Megathread: Community Submissions for DFINITY Foundation’s Roadmap

cc @witter @wang who were among those who suggested it.

I agree with everyone talking about testnets, I think we need an environment, possibly completely separate from the IC for security reasons, that doesn’t store things of monetary or other value. A real playground like the Ethereum testnets


Edit: moved to: Make HTTP Gateway spec public/open source

I would like to propose that the HTTP Gateway spec be made public/open source along with a process for proposing updates to the spec.


Edit: moved to Upgrade HTTP request calls from `query` to `update` (upon canister's request)

I would also like to propose that my PR to upgrade HTTP request calls from query to update (upon canister’s request) be considered for merging, with some feedback about anything that may be blocking it.


I say choosing to make a http-request into an update call is a portant one.

Also bout a test-net, personal ly I don’t see the need for a testnet besides a local one. I don’t even use the local one most of the time I am testing on the main net bc that’s where the code will run anyway.

1 Like

I support @paulyoung 's proposal. It’s a small and relatively simple change to an isolated component (the HTTP gateway and the service worker), but unblocks a whole new class of services to be run on the IC.


I think you meant ICIP not IIP , so we would have ICIP vs EIP or BIP

I thought that Dfinity was going to be creating a user friendly UI to allow anyone to easily claim their seed or airdrop tokens. The current technical requirements are a significant barrier and it seems that it would be a basic requirement to create such a UI. It seems extremely unfair that non technical donors are just left to wait endlessly to be able to access their tokens.

Sadly it appears there is no plan to do so unless I have missed an announcement. In which case I propose that we add that as an item here. it is a relatively minor point and probably may be overlooked, but it’s really more than a nice to have item it’s almost a core requirement that should have been implemented on launch. Maybe this UI will have many other uses and benefits beyond just claiming.

Further exacerbating this issue are the rumours that unclaimed seed round tokens will be swept up. November was even mentioned as a date. I find this hard to believe since this action combined with the technical barriers presented to non technical donors mentioned above would be akin to theft.

Here is another feature I’d like to get on the way, if possible:

Certified queries

Our update calls are nicely certified by the system. The canister doesn’t have to do anything, and all these calls are signed by the subnet. This is not the case for query calls, which are pretty much insecure by default. Yes, in some cases canisters can use certified variables to fix that, but it’s not always possible, and even if it is, it is fairly non-trivial. So as @senior.joinu rightfully asks: “why don’t we make this safe by default”.

A very vague design was discussed internally once, in the document “Certified variables” (only internally visible, found the link in my browser history).

@diegop, do you have the authority to allow me to re-share my thoughts on the implementation publicly that I wrote into that document back then? I am not sure whether any of that might be considered a “secret” that I must not discuss publicly. But maybe it’s fine if the implementation is hashed out internally only, as long as we outsiders get the feature eventually :slight_smile:

It would be good to get this on the roadmap, as I think “secure queries by default” beholds the Internet Computer better than what we have right now. The current query methods could still be provided opt-in for those developers who made a deliberate choice.

Also, I think this can help with Inter-canister query calls; it might be the necessary solution for the question of “what do do with calls from query methods when in replicated state”. So it might be timely to discuss this variant too.


Agreed! It’d also be nice if that spec could support streaming uploads as well as streaming downloads, only the latter of which it currently supports.


Would also be really helpful if dfx could be open sourced.

Another thing: it’d speed up local development if the web server that’s bundled with dfx by default could be replaced with icx-proxy so that the dev environment is more similar to prod.

The current dfx web server constantly hangs in high throughput scenarios. Also, it doesn’t support http_request, making it really tough to test.


No I meant IIP, I think it works best, the first I stands for Internet Computer

Fwiw, we are working on a solution that is both safe and easier. The current best path is that Non-technical seed round folks should use the ledger nano app (in development for months, out soon). That’s the best safe way for them to claim their neurons.

To your point what I just said has not been communicated very well. Point well taken. I have told the team this.

I am not sure i do to be honest, but i know who does and I will ask them today.

Good point. This is actually happening very soon. I need to find out what status of this is. Last week it was “should be out soon”, so I will ask SDX team


Great point. This may be “a thing” or a simple feature someone can knock out. Let me ask them.

1 Like

This is great to hear. A ledger nano app would be a huge help and also far better for making easy to keep funds secured. So apologies for assuming the worst and thanks for letting us know the situation.

1 Like

Linked from the main thread to @skilesare, who does a great job of explaining the issue. This is a request to add original_caller() in inter-canister calls to enable third party-composable services, which will be really important for DEFI and authorisation in other composable services.


1 Like
1 Like


In telephony, a CFA or time slot w/ ability to collocate/scale.

Just tell us where to meet ya.

All the tools & the underutilized tariffs are there on the terrestrial side.

Am happy to be informed as to what real tangible opportunity in the IC system trumps this one.

Every client facing business plan in telecom/tech is about obtaining access and maintaining access to the client.

That is what this opportunity is ( it supercharges thousands of disparate business plans ) … oh including yours … yes I am talking to you … and you… all of you. All of your plans would get an octane boost from this.