Enable canisters to make HTTP(S) requests

Dear community!

We are happy to announce that, after many months of hard engineering work, the public rollout of the HTTPS outcalls feature has been started and the feature has been rolled out to a subset of the IC’s subnets already by now! This enables, for the first time in blockchain history, smart contracts to directly talk to Web 2.0 servers without the need for an oracle.

Last week, we made the final implementation changes to the replica code base as required for the rollout of the HTTPS outcalls feature. The replica version 4bd164bb containing those changes was elected this Monday, Sep 26, by NNS proposal 82425. This replica version has since started to be rolled out to the subnets of the IC using the standard process of updating the subnets one by one over the course of a week. The subnet fuqsr has been updated to the latest replica on Tuesday with NNS proposal 83069 for the purpose of smoke testing the HTTPS outcalls feature before the wider rollout, which has been successfully concluded on Tuesday.

The team has meanwhile proposed activation of the HTTPS outcalls feature on multiple subnets of the IC as shown in the following NNS proposals, all of which have been accepted and executed already.

• NNS proposal 83275, subnet io67a

• NNS proposal 83318, subnet w4asl

• NNS proposal 83319, subnet snjp4

• NNS proposal 83328, subnet o3ow2

• NNS proposal 83342, subnet 4ecnw

• NNS proposal 83343, subnet lspz2

• NNS proposal 83344, subnet lhg73

Towards an IC-wide rollout, the feature will be progressively activated on further subnets of the IC that have been updated to the latest replica version.

The feature is flagged as experimental initially until we have gained some operational experience with it in the wild (i.e., on IC mainnet). Also, we will release an API upgrade that simplifies the implementation of transformation functions for certain classes of APIs and allows for covering an even wider set of HTTP APIs in the near future. This change will be a breaking API change, which is another reason for flagging the feature as experimental for now.

You can use the feature on subnets on which it has been activated already now. Soon, all application subnets of the IC will have the feature activated. You need to upgrade to the latest beta version of the development tools (dfx 0.12.0-beta.3) in order to code with the feature. As this is a beta version, please install using the following command:

DFX_VERSION=0.12.0-beta.3 sh -ci "$(curl -fsSL https://internetcomputer.org/install.sh)"

Further information

Some links to informative information sources are provided next. For those among you who want to get started coding HTTPS outcalls right away, we recommend to dive into the documentation immediately.

• Web page

• Wiki

• Blog post

• Documentation: Overview and details

• Sample dApp

• Interface specification

Many thanks to the team working on the feature for their excellent work!

Happy coding!

Congratulations on the launch and the amazing work done by the team!

I deploy the sample code,but the canister did not return any icp price. How can i to solve this probloem?

Hi @heyuanxun , there are some updates to the sample dapp that is going through review, and expect to be merged this week. If you would like, please feel free to download from the branch and try.

I did all of the upgrades and pushed to the IC… still not working. It works on local with DFX 0.12 and the transform in the updates.

Is the change on all of the subnets?

Got it Error: “This API is not enabled on this subnet”

Please activate on pae4o-o6dxf-xki7q-ezclx-znyd6-fnk6w-vkv5z-5lfwh-xym2i-otrrw-fqe as there is no method to choose a subnet.

Not yet, it is being rolled out to all application subnets.

The rollout process of the feature will activate it on all subnets, please have some more patience or try a couple of times until you land on an already-activated subnet with your canister.

Thank you! How long is the rollout process?

updates are now merged

Hello, is there a Motoko HTTP outcall implementation example?

Here you go: Motoko example for HTTPS Outcalls

Perfect, thank you!

Is it possible to solve the oracle problem on ICP utilizing HTTPS requests? Linkies (ticker:LINK) say it’s not possible, talking about verifying data truth and having decentralized data input. Can a replacement for Link be built on ICP? Or is there an inherent fault in IC’s structure to handle precisely this?

Would it be possible to have a oracle specific subnet? I think chainlink pays nodes to verify the data.

Oracles built on ICP can probably replace the parts of Chainlink that just query nonpermissoned APIs, but I think it will be hard to replicate nodes querying permissioned APIs (which Chainlink does as well).

Why is that? Why can only link use permissioned APIs?

Hard, but not impossible? And how about ccip? Can cross chain communication be built on icp?

Permissioned private APIs would be really hard. A canister dev would have to get permission/access to an company’s internal APIs which would probably involve giving out a password and saving it into nodes they dont control. On Chainlink the company controls the nodes that query their private APIs.

Hi all, I am writing to let you know that we are planning a breaking change to the interface of the HTTPS outcalls soon. I would like to remind you that this API is still experimental, and further breaking changes may still happen in the near future as we discover more issues and use cases.

Specifically, the upcoming change will be around the transform function. We realized that the initial design of this function, expected it to operate on a response without any context or correlation with the request to which this response corresponds. This makes devs hard time if they issue multiple HTTP requests, especially if these go to the same remote server.

The new API will let developers specify a context in their request, and this context will be passed as another argument to the transform function. The context is essentially a blob, and devs can encode anything into it. This helps devs to better filter the results already in the transform function.

We will communicate the rollout of this breaking change here in this thread, so please follow in the upcoming ~2 weeks. Once the subnet on which your canister is running gets updated, canisters using the existing API may break.