Initial commit of BountyPool project with real-time yield calculation

Author: figtracer

.gitignore

@@ -10,5 +10,25 @@ out/
 # Docs
 docs/
 
-# Dotenv file
+# Node.js files
+node_modules/
+
+# Environment variables
 .env
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+frontend/public/env.js
+
+# Build directories
+build/
+dist/
+
+# IDE files
+.idea/
+.vscode/
+
+# OS files
+.DS_Store
+Thumbs.db

.gitmodules

@@ -1,3 +1,21 @@
 [submodule "lib/forge-std"]
 	path = lib/forge-std
 	url = https://github.com/foundry-rs/forge-std
+[submodule "lib/openzeppelin-contracts"]
+	path = lib/openzeppelin-contracts
+	url = https://github.com/openzeppelin/openzeppelin-contracts
+[submodule "lib/openzeppelin-contracts-upgradeable"]
+	path = lib/openzeppelin-contracts-upgradeable
+	url = https://github.com/openzeppelin/openzeppelin-contracts-upgradeable
+[submodule "contracts/lib/forge-std"]
+	path = contracts/lib/forge-std
+	url = https://github.com/foundry-rs/forge-std
+[submodule "contracts/lib/openzeppelin-contracts"]
+	path = contracts/lib/openzeppelin-contracts
+	url = https://github.com/openzeppelin/openzeppelin-contracts
+[submodule "contracts/lib/openzeppelin-contracts-upgradeable"]
+	path = contracts/lib/openzeppelin-contracts-upgradeable
+	url = https://github.com/openzeppelin/openzeppelin-contracts-upgradeable
+[submodule "contracts/lib/aave-address-book"]
+	path = contracts/lib/aave-address-book
+	url = https://github.com/bgd-labs/aave-address-book

README.md

@@ -1,66 +1,94 @@
-## Foundry
+# BountyPool
 
-**Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.**
+BountyPool is a decentralized platform for incentivizing open-source development through bounty pools. This dApp allows repository owners to create token pools, where contributors can deposit funds to support the development of features and bug fixes. When issues are resolved, the contributor who solved the issue receives a bounty reward.
 
-Foundry consists of:
+## Features
 
--   **Forge**: Ethereum testing framework (like Truffle, Hardhat and DappTools).
--   **Cast**: Swiss army knife for interacting with EVM smart contracts, sending transactions and getting chain data.
--   **Anvil**: Local Ethereum node, akin to Ganache, Hardhat Network.
--   **Chisel**: Fast, utilitarian, and verbose solidity REPL.
+- **GitHub Integration**: Authenticate with GitHub to verify repository ownership
+- **Create Bounty Pools**: Repository owners can create pools tied to their GitHub repositories
+- **Deposit Funds**: Contributors can deposit tokens to support development
+- **Real-time Yield Calculation**: See up-to-date yield information without requiring transactions
+- **Issue Management**: Create, assign, and resolve GitHub issues with bounties attached
+- **Smart Contract Infrastructure**: Secure and transparent bounty distribution
 
-## Documentation
+## Project Structure
 
-https://book.getfoundry.sh/
+- `/contracts`: Solidity smart contracts (Foundry/Forge)
+- `/backend`: Express server for GitHub OAuth
+- `/frontend`: React frontend application (Vite)
 
-## Usage
+## Prerequisites
 
-### Build
+- [Node.js](https://nodejs.org/) (v16+)
+- [Foundry](https://getfoundry.sh/) for smart contract development
 
-```shell
-$ forge build
-```
+## Setup Instructions
 
-### Test
+### 1. Clone the Repository
 
-```shell
-$ forge test
+```bash
+git clone <your-repo-url>
+cd BountyPool
 ```
 
-### Format
+### 3. Install Dependencies
+
+```bash
+# Install backend dependencies
+cd backend
+npm install
+cd ..
 
-```shell
-$ forge fmt
+# Install frontend dependencies
+cd frontend
+npm install
+cd ..
 ```
 
-### Gas Snapshots
+### 4. Start Local Blockchain
+
+In a terminal window:
 
-```shell
-$ forge snapshot
+```bash
+cd contracts
+forge anvil
 ```
 
-### Anvil
+### 5. Deploy Contracts
 
-```shell
-$ anvil
+In a second terminal:
+
+```bash
+cd contracts
+forge script script/Deploy.s.sol --rpc-url http://localhost:8545 --broadcast -vvv
 ```
 
-### Deploy
+### 6. Start Backend Server
+
+In a third terminal:
 
-```shell
-$ forge script script/Counter.s.sol:CounterScript --rpc-url <your_rpc_url> --private-key <your_private_key>
+```bash
+cd backend
+npm run dev
 ```
 
-### Cast
+### 7. Start Frontend
 
-```shell
-$ cast <subcommand>
+In a fourth terminal:
+
+```bash
+cd frontend
+npm run dev
 ```
 
-### Help
+Once all services are running, you can access the application at http://localhost:5173
 
-```shell
-$ forge --help
-$ anvil --help
-$ cast --help
-```
+## License
+
+This project is licensed under the MIT License - see the LICENSE file for details.
+
+## Acknowledgments
+
+- Built with [Foundry](https://getfoundry.sh/)
+- Frontend powered by [React](https://reactjs.org/) and [Vite](https://vitejs.dev/)
+- GitHub integration via [Octokit](https://github.com/octokit/octokit.js)

aderyn.toml

@@ -0,0 +1,51 @@
+# Aderyn Configuration File
+# Help Aderyn work with more granular control
+
+# DO NOT CHANGE version below. As of now, only 1 is supported
+version = 1
+
+# Read the description carefully and uncomment the examples in each paragraph should you consider using them.
+
+# Base path for resolving remappings and compiling smart contracts, relative to workspace-root (directory in which the editor is open)
+# Most of the time, you want to point it to the directory containing foundry.toml or hardhat.config.js/ts.
+root = "."
+
+# Path of source directory containing the contracts, relative to root (above)
+# Aderyn will traverse all the nested files inside to scan and report vulnerabilities found inside.
+# - If not specified, Aderyn will try to extract it from the framework that is being used. (Foundry / Hardhat). 
+#   That would be "contracts/" in case of Hardhat and in case of Foundry, it depends on foundry.toml and
+#   many other factors like FOUNDRY_PROFILE environment variable, etc.
+# - If specified, Aderyn will override the above found `src`.
+# Example:
+# src = "src/"
+
+# Path segments of contract files to include in the analysis.
+# - It can be a partial match like "/interfaces/", which will include all files with "/interfaces/" in the file path.
+#   Or it can be a full match like "src/counters/Counter.sol", which will include only the file with the exact path.
+# - If not specified, all contract files in the source directory will be included.
+# Examples:
+# include = ["src/counters/Counter.sol", "src/others/"]
+# include = ["/interfaces/"]
+
+# Path segments of contract files to exclude in the analysis.
+# - It can be a partial match like "/interfaces/", which will exclude all files with "/interfaces/" in the file path.
+#   Or it can be a full match like "src/counters/Counter.sol", which will exclude only the file with the exact path.
+# - If not specified, no contract files will be excluded.
+# Examples:
+# exclude = ["src/counters/Counter.sol", "src/others/"]
+# exclude = ["/interfaces/"]
+
+# For advanced use cases, leverage the following
+
+# Remappings 
+# - It can be specified in `remappings.txt` within the root folder of the project.
+# - If not specified, Aderyn will try to derive the values from foundry.toml (if present.)
+
+# Environment
+# - These are usually all the FOUNDRY_, DAPP_ environment variables that are used during development.
+# - For example, if different profiles have different `src` declaration in `foundry.toml`, FOUNDRY_PROFILE can dictate the correct `src` value.
+#   Env variables and their values can be specified below.
+
+[env]
+# Example:
+# FOUNDRY_PROFILE = "default"

backend/.env.example

@@ -0,0 +1,100 @@
+require('dotenv').config();
+const express = require('express');
+const cors = require('cors');
+const axios = require('axios');
+
+const app = express();
+const PORT = process.env.PORT || 3000;
+
+// Middleware
+app.use(express.json());
+app.use(cors({
+    origin: 'http://localhost:5173', // Vite's default dev server port
+    methods: ['GET', 'POST'],
+    credentials: true
+}));
+
+// GitHub OAuth exchange endpoint
+app.post('/api/github/exchange-code', async (req, res) => {
+    try {
+        const { code, state } = req.body;
+
+        if (!code) {
+            return res.status(400).json({ error: 'Code is required' });
+        }
+
+        console.log('Received GitHub code:', code.substring(0, 10) + '...');
+        console.log('Using GitHub Client ID:', process.env.GITHUB_CLIENT_ID);
+
+        if (!process.env.GITHUB_CLIENT_SECRET || process.env.GITHUB_CLIENT_SECRET === 'your_github_client_secret') {
+            console.error('ERROR: GitHub client secret is not properly configured');
+            return res.status(500).json({ error: 'GitHub client secret is not configured' });
+        }
+
+        // Exchange code for token with GitHub
+        const requestData = {
+            client_id: process.env.GITHUB_CLIENT_ID,
+            client_secret: process.env.GITHUB_CLIENT_SECRET,
+            code
+        };
+
+        // Add state if provided
+        if (state) {
+            requestData.state = state;
+        }
+
+        console.log('Sending token exchange request to GitHub');
+
+        const response = await axios.post(
+            'https://github.com/login/oauth/access_token',
+            requestData,
+            {
+                headers: {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json'
+                }
+            }
+        );
+
+        console.log('GitHub response status:', response.status);
+
+        if (response.data && response.data.access_token) {
+            console.log('Received access token from GitHub');
+            // Return the token response to the client
+            return res.json(response.data);
+        } else if (response.data && response.data.error) {
+            console.error('GitHub OAuth error:', response.data);
+            return res.status(400).json({
+                error: 'GitHub OAuth error',
+                details: response.data
+            });
+        } else {
+            console.error('Unexpected GitHub response:', response.data);
+            return res.status(500).json({
+                error: 'Invalid response from GitHub',
+                details: response.data
+            });
+        }
+    } catch (error) {
+        console.error('Error exchanging GitHub code for token:', error.message);
+        if (error.response) {
+            console.error('GitHub error response:', error.response.data);
+            console.error('GitHub error status:', error.response.status);
+        }
+        return res.status(500).json({
+            error: 'Failed to exchange code for token',
+            details: error.response?.data || error.message
+        });
+    }
+});
+
+// Health check endpoint
+app.get('/api/health', (req, res) => {
+    res.json({ status: 'ok', message: 'GitHub OAuth server is running' });
+});
+
+// Start the server
+app.listen(PORT, () => {
+    console.log(`Server running on http://localhost:${PORT}`);
+    console.log(`GitHub OAuth endpoint: http://localhost:${PORT}/api/github/exchange-code`);
+});