The protocol in full.

GitGrit is a soul-bound credential issued on Base L2 to GitHub developers, derived from twelve behavioural signals in your public activity. The credential is portable, non-transferable, refreshable every 180 days, and gates participation across Web3 protocols that need to distinguish humans from sybils.

The full protocol lives across three on-chain contracts (GritFactory, GritRegistry, $GITGRIT) and a gasless relayer. Mints are issued via IssueOps inside any of your public repositories.

The end-to-end mint takes ~5–10 seconds:

1. Comment ping us in a public repo you own.
2. GitHub fires a webhook; the bot verifies the HMAC-SHA256 signature.
3. Claude Haiku parses the natural-language command into a structured intent.
4. Indexer pulls 12 signals via the GitHub GraphQL API.
5. Scoring engine applies on-chain weights and sybil heuristics.
6. Relayer sponsors and broadcasts the tx on Base Mainnet.
7. GritFactory mints the SBT and emits Minted(uint256 userId, uint8 level).

You can try it without leaving the site — head to /mint and the same pipeline runs against the GitGrit API.

The scoring formula is a weighted aggregation across twelve signals:

Thresholds: Bronze 60 · Silver 140 · Gold 260 · Diamond 420. Sybil penalty ≥ 6 rejects the mint outright.

Install:

npm install @gitgrit/sdk

Usage:

import { GitGrit } from '@gitgrit/sdk';

const grit = new GitGrit({ apiKey: process.env.GITGRIT_KEY });

// 1. Read a credential
const credential = await grit.credentials.get('vbuterin');
if (credential.level === 'Diamond') { /* … */ }

// 2. Run an authenticated gate-check
const gate = await grit.integrators.query({
  username,
  minLevel: 'Gold',
});
if (!gate.passes) revert('Sybil gate');

// 3. List recent mints
const recent = await grit.credentials.list({ limit: 25 });

Subpath imports: @gitgrit/sdk/types for types only, and @gitgrit/sdk/scoring for offline scoring helpers (computeScore, scoreToLevel, explainScore, preview).

Install globally:

npm install -g @gitgrit/cli

Commands:

# Preview the score for any GitHub account
gitgrit check vbuterin

# Mint a credential for an authenticated user
gitgrit mint --user vbuterin --repo vbuterin/py-evm

# Read an existing credential
gitgrit show vbuterin

# Gate-check (used by integrators)
gitgrit query vbuterin --min-level Gold

# Protocol-wide stats
gitgrit stats

Configure with GITGRIT_API_URL and GITGRIT_API_KEY environment variables. The CLI ships a coloured output mode designed for terminal dashboards.

The factory tracks mapping(uint256 githubUserId => address sbtAddress) and exposes only three external mutating methods: mint, refresh and challenge. There are no transfer or approve entry points — the SBTs are non-transferable by construction.

Any holder can challenge a credential by staking $GITGRIT and submitting evidence. If the challenge resolves algorithmically (heuristic re-evaluation) or via Council vote, the target credential is downgraded or revoked and the challenger receives a portion of the target's stake. False challenges are slashed.

This converts sybil-hunting into an economically rational activity for protocol participants and reduces the marginal value of buying aged GitHub accounts.

$GITGRIT is a separate ERC-20 — distinct from the SBT credential, which is non-priceable. The token has four utility surfaces:

• Integrator payments above the free tier.
• Stake for the challenge mechanism.
• Peer attestation rewards / slashing collateral.
• Governance — weights are 50% by token balance, 50% by your own credential level.

Initial distribution: 40% community airdrop to Gold/Diamond holders, 20% treasury, 15% team (4-year vesting, 1-year cliff), 15% ecosystem incentives, 10% investors (3-year vesting).

Top Diamond holders form the GitGrit Council — the body that resolves contested challenges, ratifies scoring-weight changes proposed via on-chain governance, and admits new credential types to the registry. Council membership rotates yearly and requires re-election by token-weighted governance vote.