Allowlist feature

apps/web/app/(app)/gardens/[chain]/[garden]/[community]/[poolId]/[proposalId]/page.tsx

@@ -30,7 +30,7 @@ import { useMetadataIpfsFetch } from "@/hooks/useIpfsFetch";
 import { useSubgraphQuery } from "@/hooks/useSubgraphQuery";
 import { alloABI } from "@/src/generated";
 import { PoolTypes, ProposalStatus } from "@/types";
-import { abiWithErrors } from "@/utils/abiWithErrors";
+import { abiWithErrors } from "@/utils/abi";
 import { useErrorDetails } from "@/utils/getErrorName";
 import { prettyTimestamp } from "@/utils/text";
 
@@ -124,7 +124,7 @@ export default function Page({
     abi: abiWithErrors(alloABI),
     functionName: "distribute",
     contractName: "Allo",
-    fallbackErrorMessage: "Error executing proposal. Please try again.",
+    fallbackErrorMessage: "Error executing proposal, please report a bug.",
     onConfirmations: () => {
       publish({
         topic: "proposal",

apps/web/app/(app)/gardens/[chain]/[garden]/[community]/[poolId]/page.tsx

@@ -16,7 +16,6 @@ import { useCollectQueryParams } from "@/contexts/collectQueryParams.context";
 import { useMetadataIpfsFetch } from "@/hooks/useIpfsFetch";
 import { useSubgraphQuery } from "@/hooks/useSubgraphQuery";
 import { PoolTypes } from "@/types";
-import { CV_SCALE_PRECISION } from "@/utils/numbers";
 
 export const dynamic = "force-dynamic";
 
@@ -28,7 +27,7 @@ export default function Page({
   params: { chain: string; poolId: number; garden: string };
 }) {
   const searchParams = useCollectQueryParams();
-
+  
   const { data, refetch, error } = useSubgraphQuery<getPoolDataQuery>({
     query: getPoolDataDocument,
     variables: { poolId: poolId, garden: garden },
@@ -109,12 +108,9 @@ export default function Page({
     return <div className="mt-52 text-center">Pool {poolId} not found</div>;
   }
 
-  const pointSystem = data.cvstrategies?.[0].config.pointSystem;
   const communityAddress = strategyObj.registryCommunity.id as Address;
   const alloInfo = data.allos[0];
   const poolAmount = strategyObj.poolAmount as number;
-  const spendingLimitPct =
-    (Number(strategyObj.config.maxRatio || 0) / CV_SCALE_PRECISION) * 100;
 
   const isEnabled = data.cvstrategies?.[0]?.isEnabled as boolean;
 
@@ -128,10 +124,7 @@ export default function Page({
         poolId={poolId}
         ipfsResult={ipfsResult}
         isEnabled={isEnabled}
-        pointSystem={pointSystem}
         chainId={chain}
-        proposalType={proposalType}
-        spendingLimitPct={spendingLimitPct}
       />
       {isEnabled && (
         <>

apps/web/app/(app)/gardens/[chain]/[garden]/[community]/create-pool/page.tsx

@@ -25,7 +25,7 @@ export default function Page({
 
   if (!token) {
     return (
-      <div className="mt-96">
+      <div className="my-40">
         <LoadingSpinner />
       </div>
     );

apps/web/app/api/passport-oracle/daily-job/[chain]/route.ts

@@ -14,7 +14,7 @@ import { privateKeyToAccount } from "viem/accounts";
 import { getConfigByChain } from "@/configs/chains";
 import { initUrqlClient } from "@/providers/urql";
 import { passportScorerABI } from "@/src/generated";
-import { CV_PERCENTAGE_SCALE } from "@/utils/numbers";
+import { CV_PASSPORT_THRESHOLD_SCALE } from "@/utils/numbers";
 import { getViemChain } from "@/utils/web3";
 
 const LIST_MANAGER_PRIVATE_KEY = process.env.LIST_MANAGER_PRIVATE_KEY ?? "";
@@ -107,19 +107,7 @@ const updateScoresOnChain = async (
   const CONTRACT_ADDRESS = getConfigByChain(chain)?.passportScorer as Address;
 
   for (const update of updates) {
-    const integerScore = Number(update.score) * CV_PERCENTAGE_SCALE;
-    const data = {
-      abi: passportScorerABI,
-      address: CONTRACT_ADDRESS,
-      functionName: "addUserScore" as const,
-      args: [
-        update.userAddress,
-        {
-          score: BigInt(integerScore),
-          lastUpdated: BigInt(Date.now()),
-        },
-      ] as const,
-    };
+    const integerScore = Number(update.score) * CV_PASSPORT_THRESHOLD_SCALE;
 
     const client = createPublicClient({
       chain: getViemChain(chain),
@@ -132,20 +120,25 @@ const updateScoresOnChain = async (
       transport: custom(client.transport),
     });
 
-    const hash = await walletClient.writeContract(data);
+    const hash = await walletClient.writeContract({
+      abi: passportScorerABI,
+      address: CONTRACT_ADDRESS,
+      functionName: "addUserScore" as const,
+      args: [update.userAddress, BigInt(integerScore)] as const,
+    });
     await client.waitForTransactionReceipt({ hash });
   }
 };
 
 const updateScores = async (chain: string) => {
-  const SUBGRAPH = getConfigByChain(chain)?.subgraphUrl as string;
+  const subgraphUrl = getConfigByChain(chain)?.subgraphUrl as string;
   const { urqlClient } = initUrqlClient({ chainId: chain });
   const subgraphResponse = await urqlClient
     .query<{ passportUsers: PassportUser[] }>(
       query,
       {},
       {
-        url: SUBGRAPH,
+        url: subgraphUrl,
         requestPolicy: "network-only",
       },
     )

apps/web/app/api/passport-oracle/write-score/[chain]/route.ts

@@ -10,11 +10,15 @@ import {
   Address,
 } from "viem";
 import { privateKeyToAccount } from "viem/accounts";
+import {
+  getMemberPassportAndCommunitiesDocument,
+  getMemberPassportAndCommunitiesQuery,
+} from "#/subgraph/.graphclient";
 import { getConfigByChain } from "@/configs/chains";
+import { initUrqlClient } from "@/providers/urql";
 import { passportScorerABI } from "@/src/generated";
-import { CV_PERCENTAGE_SCALE } from "@/utils/numbers";
+import { CV_PASSPORT_THRESHOLD_SCALE } from "@/utils/numbers";
 import { getViemChain } from "@/utils/web3";
-
 const LIST_MANAGER_PRIVATE_KEY = process.env.LIST_MANAGER_PRIVATE_KEY;
 const LOCAL_RPC = "http://127.0.0.1:8545";
 
@@ -37,20 +41,10 @@ const fetchScoreFromGitcoin = async (user: string) => {
 };
 
 export async function POST(req: Request, { params }: Params) {
-  const apiKey = req.headers.get("Authorization");
   const { chain } = params;
-
-  if (apiKey !== process.env.CRON_SECRET) {
-    console.error("Unauthorized", {
-      req: req.url,
-      chain,
-    });
-    return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
-  }
-
   const { user } = await req.json();
 
-  if (!user) {
+  if (typeof user !== "string") {
     return NextResponse.json(
       {
         error: "User address is required",
@@ -59,14 +53,67 @@ export async function POST(req: Request, { params }: Params) {
     );
   }
 
+  const chainConfig = getConfigByChain(chain);
+
   try {
-    const RPC_URL = getConfigByChain(chain)?.rpcUrl ?? LOCAL_RPC;
+    const subgraphUrl = chainConfig?.subgraphUrl as string;
+    const { urqlClient } = initUrqlClient({ chainId: chain });
+    const subgraphResponse = await urqlClient
+      .query<getMemberPassportAndCommunitiesQuery>(
+        getMemberPassportAndCommunitiesDocument,
+        {
+          memberId: user.toLowerCase(),
+        },
+        {
+          url: subgraphUrl,
+          requestPolicy: "network-only",
+        },
+      )
+      .toPromise();
+
+    if (subgraphResponse.data == null) {
+      return NextResponse.json({ error: "User not found" }, { status: 404 });
+    }
+
+    const { member, passportUser } = subgraphResponse.data;
+
+    if (!member?.memberCommunity || member.memberCommunity.length === 0) {
+      return NextResponse.json(
+        { error: "User has no communities" },
+        { status: 400 },
+      );
+    }
 
-    const CONTRACT_ADDRESS = getConfigByChain(chain)?.passportScorer as Address;
+    // Throttle the score update to once per day
+    const twoHoursMs = 2 * 60 * 60 * 1000;
+    if (
+      passportUser &&
+      +passportUser.score > 0 &&
+      +passportUser.lastUpdated * 1000 > Date.now() - twoHoursMs
+    ) {
+      return NextResponse.json(
+        {
+          error:
+            "User score cannot be updated before " +
+            new Date(
+              passportUser.lastUpdated * 1000 + twoHoursMs,
+            ).toUTCString(),
+        },
+        { status: 400 },
+      );
+    }
+  } catch (error) {
+    console.error("Error fetching user data:", error);
+    return NextResponse.json(
+      { error: "Internal server error" },
+      { status: 500 },
+    );
+  }
 
+  try {
     const client = createPublicClient({
       chain: getViemChain(chain),
-      transport: http(RPC_URL),
+      transport: http(chainConfig?.rpcUrl ?? LOCAL_RPC),
     });
 
     const walletClient = createWalletClient({
@@ -78,18 +125,22 @@ export async function POST(req: Request, { params }: Params) {
     });
 
     const score = await fetchScoreFromGitcoin(user);
-    const integerScore = Number(score) * CV_PERCENTAGE_SCALE;
-    const data = {
+    const integerScore = Number(score) * CV_PASSPORT_THRESHOLD_SCALE;
+
+    if (!chainConfig?.passportScorer) {
+      console.error("Passport scorer contract address is missing");
+      return NextResponse.json(
+        { error: "Internal server error" },
+        { status: 500 },
+      );
+    }
+
+    const hash = await walletClient.writeContract({
       abi: passportScorerABI,
-      address: CONTRACT_ADDRESS,
-      functionName: "addUserScore" as const,
-      args: [
-        user,
-        { score: BigInt(integerScore), lastUpdated: BigInt(Date.now()) },
-      ] as const,
-    };
-
-    const hash = await walletClient.writeContract(data);
+      address: chainConfig.passportScorer,
+      functionName: "addUserScore",
+      args: [user as Address, BigInt(integerScore)],
+    });
 
     return NextResponse.json({
       message: "User score added successfully",

apps/web/components/ActivatePoints.tsx

@@ -3,24 +3,28 @@
 import React from "react";
 import { useConnectModal } from "@rainbow-me/rainbowkit";
 import { Address, useAccount } from "wagmi";
+import { CVStrategy, CVStrategyConfig } from "#/subgraph/.graphclient";
 import { Button } from "./Button";
 import { usePubSubContext } from "@/contexts/pubsub.context";
 import { useChainIdFromPath } from "@/hooks/useChainIdFromPath";
+import useCheckAllowList from "@/hooks/useCheckAllowList";
 import { useContractWriteWithConfirmations } from "@/hooks/useContractWriteWithConfirmations";
 import { ConditionObject, useDisableButtons } from "@/hooks/useDisableButtons";
 import { cvStrategyABI } from "@/src/generated";
-import { abiWithErrors } from "@/utils/abiWithErrors";
+import { abiWithErrors } from "@/utils/abi";
 import { useErrorDetails } from "@/utils/getErrorName";
 
 type ActiveMemberProps = {
-  strategyAddress: Address;
+  strategy: Pick<CVStrategy, "id"> & {
+    config: Pick<CVStrategyConfig, "allowlist">;
+  };
   communityAddress: Address;
   isMemberActivated: boolean | undefined;
   isMember: boolean | undefined;
 };
 
 export function ActivatePoints({
-  strategyAddress,
+  strategy,
   communityAddress,
   isMember,
   isMemberActivated,
@@ -29,15 +33,17 @@ export function ActivatePoints({
   const { openConnectModal } = useConnectModal();
   const chainId = useChainIdFromPath();
   const { publish } = usePubSubContext();
+  const allowList = (strategy?.config?.allowlist as Address[]) ?? [];
+  const isAllowed = useCheckAllowList(allowList, connectedAccount);
 
   const { write: writeActivatePoints, error: errorActivatePoints } =
     useContractWriteWithConfirmations({
       chainId,
-      address: strategyAddress,
+      address: strategy.id as Address,
       contractName: "CV Strategy",
       abi: abiWithErrors(cvStrategyABI),
       functionName: "activatePoints",
-      fallbackErrorMessage: "Error activating points. Please try again.",
+      fallbackErrorMessage: "Error activating points, please report a bug.",
       onConfirmations: () => {
         publish({
           topic: "member",
@@ -52,11 +58,11 @@ export function ActivatePoints({
 
   const { write: writeDeactivatePoints, error: errorDeactivatePoints } =
     useContractWriteWithConfirmations({
-      address: strategyAddress,
+      address: strategy.id as Address,
       abi: abiWithErrors(cvStrategyABI),
       contractName: "CV Strategy",
       functionName: "deactivatePoints",
-      fallbackErrorMessage: "Error deactivating points. Please try again.",
+      fallbackErrorMessage: "Error deactivating points, please report a bug.",
       onConfirmations: () => {
         publish({
           topic: "member",
@@ -92,6 +98,10 @@ export function ActivatePoints({
       condition: !isMember,
       message: "Join community to activate points",
     },
+    {
+      condition: !isAllowed,
+      message: "Address not in allowlist",
+    },
   ];
 
   const disableActiveBtn = disableActiveBtnCondition.some(
@@ -107,7 +117,7 @@ export function ActivatePoints({
       onClick={handleChange}
       btnStyle={isMemberActivated ? "outline" : "filled"}
       color={isMemberActivated ? "danger" : "primary"}
-      disabled={missmatchUrl || disableActiveBtn}
+      disabled={missmatchUrl || disableActiveBtn || !isAllowed}
       tooltip={String(tooltipMessage)}
     >
       {isMemberActivated ? "Deactivate governance" : "Activate governance"}

apps/web/components/Breadcrumbs.tsx

@@ -9,15 +9,14 @@ import Link from "next/link";
 import { usePathname } from "next/navigation";
 import { Button } from "./Button";
 import { getTitlesFromUrlSegments } from "@/services/getTitlesFromUrlSegments";
+import { truncateString } from "@/utils/text";
 
 interface Breadcrumb {
   href: string;
   label: string;
 }
 
-const truncateString = (str: string) => {
-  return `${str.slice(0, 6)}...${str.slice(-4)}`;
-};
+
 
 export function Breadcrumbs() {
   const path = usePathname();