Megathread: Community Submissions for DFINITY Foundation’s Roadmap

diegop · August 27, 2021, 4:47am

Yes, I do have one actually.

(linking to my latest comment in this thread)

Would this work? or am i missing some nuance?

diegop · August 27, 2021, 4:48am

Goodness me, yes, please.

wang · August 27, 2021, 11:54am

The usecase of a testnet is to have well, a testing environment, where ICP and cycle value is basically 0. This allows developers to test NNS integrations (eg. ledger and governance) without fear of losing money. This also allows us to test integrations with other services (eg. DeFi apps) before launching on mainnet.

This is in addition to a local dfx environment that includes all NNS canisters. Both are desirable to have.

diegop · August 27, 2021, 1:12pm

Ah yes of course. I totally forgot that when I replied last night. One not just needs toy cycles but also toy ICP to test defi and toy NNS. To be honest, I had heard that but totally blanked late night when I replied.

Apologies, folks. Makes sense.

Maxfinity · August 27, 2021, 6:15pm

Good to know you consider it a priority.

diegop · August 27, 2021, 8:57pm

Hey folks!

Re: Inter canister query calls

Following up on the update from this week:

We are spinning off this week one of the most desired features from the Roadmap: Inter Canister Query Calls

You can see the thread here: Inter-Canister Query Calls (Community Consideration)

Thank you to everyone who has been incredibly active in the thread. We really appreciate it and are greatly humbled by so many smart people dedicating time into this project that some of us have spent years on.

Whether you have spent years or minutes learning about the Internet Computer, I salute you

Please expect other suggestions to spin-off and become prioritize, but in the meantime, don’t miss out on the action going on in Increased Canister Smart Contract Memory - #56 by nomeata

diegop · August 27, 2021, 9:19pm

cc @witter @wang who were among those who suggested it.

lastmjs · August 27, 2021, 10:29pm

I agree with everyone talking about testnets, I think we need an environment, possibly completely separate from the IC for security reasons, that doesn’t store things of monetary or other value. A real playground like the Ethereum testnets

paulyoung · August 28, 2021, 10:23pm

Edit: moved to: Make HTTP Gateway spec public/open source

I would like to propose that the HTTP Gateway spec be made public/open source along with a process for proposing updates to the spec.

paulyoung · August 28, 2021, 10:27pm

Edit: moved to Upgrade HTTP request calls from `query` to `update` (upon canister's request)

I would also like to propose that my PR to upgrade HTTP request calls from query to update (upon canister’s request) be considered for merging, with some feedback about anything that may be blocking it.

github.com/dfinity/agent-rs

feat: upgrade HTTP request calls from query to update upon canister's request

dfinity:main ← paulyoung:paulyoung/http-request

opened 01:45AM - 28 May 21 UTC

paulyoung

+77 -21

Edit: the code in this PR no longer infers when to make an update call, it does …it upon the canister’s request. *** This is a first pass at inferring when to make an update call instead of a query call based on HTTP request methods. It's based on [this discussion thread](https://forum.dfinity.org/t/feature-request-map-appropriate-http-request-methods-to-update-calls/4303?u=paulyoung) in the developer forum. Thanks to @nomeata for some feedback and help getting to this point. I think this could be made a lot more configurable (perhaps via a file that is read when `icx-proxy` starts which maps methods/routes to functions) but what's here suits my needs for now so I thought I'd share it in case there's any interest in merging. Thanks in advance for considering this change. *** ```typescript import Text "mo:base/Text"; actor { type HeaderField = (Text, Text); type Token = {}; type StreamingCallbackHttpResponse = { body : Blob; token : Token; }; type StreamingStrategy = { #Callback : { callback : shared Token -> async StreamingCallbackHttpResponse; token : Token; }; }; type HttpRequest = { method : Text; url : Text; headers : [HeaderField]; body : Blob; }; type HttpResponse = { status_code : Nat16; headers : [HeaderField]; body : Blob; streaming_strategy : ?StreamingStrategy; }; public query func http_request(request : HttpRequest) : async HttpResponse { { status_code = 200; headers = []; body = Text.encodeUtf8("Response to " # request.method # " request (query)"); streaming_strategy = null; }; }; public shared func http_request_update(request : HttpRequest) : async HttpResponse { { status_code = 200; headers = []; body = Text.encodeUtf8("Response to " # request.method # " request (update)"); streaming_strategy = null; }; }; }; ``` ``` $ icx-proxy --fetch-root-key version: 0.2.1 May 27 18:24:15.771 INFO Log Level: INFO May 27 18:24:15.797 INFO Starting server. Listening on http://127.0.0.1:3000/ ``` ``` $ curl -v -X GET -H "Content-type: application/json" -H "Accept: application/json" -d '{}' 'http://localhost:3000?canisterId=rrkah-fqaaa-aaaaa-aaaaq-cai' * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 3000 (#0) > GET /?canisterId=rrkah-fqaaa-aaaaa-aaaaq-cai HTTP/1.1 > Host: localhost:3000 > User-Agent: curl/7.64.1 > Content-type: application/json > Accept: application/json > Content-Length: 61 > * upload completely sent off: 61 out of 61 bytes < HTTP/1.1 200 OK < content-length: 31 < date: Fri, 28 May 2021 01:27:24 GMT < * Connection #0 to host localhost left intact Response to GET request (query)* Closing connection 0 ``` ``` $ curl -v -X POST -H "Content-type: application/json" -H "Accept: application/json" -d '{}' 'http://localhost:3000?canisterId=rrkah-fqaaa-aaaaa-aaaaq-cai' Note: Unnecessary use of -X or --request, POST is already inferred. * Trying 127.0.0.1... * TCP_NODELAY set * Connected to localhost (127.0.0.1) port 3000 (#0) > POST /?canisterId=rrkah-fqaaa-aaaaa-aaaaq-cai HTTP/1.1 > Host: localhost:3000 > User-Agent: curl/7.64.1 > Content-type: application/json > Accept: application/json > Content-Length: 61 > * upload completely sent off: 61 out of 61 bytes < HTTP/1.1 200 OK < content-length: 33 < date: Fri, 28 May 2021 01:27:41 GMT < * Connection #0 to host localhost left intact Response to POST request (update)* Closing connection 0 ```

levi · August 28, 2021, 11:18pm

I say choosing to make a http-request into an update call is a portant one.

Also bout a test-net, personal ly I don’t see the need for a testnet besides a local one. I don’t even use the local one most of the time I am testing on the main net bc that’s where the code will run anyway.

nomeata · August 29, 2021, 8:20am

I support @paulyoung 's proposal. It’s a small and relatively simple change to an isolated component (the HTTP gateway and the service worker), but unblocks a whole new class of services to be run on the IC.

Blobby · August 29, 2021, 1:11pm

I think you meant ICIP not IIP , so we would have ICIP vs EIP or BIP

Blobby · August 29, 2021, 1:53pm

I thought that Dfinity was going to be creating a user friendly UI to allow anyone to easily claim their seed or airdrop tokens. The current technical requirements are a significant barrier and it seems that it would be a basic requirement to create such a UI. It seems extremely unfair that non technical donors are just left to wait endlessly to be able to access their tokens.

Sadly it appears there is no plan to do so unless I have missed an announcement. In which case I propose that we add that as an item here. it is a relatively minor point and probably may be overlooked, but it’s really more than a nice to have item it’s almost a core requirement that should have been implemented on launch. Maybe this UI will have many other uses and benefits beyond just claiming.

Further exacerbating this issue are the rumours that unclaimed seed round tokens will be swept up. November was even mentioned as a date. I find this hard to believe since this action combined with the technical barriers presented to non technical donors mentioned above would be akin to theft.

nomeata · August 29, 2021, 4:32pm

Here is another feature I’d like to get on the way, if possible:

Certified queries

Our update calls are nicely certified by the system. The canister doesn’t have to do anything, and all these calls are signed by the subnet. This is not the case for query calls, which are pretty much insecure by default. Yes, in some cases canisters can use certified variables to fix that, but it’s not always possible, and even if it is, it is fairly non-trivial. So as @senior.joinu rightfully asks: “why don’t we make this safe by default”.

A very vague design was discussed internally once, in the document “Certified variables” (only internally visible, found the link in my browser history).

@diegop, do you have the authority to allow me to re-share my thoughts on the implementation publicly that I wrote into that document back then? I am not sure whether any of that might be considered a “secret” that I must not discuss publicly. But maybe it’s fine if the implementation is hashed out internally only, as long as we outsiders get the feature eventually

It would be good to get this on the roadmap, as I think “secure queries by default” beholds the Internet Computer better than what we have right now. The current query methods could still be provided opt-in for those developers who made a deliberate choice.

Also, I think this can help with Inter-canister query calls; it might be the necessary solution for the question of “what do do with calls from query methods when in replicated state”. So it might be timely to discuss this variant too.

jzxchiang · August 29, 2021, 5:02pm

Agreed! It’d also be nice if that spec could support streaming uploads as well as streaming downloads, only the latter of which it currently supports.

jzxchiang · August 29, 2021, 6:37pm

Would also be really helpful if dfx could be open sourced.

Another thing: it’d speed up local development if the web server that’s bundled with dfx by default could be replaced with icx-proxy so that the dev environment is more similar to prod.

The current dfx web server constantly hangs in high throughput scenarios. Also, it doesn’t support http_request, making it really tough to test.

lastmjs · August 30, 2021, 1:19pm

No I meant IIP, I think it works best, the first I stands for Internet Computer

diegop · August 31, 2021, 4:14am

Fwiw, we are working on a solution that is both safe and easier. The current best path is that Non-technical seed round folks should use the ledger nano app (in development for months, out soon). That’s the best safe way for them to claim their neurons.

To your point what I just said has not been communicated very well. Point well taken. I have told the team this.

diegop · August 31, 2021, 4:15am

I am not sure i do to be honest, but i know who does and I will ask them today.