Automatic Claim

[0x4007]

What if we made a Repository with a GitHub Action that bounty hunters can fork and add their signing key as a secret to automatically claim bounties?

When the UbiquiBot pays out, it can post the comment and also ping a GitHub Action webhook.

The webhook can be to something like https://api.github.com/${bountyHunterGitHubUserName}/devpool-claim

If they forked the repo and setup their GitHub Action webhook correctly (should be by default, except for the secret - the signing key) then they can automatically claim as soon as the payout is offered!

---

Config:

PRIVATE_KEY
MAX_GWEI e.g. 50

[rndquu]

This way we have to deal with github API. I mean we need to:

• handle errors (what if webhook URL returned 500 error? we need a retry policy)
• check tx result (what if bounty hunter's wallet doesn't have enough ETH for tx?)
• maintain a DB to check whether payment has already been paid
• on top of that bounty hunter has to deal with forks, setting secrets and webhook URL which adds a level of complexity

If we want to deal with automatic payments then we'd better use some relayer service like ogsn. At least it eliminates the need to deal with forks and settings. The flow could be:

1. When PR is merged the bot sends a meta tx to GSN API
2. Bounty hunter pays for gas from his reward in DAI (this is basically what @zgorizzo69 proposed)

[0x4007]

• We don't necessarily need to handle errors. It will automatically attempt to withdraw and if it fails, then the bounty hunter will have to notice and manually handle it. I propose this as a no-frills, no-guarantees, simple automation tool that takes seconds to setup.
• For accounting, what if we have a router contract, like a permit proxy, but it accepts one more parameter that allows us to track unique payments. Possibly even including a permalink to the GitHub comment. Then, when its time for an audit/accounting, we can filter the transaction history of the router for a unique identifier (like the GitHub comment, or ideally something more robust and easy to work with.)
• I think any intermediate (and more senior) developer is comfortable with hitting the "fork" button on the GitHub UI and setting up a private key environment variable (we can even include a tutorial in the README)

[0x4007]

Once the Bounty is completed. The bot can post a comment like the following:

[ CLAIM 1 DAI ]

[ SETUP AUTOCLAIM ]