Near social agent

[Immanuel-john]

Project Abstract

The NEAR Social AI Agent is an innovative solution designed to enhance user engagement within the NEAR ecosystem by integrating social functionalities directly into the Bitte wallet. This agent empowers users to create and manage their profiles on near.social, enabling them to make posts and read profiles seamlessly. By leveraging the capabilities of AI and the NEAR blockchain, the agent streamlines social interactions, making it easier for users to establish their online presence and connect with the community.

The project aims to simplify the social media experience for NEAR users, addressing the need for accessible and efficient profile management and content creation. With an initial focus on profile creation and post management, the NEAR Social AI Agent will evolve to include additional features such as commenting, reposting, and notifications, further enriching the social experience.

The development is complete, and the team is committed to gathering user feedback to continuously improve the agent's functionalities and foster a vibrant social ecosystem within NEAR

For which grant level are you applying?

• Level 1: Up to $10,000, 2 approvals
• Level 2: Up to $50,000, 3 approvals and one pitch to Mintbase Council
• Level 3: Unlimited, 5 approvals and mutliple pitches to Mintbase Council

Application Checklist

• The application template has been copied, renamed ( project_name.md) and updated.
• NEAR address for the payment of the milestones is provided inside the application.
• I have read and acknowledged the terms and conditions.
• The software delivered for this grant will be released under an open-source license specified in the application.
• The initial PR contains only one commit (squash and force-push if needed).
• The grant will only be announced once the first milestone has been accepted.

How Did You Hear About our grants program?

• Mintbase Website
• Mintbase Community (Twitter, Discord, Telegram etc.)
• Hackathon
• Personal Recommendation
• Investor/VC
• Online Search
• Other: _______

[mintbase-codium-pr-agent]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 Security concerns No specific security vulnerabilities are detailed in the PR, but the lack of explicit security measures for API endpoints in both proposals raises concerns about potential data breaches and unauthorized access. Implementing proper authentication and authorization mechanisms is recommended to safeguard user data and interactions.

⚡ Key issues to review Missing Information The proposal lacks details on security measures for the API endpoints, which is crucial for protecting user data and preventing unauthorized access. API Security Concerns The document does not specify any authentication or authorization mechanisms for the API endpoints, which could lead to security vulnerabilities.

[mintbase-codium-pr-agent]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Implement a rate limit for the post creation API to prevent potential abuse It's recommended to include a rate limit policy for the /api/post endpoint to prevent abuse and ensure fair usage among users. applications/near-social-agent.md [42-44] - **Endpoint:** `/api/post` - **Method:** POST - **Summary:** Create a post - **Description:** Allows users to post content with their accountId. + - **Rate Limit:** 10 requests per minute per user to prevent spam and abuse. Suggestion importance[1-10]: 10 Why: Implementing a rate limit is a critical security measure to prevent abuse and ensure fair usage among users, which is essential for maintaining the integrity and performance of the service.	10
Enhancement	Add error handling scenarios to the API endpoint responses Consider adding error handling information for the API endpoint /api/art. This will help users understand how to handle different scenarios when the image upload fails or encounters issues. applications/gfxvs-agent.md [35] - **Responses:** - **200:** Image data uploaded successfully with details about the art, including `artistId`, `arttitle`, and `colouredArt`. + - **400:** Bad request, when the provided data is incomplete or malformed. + - **500:** Internal server error, indicating problems with the server or the backend processing. Suggestion importance[1-10]: 9 Why: Adding error handling information is crucial for developers to understand how to manage different failure scenarios, improving the robustness and reliability of the API.	9
	Add validation rules to the profile API request fields to ensure data integrity To improve data integrity and user experience, consider adding validation details for the fields in the request body of the /api/profile endpoint. applications/near-social-agent.md [28-37] - **Request Body:** - - **accountId:** User's account Id (string). - - **name:** Name of the user (string). - - **about:** Brief description about the user (string). - - **twitter:** Twitter Id of the user (string). - - **github:** Github Id of the user (string). - - **telegram:** Telegram Id of the user (string). - - **website:** Personal website link of the user (string). - - **tags:** Tags relevant to the user (array of strings). - - **profileImage:** The URL of the profile image (string). - - **bannerImage:** The URL of the banner image (string). + - **accountId:** User's account Id (string). Required, must be a valid NEAR account ID. + - **name:** Name of the user (string). Optional, max length 50 characters. + - **about:** Brief description about the user (string). Optional, max length 150 characters. + - **twitter:** Twitter Id of the user (string). Optional, must be a valid Twitter username. + - **github:** Github Id of the user (string). Optional, must be a valid Github username. + - **telegram:** Telegram Id of the user (string). Optional, must be a valid Telegram username. + - **website:** Personal website link of the user (string). Optional, must be a valid URL. + - **tags:** Tags relevant to the user (array of strings). Optional, max 10 tags. + - **profileImage:** The URL of the profile image (string). Optional, must be a valid image URL. + - **bannerImage:** The URL of the banner image (string). Optional, must be a valid image URL. Suggestion importance[1-10]: 9 Why: Adding validation details ensures that the data submitted is correct and meets the expected format, which improves data integrity and user experience.	9
	Specify supported image formats for uploads to improve user clarity To enhance clarity and user understanding, consider specifying the file formats supported for the colouredArt image uploads in the API documentation. applications/gfxvs-agent.md [31] - **Request Body:** - - **colouredArt:** The URL of the image (string). + - **colouredArt:** The URL of the image (string). Supported formats include JPEG, PNG, and GIF. Suggestion importance[1-10]: 8 Why: Specifying supported image formats helps users understand the requirements and avoid errors during uploads, enhancing the user experience and reducing potential issues.	8