implement seller bot that can be deployed to heroku in a no-code fashion

[danoctavian]

Reason:

This way the seller does not need to be present when buyers make purchases to deliver the goods and automate item delivery, and item delivery validation. This cannot be done with a client-side app because some code needs to be running at all time to handle events in a timely manner (eg. a buyer submits a purchase offer).

The goal here is to have a deployment a seller can easily setup (no code required, no advanced knowledge required) and most importantly, CAN TRUST.

Can create a deploy to heroku button for a process that loops and checks the contract for new purchase offers for that particular seller. It moves the requested item to the sellers inventory and calls for confirmation of trade.

Can use the following functionality to create a button and schedule a chron job.
https://devcenter.heroku.com/articles/heroku-button
https://devcenter.heroku.com/articles/scheduler

Important security considerations:

• Refund Timing attack - if the user does not accept the trade offer within a reasonable time, retract the trade offer so that there is no timing attack where the buyer accepts the offer last minute and then asks for a refund as well.
• Steam credentials security - the process will be holding steam credentials for the sellers account. Ensure that the job is inaccesible from outside (no open ports) and that the deployer clearly understands this issue.
• Ethereum private key security - this process will hold the private key for the seller's address in order to make the call to check for item delivery (ETH cost) and perhaps a refund strategy for Link tokens from the same address.