Canisters are not yet able to certify chunks, and boundary nodes and the service-worker do not check chunk certificates, respectively.
GitHub issue: https://github.com/dfinity/certified-assets/issues/10
I’m getting near the end of implementing partial responses for asset canisters, which allows more advanced streaming of audio and video content. My solution is working well locally, and I’ve deployed the new asset canister to production.
The problem is that in production the partial responses no longer work. There are a few response headers that are key to getting this to work, Content-Range and Accept-Ranges. I wonder if the …
I even prepared a draft solution for this problem, but it has not been reviewed yet
dfinity:main ← 3cL1p5e7:feature/certified_chunks
opened 08:44AM - 28 Feb 22 UTC
That is a part of proposal about chunks certification (with backward compatibili… ty).
_These improvements are a proposal to improve the certification infrastructure around IC and might be considered as a recommendation for dfinity-team._
### Goal
Make it possible to certify asset chunks. Validate chunk certificates on the service-worker and icx-proxy.
### Why
At the moment, the service-worker and icx-proxy does not support the certification of chunkified files. Moreover, right now it is not possible to correctly stream chunkified and large audio and video files to the front-end.
This problems could be solved independently if it would be possible to install an additional service-worker in the certified zone of the domain `ic0.app` (for 206 partial http-request handling). But is is impossible because there is unable to place custom worker on `ic0.app` domain.
Making your own custom player for audio and video is extremely difficult due to the large number of formats and non-native implementation.
### Details
To make this possible, support for HTTP-range requests for `http_request` query method has been added. This is done to support native html `audio/video` element (which uses 206 partial http-request) and to determine the index of the chunk throught 206 partial http-request.
Using 206 partial http-requests allows you to focus only on certification in the worker and icx-proxy.
### Steps
1. (Here) It all starts with here
2. Did file was updated in [PR for certified-assets-canister](https://github.com/dfinity/certified-assets/pull/25)
3. Service-worker started supporting chunk_tree certificate verification in [PR for ic](https://github.com/dfinity/ic/pull/12)
4. icx-proxy started supporting chunk_tree certificate verification in [PR for icx-proxy](https://github.com/dfinity/icx-proxy/pull/24)
5. Added support for new certified-assets-canister did in [PR for agent-rs](https://github.com/dfinity/agent-rs/pull/313)
Let’s hope that dfinity-team will pay attention to this problem
1 Like