record IP addresses and ZIPcodes of contributions.

[owocki]

can we please record IP addresses and ZIPCodes of credit cards of contributions; just in case someone sybil attacks the system.. we will need to have this info so we can remediate.

[owocki]

@sanchaymittal is this easy to add?

[sanchaymittal]

We are already receiving ZIPCodes right now, as for Ip addresses it's kinda tricky. For payment, we are using stripe components and the post API to add donation can only be triggered by stripe when a payment occurs.
@owocki

[owocki]

why is IP addresses tricky?

feel free to use this get_ip method from the gitcoin codebase

def get_ip(request):
    forward_for = request.META.get('HTTP_X_FORWARDED_FOR')
    if forward_for:
        ip_addr = forward_for.split(',')[0]
    else:
        ip_addr = request.META.get('REMOTE_ADDR')
    return ip_addr

[sanchaymittal]

For security reasons, we are not making a post request from the frontend when a donation happens. Post request is made by stripe when a donation happens, we have a webhook for that. That's why I'm saying it's tricky to include Ipaddress when a donation/contribution happens in the database.
We can create a separate log file if you would like where we can receive the Ip Address of individuals making a donation.

[owocki]

oh i see; thanks for the explanation.

yes that would be good, pls do. IP addreses will be important to know for anti sybil reasons

[sanchaymittal]

Sure, But this will take some time as we have to add an API for making this post-call and a separate DB structure. Can't rush during production.