Contract Resource Requests
This EIP standardizes an interface to make resource requests to smart contracts and to receive HTTP-like responses.
Ethereum is the most-established blockchain for building decentralized applications (referred to as
DApps). Due to this, the Ethereum DApp ecosystem is very diverse. However, one issue that plagues DApps is the fact that they are not fully decentralized. Specifically, to interface a "decentralized" application, one first needs to access a centralized website containing the DApp's front-end code, presenting a few issues. The following are some risks associated with using centralized websites to interface with decentralized applications:
- Trust Minimization: An unnecessarily large number of entities need to be trusted
- Censorship: A centralized website is not resistant to being censored
- Permanence: The interface may not have a mechanism that permits it to be permanently stored
- Interoperability: Smart Contracts cannot directly interact with DApp interfaces
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
EIPs that propose a name resolution mechanism MAY reference this EIP and MAY recommend that clients support their mechanism. Clients MAY also support regular DNS, as defined in RFC 1034 and RFC 1035.
Separation of Concerns
It is RECOMMENDED to separate the application logic from the front-end logic (the contract implementing the interface defined in Contract Interface).
DApp contracts MUST implement the interface defined in the following file: Contract Interface.
Note to Implementers
To save gas costs, it is recommended to use the
message/external-body MIME-type, which allows you to point to data that the smart contract might not have access to. For example, the following response would tell a client to fetch the data off of IPFS:
statusCode: 200 body: THIS IS NOT REALLY THE BODY! headers: - key: Content-type value: message/external-body; access-type=URL; URL="ipfs://11148a173fd3e32c0fa78b90fe42d305f202244e2739"
request method was chosen to be readonly because all data should be sent to the contract from the parsed DApp. Here are some reasons why:
- Submitting a transaction to send a request would be costly and would require waiting for the transaction to be mined, resulting in bad user experience.
- Complicated front-end logic should not be stored in the smart contract, as it would be costly to deploy and would be better run on the end-user's machine.
- Separation of Concerns: the front-end contract shouldn't have to worry about interacting with the back-end smart contract.
- Other EIPs can be used to request state changing operations in conjunction with a
307 Temporary Redirectstatus code.
Instead of mimicking a full HTTP request, a highly slimmed version was chosen for the following reasons:
- The only particularly relevant HTTP method is
- Query parameters can be encoded in the resource.
- Request headers are, for the most part, unnecessary for
This EIP is backwards compatible with all standards listed in the Name Resolution section.
The normal security considerations of accessing normal URLs apply here, such as potential privacy leakage by following
Copyright and related rights waived via CC0.
不想错过最新的 EIP 动态？
订阅 EIPs Fun 周刊以跟进相关更新，建⽴你与 EIP 之间的连接 ，更好地建设以太坊。详情