Megathread: Community Submissions for DFINITY Foundation’s Roadmap

Ah yes of course. I totally forgot that when I replied last night. One not just needs toy cycles but also toy ICP to test defi and toy NNS. To be honest, I had heard that but totally blanked late night when I replied.

Apologies, folks. Makes sense.

1 Like

Good to know you consider it a priority.

2 Likes

Hey folks!

Re: Inter canister query calls

Following up on the update from this week:

We are spinning off this week one of the most desired features from the Roadmap: Inter Canister Query Calls :trumpet: :trumpet: :boom:

You can see the thread here: Inter Canister Query Calls (Community Consideration)

Thank you to everyone who has been incredibly active in the thread. We really appreciate it and are greatly humbled by so many smart people dedicating time into this project that some of us have spent years on.

Whether you have spent years or minutes learning about the Internet Computer, I salute you :bowing_man:

Please expect other suggestions to spin-off and become prioritize, but in the meantime, don’t miss out on the action going on in Increased Canister Storage - #56 by nomeata

4 Likes

cc @witter @wang who were among those who suggested it.

I agree with everyone talking about testnets, I think we need an environment, possibly completely separate from the IC for security reasons, that doesn’t store things of monetary or other value. A real playground like the Ethereum testnets

6 Likes

Edit: moved to: Make HTTP Gateway spec public/open source


I would like to propose that the HTTP Gateway spec be made public/open source along with a process for proposing updates to the spec.

7 Likes

Edit: moved to Upgrade HTTP request calls from `query` to `update` (upon canister's request)


I would also like to propose that my PR to upgrade HTTP request calls from query to update (upon canister’s request) be considered for merging, with some feedback about anything that may be blocking it.

7 Likes

I say choosing to make a http-request into an update call is a portant one.

Also bout a test-net, personal ly I don’t see the need for a testnet besides a local one. I don’t even use the local one most of the time I am testing on the main net bc that’s where the code will run anyway.

1 Like

I support @paulyoung 's proposal. It’s a small and relatively simple change to an isolated component (the HTTP gateway and the service worker), but unblocks a whole new class of services to be run on the IC.

4 Likes

I think you meant ICIP not IIP , so we would have ICIP vs EIP or BIP

I thought that Dfinity was going to be creating a user friendly UI to allow anyone to easily claim their seed or airdrop tokens. The current technical requirements are a significant barrier and it seems that it would be a basic requirement to create such a UI. It seems extremely unfair that non technical donors are just left to wait endlessly to be able to access their tokens.

Sadly it appears there is no plan to do so unless I have missed an announcement. In which case I propose that we add that as an item here. it is a relatively minor point and probably may be overlooked, but it’s really more than a nice to have item it’s almost a core requirement that should have been implemented on launch. Maybe this UI will have many other uses and benefits beyond just claiming.

Further exacerbating this issue are the rumours that unclaimed seed round tokens will be swept up. November was even mentioned as a date. I find this hard to believe since this action combined with the technical barriers presented to non technical donors mentioned above would be akin to theft.

Here is another feature I’d like to get on the way, if possible:

Certified queries

Our update calls are nicely certified by the system. The canister doesn’t have to do anything, and all these calls are signed by the subnet. This is not the case for query calls, which are pretty much insecure by default. Yes, in some cases canisters can use certified variables to fix that, but it’s not always possible, and even if it is, it is fairly non-trivial. So as @senior.joinu rightfully asks: “why don’t we make this safe by default”.

A very vague design was discussed internally once, in the document “Certified variables” (only internally visible, found the link in my browser history).

@diegop, do you have the authority to allow me to re-share my thoughts on the implementation publicly that I wrote into that document back then? I am not sure whether any of that might be considered a “secret” that I must not discuss publicly. But maybe it’s fine if the implementation is hashed out internally only, as long as we outsiders get the feature eventually :slight_smile:

It would be good to get this on the roadmap, as I think “secure queries by default” beholds the Internet Computer better than what we have right now. The current query methods could still be provided opt-in for those developers who made a deliberate choice.

Also, I think this can help with Inter-canister query calls; it might be the necessary solution for the question of “what do do with calls from query methods when in replicated state”. So it might be timely to discuss this variant too.

7 Likes

Agreed! It’d also be nice if that spec could support streaming uploads as well as streaming downloads, only the latter of which it currently supports.

2 Likes

Would also be really helpful if dfx could be open sourced.


Another thing: it’d speed up local development if the web server that’s bundled with dfx by default could be replaced with icx-proxy so that the dev environment is more similar to prod.

The current dfx web server constantly hangs in high throughput scenarios. Also, it doesn’t support http_request, making it really tough to test.

3 Likes

No I meant IIP, I think it works best, the first I stands for Internet Computer

Fwiw, we are working on a solution that is both safe and easier. The current best path is that Non-technical seed round folks should use the ledger nano app (in development for months, out soon). That’s the best safe way for them to claim their neurons.

To your point what I just said has not been communicated very well. Point well taken. I have told the team this.

I am not sure i do to be honest, but i know who does and I will ask them today.

Good point. This is actually happening very soon. I need to find out what status of this is. Last week it was “should be out soon”, so I will ask SDX team

4 Likes

Great point. This may be “a thing” or a simple feature someone can knock out. Let me ask them.

1 Like

This is great to hear. A ledger nano app would be a huge help and also far better for making easy to keep funds secured. So apologies for assuming the worst and thanks for letting us know the situation.

1 Like