRoot (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/app-index.js:126:11)
    at RSCComponent
    at Root (webpack-internal:///(app-pages-browser)/./node_modules/next/dist/client/app-index.js:142:11)

Document how to fund your test account with Ether

When testing the application on a local network, you'll need Ether to publish transactions.
We should add a section on the README showing how you can fund your account to interact with the application.

Define cloud provider and create accounts (AWS, Azure, GCP, fly.io, ...)

fly.io

It's super easy to start, has decent dashboard for memory and logs and starts with $5/month.

If we can split the budget between the initial collaborators, it get less than a $1/month.

I already tested with early versions of sunodo and echo-* dapp, and it works.

AWS

Has a free tier for 12months for new accounts, we'd need to spin up an free-tier eligible AWS EC2 to run the node + free-tier eligible AWS RDS for PostgreSQL.

It requires little more work to start, but it's free for some time.

Migrate to `pnpm`

Here is some motivation.
The most prominent feature IMO is the content-addressable storage of packages and symlinks.
Doing a quick benchmark, pnpm takes 2.5s to install dependencies, while npm takes a whopping 14.8s on my machine.
Another nice feature is that pnpm forces the developer to be explicit about dependencies, since node_modules only contains direct dependencies listed in the package.json file.

Need to send dapp-address before withdrawal

The command to send dapp address is included in populate.sh.
However, if that populate script wasn't run beforehand, instead we add bounties and sponsors manually, then the command to send dapp-address may not be run. And the following withdrawal would fail. However, in browser, there's no indication of the failure or error message, similar as this issue .
In the newest onchain design, we would not need to send dapp address, because that is included in the input meta data.

Add feedback to Voucher execution

No feedback is given when executing a voucher. Neither a "transaction successful" is shown. An actual execution feedback is desired

Create better domain for public frontend and backend endpoint

Can we have a better domain?

I'm thinking in something like <chain-name>.bug-less.io.

For sepolia:

  • https://sepllia.bug-less.io for the frontend
  • https://sepllia.bug-less.io/graphql
  • https://sepllia.bug-less.io/inspect

The way we're deploying on fly.io requires us to have frontend and backend on different URLS, this could be solved somehow, but I won't get into these details here.

/cc @crypto-bug-hunters/core-developers comment?

Add support for big size bounties

Guilherme — Yesterday at 4:34 PM
Today I managed to compile the Solidity bounty down to a .tar.xz file, but unfortunately was not able to submit it to BugLess. I did some surgery on the front-end code go so that I could see what error that was being returned by wagmi, and it states that there was an HTTP request failure. Do note that this only happens when I try to submit the Solidity bounty. The Lua bounty, for example, works just fine. My theory is that, because the .tar.xz file is 3,6 MB big, the input is too large to be submitted to L1, in terms of gas costs. As comparison, the BusyBox bounty is around 30 KB, the Lua bounty is around 90 KB, and the SQLite bounty is around 300 KB. Maybe we should look for smaller programs?

Guilherme — Yesterday at 7:11 PM
Do not that this is not a limitation of BugLess, but a limitation of the base layer. If we could access other data sources, such as Espresso, then maybe it would be feasible to submit larger programs.

Cláudio — Yesterday at 7:53 PM
Hi Gui,
what if we submit the bounty in a multy-part compressed file to be reconstucted inside the Cartesi Machine?
We could do a experiment with artificial files of different sizes to know the maximum allowed size. Bounties bigger than this threshold should be compressed in multi-part mode.
We used this approach when processing images with OpenCV inside the cartesi machine. We splited the original image in smaller parts, submitted all parts and then reconstructed the original image inside the Cartesi Machine (cc. @marcus Souza ).
Maybe @carlo also addressed this limitation with cartridges size in Rives.
Cheers!

Marcus Souza — Yesterday at 8:06 PM
Hey 👏🏼 ,
Yes, in my case, I had to reconstruct the images, as Claudio mentioned. Seeing the above text:
As comparison, the BusyBox bounty is around 30 KB

This is the most similar to my case in terms of size, because i was working with very small images (100x100 pixels the biggest ones). So, the approach was to divide this in the frontend part and send the images as chunks in some transactions ( exploring the maximum size of a transaction payload, this size fits in 4 transactions). Technically, it is possible but it has some drawbacks.

If we could access other data sources, such as Espresso, then maybe it would be feasible to submit larger programs.

I think this can also improve the UX, since sending the transactions sequentially isn't that good in this aspect.

Maybe @carlo also addressed this limitation with cartridges size in Rives.

Probably Carlo's solution is smarter then mine for this, so it is good to take a look 😉

Carlo — Yesterday at 8:13 PM
Yeah, we do this for the upload of the games as well

Guilherme — Yesterday at 10:52 PM
Thanks for the input, guys! 🙏
Is there some openly available source code that I could take a look to take inspiration from?

edubart — Yesterday at 11:59 PM
The idea is simple, split the file in chunks, submit each chunk as inputs, reassemble them after all chunks are available. Although you have to consider what happens if not all chunks are submitted, and design in a way where you are sure chunks will not mix with others in case two bounties are being submitted at the same time.

edubart — Today at 12:06 AM
You have to consider the cost to upload all this on L1, I think 3.6MB may be very expansive on Ethereum at least, maybe its not the case in other blockchains. In case of very large bounties maybe having its own rollups would be better, but I think this is a complete rework of bugless. Or maybe in the future we could dehash bounties from a cheap data availability layer.

tuler.eth — Today at 12:11 AM
Using a L2 won’t help much with cost I think. Because it still have to post to L1. It’s an incentive to research more about other DAs.

edubart — Today at 12:17 AM
Also bounties that need to be on bugless from day zero, don't really need to be inserted onchain in day zero, this would be a waste of money. The dapp could start with some initial bounties baked in, we are doing this for Rives for example, where we do support uploading games, but large games like Doom is baked in from day 0 to save costs.

edubart — Today at 12:26 AM
Another idea I had is whoever wants to create a bounty, make a PR to a bounties repository, then with a DAO or something we do a upgrade of the bonties flash drive. This way bounties are created offchain, while there is some governance on chain to make the machine upgrades, this also a very different design, and requires machine upgrades and some coordinance of the nodes to make the upgrade.

Cláudio — Today at 11:41 AM
Hi Gui, given all that was said, IMO we should move to prepare a drive for our machine with the Solidity bounty built-in.
With that we could have a first alpha launch with something interesting and really relevant for the community to explore while we think about the feature we want to offer for bigger bounties in the future.
Also, maybe it is a good time for us to have a call and align all this together. What do you guys think about it?

gligneul.eth — Today at 12:02 PM
One thing I considered was deploying a new rollup for each bounty, like the dapp sharding idea. This would circumvent the base layer limit issue.

gligneul.eth — Today at 12:06 PM
This would require a major refactoring on the dapp though; so for this first version it might be better to just embed a particular bounty into the dapp snapshot.

Marcus Souza — Today at 12:25 PM
https://github.com/souzavinny/rollups-examples/blob/main/frontend-biometrics/src/view/layout/home/helpers/send-input.helpers.ts

You can take a look on how biometrics dealed with that time. In the front end, we had this helper that set the maximum size of a chunk and divided the image string to fit the transaction payload. The backend also had treatments to flag if the chunk is the final one or not through notices.

Implement a React component to make children components visible only if there is a wallet connected

This component would avoid duplicating the logic for conditionally presenting components if there is a wallet connected.
Features where this component would be used:

  1. Header page to present or not the voucher action icon;
  2. Main page to present or not the submit bounty button;
  3. Bounty page to enable/disable buttons (in case user try to access the bounty url)
  4. Vouchers page to enable/disable execute button.

Error when uploading a bounty in the submit bounty form

Tested with Google Chrome on windows 11.

Steps:

  1. Open the console tab of your google chrome dev tools.
  2. With a connected wallet:
    2.1. Click submit bounty
    2.2. Drag a valid bounty file
    The console will show the error below:
contracts.tsx:4351 DOMException: Failed to execute 'setItem' on 'Storage': Setting the value of 'wagmi.cache' exceeded the quota.
    at Object.setItem (webpack-internal:///(app-pages-browser)/./node_modules/@wagmi/core/dist/chunk-TSH6VVF4.js:423:19)
    at trySave (webpack-internal:///(app-pages-browser)/./node_modules/@tanstack/query-sync-storage-persister/build/lib/index.mjs:16:17)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@tanstack/query-sync-storage-persister/build/lib/index.mjs:26:21)
    at eval (webpack-internal:///(app-pages-browser)/./node_modules/@tanstack/query-sync-storage-persister/build/lib/index.mjs:72:9)

Expected: No error message in the console after dropping a valid bounty file.

Allow connecting to Optimism

Until now the goal is to deploy bugless to Optimism mainnet so we need to allow the wallet to connect to that network. Currently the wallet is connecting only to Foundry (local development), Ethereum mainnet and Ethereum Sepolia.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.