Ic-py Development and Ongoing Maintenance

Developers
,
29

:loudspeaker: ic-py v2.0.0 Release Announcement

We are excited to announce the release of ic-py v2.0.0, a major update to the Python Agent Library for the Internet Computer.

This version delivers significant improvements in endpoint migration, reliability, and certificate verification.

The PR for Milestone 1 and Milestone 2 has already been merged into the main repository. The maintainer will soon publish ic-py 2.0 to PyPI. Once released, I’ll update this thread with the PyPI package link.

:link: PR: #121

:rocket: What’s New in v2.0.0

1. Endpoint Upgrade

  • Migrated update calls from legacy /api/v2/.../call to the new BN v3 call endpoint (/api/v3/canister/.../call).
  • Adapted response parsing to handle v3 responses.
  • Improved retry logic and fixed the incomplete poll implementation.
  • Provides more stable request handling across boundary nodes.

References:

2. Timeouts & Error Classification

  • Added configurable timeout handling for agent calls.
  • Introduced structured error classification for common canister rejections.

References:

3. Certificate Verification (Security)

  • Added optional certificate verification using the official blst binding.
  • New parameter:
agent.update_raw(..., verify_certificate=True)
  • When enabled, the agent verifies the IC’s certified responses with BLS12-381 (G1 signature, G2 public key).
  • Full unit test coverage included for both successful and failure cases.

References:

:warning: Security Note: Certificate verification is disabled by default. For production workloads, we strongly recommend enabling verify_certificate=True and installing blst.

:hammer_and_wrench: Installation

pip3 install ic-py

If you enable certificate verification, you’ll need to install blst manually:

# Clone the official repo
git clone https://github.com/supranational/blst
cd blst/bindings/python

# For Apple Silicon (M1/M2) if ABI issues occur:
# export BLST_PORTABLE=1

python3 run.me

# Add to PYTHONPATH
export PYTHONPATH="$PWD:$PYTHONPATH"

Alternatively, copy blst.py and _blst*.so into your site-packages.

:backhand_index_pointing_right: Windows users: WSL2 is recommended for a smoother setup.

:bookmark: Version

  • Release version: v2.0.0

:raising_hands: Acknowledgments

Big thanks to the community for raising issues and highlighting security concerns. This release directly addresses several long-standing requests and vulnerabilities.

:backhand_index_pointing_right: GitHub Repository

2 Likes