6 Steps to Integrate with the tea Protocol
What’s the tea on tea? The tea Protocol is a decentralized technology protocol that enhances the sustainability and integrity of the software supply chain by enabling open-source developers to capture the value that they create—while simultaneously creating opportunities for software users and supporters. The tea Protocol operates as an incentive layer that integrates with software package management tools like Homebrew, npm, and pkgx.
Open-source software developers can integrate with tea by uploading their existing software projects to the tea Protocol. Open-source software registered with the tea Protocol may be eligible to receive digital tokens—known as TEA tokens—proportional to their rank within the tea Protocol and the value and impact of the software.
OSS developers are naturally incentivized to use the tea Protocol because it creates an opportunity to be rewarded for building, maintaining, securing, and sharing important software. Read more to understand exactly how to get started with tea.
1. Onboard to the tea platform
Your first step to get started with tea is to onboard to the tea ecosystem. The tea Protocol uses a graphical user interface (GUI) hosted by a web application to facilitate getting started.
Here’s what is required to onboard to tea:
- Provide your GitHub username or email address
- Create a username for the tea Protocol
- Establish a tea-native digital wallet
Your digital wallet is automatically created during the onboarding process. tea works with Safe (f.k.a. Gnosis Safe) to provide all protocol users with a software-based, multi-signature wallet. A multi-signature digital wallet supports approvals from multiple contributors, with governance embedded to enable teams of OSS developers to autonomously decide who participates in disbursements.
2. Register a software project
Your next step is to register a software project that you own or maintain. Ownership is defined and proven by the ability to merge a specific pull request with a project repository.
The software repository must also be linked to one of these supported package managers:
The web app for tea makes it easy to register your software project. GitHub users can access the tea web interface to view their list of projects on the GitHub platform that can be registered with tea. For non-GitHub users, the tea web app also supports an alternative way to view your projects that are eligible for tea registration.
Selecting a software project that you’d like to register causes a “constitution” document to be created by the tea Protocol. The constitution file for a project contains three types of information:
- Project name: the name of the project associated with the constitution file;
- Digital wallet addresses: the wallet address for each developer or maintainer who is needed to approve transactions; and
- Quorum: the number of approvals required for any treasury transaction to complete.
GitHub users can direct the tea web app to automatically submit a pull request for review and approval to add the constitution file to a project repository. Non-GitHub users can manually download the same constitution document and upload it to their project files.
Once the pull request is approved, the tea Protocol automatically starts processing the constitution file to complete the registration of the project. Registering a project also creates a project treasury controlled by the project maintainers' digital wallets.
3. Start receiving tokens
The tea Protocol distributes TEA tokens on a daily basis to registered software projects. The teaRank of a software project—which denotes the impact or value of the software project in the open-source ecosystem—determines the quantity of TEA tokens received.
A project’s teaRank will fluctuate based on each open-source project’s orientation within, and utilization from, the broader open-source ecosystem over time, causing the quantity of tokens received to change on a daily basis. All tokens received are sent to the project treasury that’s controlled by the project maintainers.
The treasuries of registered software projects may begin to receive TEA tokens within 24 hours of pull request approval to register the software with the tea Protocol. The protocol requires that a project’s teaRank be above a certain threshold to prevent bad actors from onboarding worthless software.
4. Stake tokens to your software project
Project owners receiving daily distributions of TEA are required to stake 25% of those tokens to the software project that they’ve registered with the tea Protocol. Staking 25% of the rewards received is required to continue receiving any portion of the daily TEA distribution.
The tea Protocol enforces this staking requirement, accompanied by a penalization (“slashing”) mechanism, to incentivize project maintainers to promptly address any technical problems. Slashing—a type of token-burning mechanism—of tokens staked to a project occurs when a project maintainer fails to address a bug report in a timely manner. By setting a minimum and non-trivial requirement for staking, and slashing projects’ staked tokens as necessary, the tea Protocol is creating an environment that can support and increase the security of the OSS supply chain.
The protocol uses smart contracts—code-based contracts that can execute automatically—to enable efficient and transparent staking. The tea web app provides an interface to facilitate the staking process, making it easy for project owners to interact with the smart contracts and comply with the protocol’s staking requirements.
5. Monitor project performance
Software project owners can monitor their project’s teaRank and token rewards on an ongoing basis. teaRank constantly fluctuates while tokens may accumulate in a project’s treasury over time. Users can monitor the balance of a project’s treasury to ensure that all expected rewards are being successfully received by the software project.
6. Receive additional token rewards
A project with an increasing teaRank may be eligible to receive an increasing quantity of token rewards on a daily basis. Token rewards are distributed based on a project’s teaRank, which is directly influenced by how many projects in the open-source ecosystem use the software project.
A project with a high teaRank has a material impact on the OSS ecosystem and may be more visible in the tea Protocol—which may attract new users who need reputable, foundational software. An increase in software projects dependent on the OSS project can boost the teaRank of a project, potentially increasing the quantity of TEA that the project is eligible to receive every day.
Other ways to interact with the tea Protocol
How else can developers and maintainers get involved with the tea Protocol? A couple of options:
Stake tokens to another project
Any participant in the tea Protocol can use the tea web app to stake TEA to any project in the ecosystem. Staking tokens to a software project can generate TEA rewards for a defined period of time.
Staking tokens to any project registered with the tea Protocol may generate rewards, but also creates risk. Software with error reports that are not addressed may be subject to slashing, resulting in a portion of the TEA staked to the project being burned. If slashing occurs, all participants in the tea Protocol who stake tokens to a project are impacted, not just the project’s maintainers.
Protocol participants are encouraged to minimize their risk by conducting a code review before choosing to stake tokens to a software project.
Identify and report errors
Increasing the frequency and robustness of code reviews in the OSS community is another way that the tea Protocol is bolstering the sustainability of the software supply chain, by enabling all open-source software projects to earn the reputations that they deserve. tea Protocol participants who encounter any software bugs can use the protocol’s web interface to report errors.
Users wishing to report OSS vulnerabilities are required to stake tokens to an error report as a condition of submitting the report. Anyone who submits a valid bug report may receive rewards if the vulnerability is confirmed—regardless of whether the bug is ultimately addressed. The tea Protocol incentivizes prompt responses to reported vulnerabilities by penalizing project maintainers who do not acknowledge or resolve reported issues in a timely manner.