Skip to main content

Installation

This guide covers everything you need to install and configure Base Audit Bot, including prerequisites, API key generation, and deployment options.

Prerequisites

Before installing, ensure you have:

Required Software

  • Python 3.11 or higher - The bot uses modern Python features
  • Git - For cloning repositories and the bot itself
  • pip - Python package manager (included with Python)

Optional Software

  • Docker & Docker Compose - For containerized deployment
  • curl - For health check testing

API Keys Required

You must obtain API keys from all three services before the bot can operate:
  • Basescan API (free tier available)
  • Anthropic Claude API (requires credits)
  • Twitter API v2 (free tier with Essential access)

Installation Methods

Choose your preferred installation method:

Python Virtualenv

Recommended for development and testing

Docker

Recommended for production deployment

Method 1: Python Virtualenv

1

Install Python 3.11+

Verify your Python version:
python --version
If you need to install or upgrade Python:
sudo apt update
sudo apt install python3.11 python3.11-venv python3-pip
2

Clone the Repository

git clone https://github.com/yourusername/base-audit-bot.git
cd base-audit-bot
3

Create Virtual Environment

python3.11 -m venv venv
source venv/bin/activate
Your terminal prompt should change to show (venv) when the virtual environment is active.
4

Install Dependencies

pip install --upgrade pip
pip install -r requirements.txt
This installs the following packages:
PackageVersionPurpose
web3≥6.0.0Ethereum/Base blockchain interaction
tweepy≥4.14.0Twitter API v2 client
anthropic≥0.40.0Claude AI API for auditing
flask≥3.0.0Webhook server
gitpython≥3.1.40Git repository operations
requests≥2.31.0HTTP requests
python-dotenv≥1.0.0Environment variable management
aiohttp≥3.9.0Async HTTP (optional)
5

Verify Installation

python -c "import web3, tweepy, anthropic, flask, git; print('All dependencies installed!')"
If successful, you’ll see: All dependencies installed!

Method 2: Docker

1

Install Docker

Install Docker and Docker Compose:
sudo apt update
sudo apt install docker.io docker-compose
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -aG docker $USER
Verify installation:
docker --version
docker-compose --version
2

Clone the Repository

git clone https://github.com/yourusername/base-audit-bot.git
cd base-audit-bot
3

Review Docker Configuration

The included Dockerfile defines the container:
Dockerfile
FROM python:3.11-slim

WORKDIR /app

# Install git for cloning repos
RUN apt-get update && apt-get install -y git \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY *.py ./

RUN mkdir -p /app/data /app/logs /app/temp_repos

ENV PYTHONUNBUFFERED=1
ENV DATABASE_PATH=/app/data/bot.db
ENV TEMP_DIR=/app/temp_repos

EXPOSE 5000

CMD ["python", "bot.py"]
The docker-compose.yml orchestrates the deployment:
docker-compose.yml
version: '3.8'

services:
  audit-bot:
    build: .
    container_name: base-audit-bot
    restart: unless-stopped
    ports:
      - "5000:5000"
    volumes:
      - ./data:/app/data
      - ./logs:/app/logs
      - bot-temp:/app/temp_repos
    env_file:
      - .env
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:5000/health"]
      interval: 30s
      timeout: 10s
      retries: 3

volumes:
  bot-temp:
    driver: local

Obtaining API Keys

Basescan API Key

1

Create Account

  1. Navigate to Basescan.org
  2. Click “Sign In” → “Click to sign up”
  3. Complete registration with email verification
2

Generate API Key

  1. Go to API Keys page
  2. Click “Add” to create a new API key
  3. Give it a descriptive name (e.g., “Base Audit Bot”)
  4. Copy the generated API key
3

Add to Configuration

.env
BASESCAN_API_KEY=YourBasescanApiKeyHere
The free tier allows 5 requests per second and 100,000 requests per day, which is sufficient for most use cases.

Anthropic API Key

1

Create Account

  1. Visit Anthropic Console
  2. Sign up with your email or Google account
  3. Verify your email address
2

Add Credits

  1. Navigate to “Settings” → “Billing”
  2. Add payment method and credits
  3. The bot uses Claude Sonnet 4, which costs:
    • Input: $3 per million tokens
    • Output: $15 per million tokens
A typical smart contract audit uses 2,000-5,000 tokens, costing 0.010.01-0.10 per audit.
3

Generate API Key

  1. Go to “API Keys” in the console
  2. Click “Create Key”
  3. Name it (e.g., “Base Audit Bot”)
  4. Copy the key immediately (it won’t be shown again)
4

Add to Configuration

.env
ANTHROPIC_API_KEY=sk-ant-api03-YourAnthropicKeyHere

Twitter API Keys

Twitter requires the most credentials (5 different keys/tokens):
1

Create Developer Account

  1. Go to Twitter Developer Portal
  2. Sign in with your Twitter account
  3. Click “Sign up for Free Account”
  4. Complete the application form:
    • Choose “Hobbyist” → “Making a bot”
    • Describe your bot’s purpose
    • Agree to terms and conditions
2

Create Project and App

  1. In the Developer Portal, click “Projects & Apps”
  2. Create a new Project (name: “Base Audit Bot”)
  3. Create an App within the project
  4. Save the API Key and API Secret shown
3

Configure App Permissions

  1. Go to your app settings
  2. Navigate to “User authentication settings”
  3. Click “Set up”
  4. Enable OAuth 1.0a
  5. Set permissions to Read and Write
  6. Add callback URL (can be placeholder: https://example.com)
  7. Save changes
4

Generate Access Tokens

  1. Go to “Keys and Tokens” tab
  2. Under “Authentication Tokens”, click “Generate” for:
    • Access Token
    • Access Token Secret
  3. Also generate a Bearer Token if not already present
  4. Copy all tokens immediately
5

Add to Configuration

You should now have all 5 credentials:
.env
TWITTER_API_KEY=YourApiKeyHere
TWITTER_API_SECRET=YourApiSecretHere
TWITTER_ACCESS_TOKEN=YourAccessTokenHere
TWITTER_ACCESS_SECRET=YourAccessSecretHere
TWITTER_BEARER_TOKEN=YourBearerTokenHere
Keep these credentials secret! Never commit them to version control.

Configuration

1

Create .env File

Copy the example environment file:
cp .env.example .env
2

Edit Configuration

Open .env in your editor and configure all settings:
.env
# Base Chain Configuration
BASE_RPC_URL=https://mainnet.base.org
BASESCAN_API_KEY=your_basescan_api_key_here

# Anthropic API
ANTHROPIC_API_KEY=your_anthropic_api_key_here

# Twitter API v2 Credentials
TWITTER_API_KEY=your_twitter_api_key_here
TWITTER_API_SECRET=your_twitter_api_secret_here
TWITTER_ACCESS_TOKEN=your_twitter_access_token_here
TWITTER_ACCESS_SECRET=your_twitter_access_secret_here
TWITTER_BEARER_TOKEN=your_twitter_bearer_token_here

# Webhook Configuration (optional)
WEBHOOK_SECRET=your_random_webhook_secret_here
WEBHOOK_PORT=5000

# Bot Configuration
SCAN_INTERVAL_MINUTES=15
BLOCKS_TO_SCAN=100
MIN_CONTRACT_SIZE=100
LOG_LEVEL=INFO

# Database
DATABASE_PATH=./data/bot.db

# Temporary Directory for Cloning
TEMP_DIR=./temp_repos
3

Configuration Reference

VariableDescriptionDefaultRequired
BASE_RPC_URLBase mainnet RPC endpointhttps://mainnet.base.orgYes
BASESCAN_API_KEYBasescan API key for contract verification-Yes
ANTHROPIC_API_KEYAnthropic API key for Claude-Yes
TWITTER_API_KEYTwitter OAuth 1.0a consumer key-Yes
TWITTER_API_SECRETTwitter OAuth 1.0a consumer secret-Yes
TWITTER_ACCESS_TOKENTwitter access token-Yes
TWITTER_ACCESS_SECRETTwitter access token secret-Yes
TWITTER_BEARER_TOKENTwitter API v2 bearer token-No*
WEBHOOK_SECRETSecret for GitHub webhook verification-No
WEBHOOK_PORTPort for webhook server5000No
SCAN_INTERVAL_MINUTESMinutes between scans15No
BLOCKS_TO_SCANNumber of blocks to scan per cycle100No
MIN_CONTRACT_SIZEMinimum bytecode size (bytes)100No
LOG_LEVELLogging verbosityINFONo
DATABASE_PATHSQLite database location./data/bot.dbNo
TEMP_DIRTemporary directory for clones./temp_reposNo
*Bearer token is required for some Twitter API v2 endpoints like DM reading.
4

Generate Webhook Secret

If you plan to use GitHub webhooks, generate a secure random secret:
python -c "import secrets; print(secrets.token_urlsafe(32))"
Add it to your .env:
.env
WEBHOOK_SECRET=your_generated_secret_here

Running the Bot

Python Virtualenv

python bot.py

Docker

docker-compose up -d

Verification

1

Check Bot Startup

Verify the bot initializes all components:
# For Python
tail -f ./logs/bot.log

# For Docker
docker-compose logs audit-bot
You should see:
INFO - Initializing Base Audit Bot...
INFO - Database initialized
INFO - Connected to Base mainnet. Chain ID: 8453
INFO - Blockchain scanner initialized
INFO - GitHub finder initialized
INFO - Auditor initialized
INFO - Twitter bot initialized
INFO - Base Audit Bot initialized successfully
INFO - Starting main loop (interval: 15 minutes)
2

Test Webhook Server

If webhooks are enabled, test the health endpoint:
curl http://localhost:5000/health
Expected response:
{"status": "healthy"}
3

Verify Database Creation

Check that the SQLite database was created:
ls -lh ./data/bot.db
Inspect tables:
sqlite3 ./data/bot.db ".tables"
Expected output:
audits          contracts       monitored_repos tweets          blocklist

Next Steps

Configuration

Customize bot behavior and settings

Webhook Setup

Configure GitHub webhooks for repository monitoring

Deployment

Deploy to production environments

Troubleshooting

Common issues and solutions

Build docs developers (and LLMs) love

Get started for freeTalk to us