DCIPs/EIPS/eip-5219.md

---
eip: 5219
title: Contract Resource Requests
description: Allows the requesting of resources from contracts
author: Gavin John (@Pandapip1)
discussions-to: https://ethereum-magicians.org/t/pr-5219-discussion-contract-rest/9907
status: Final
type: Standards Track
category: ERC
created: 2022-07-10
---

## Abstract

This EIP standardizes an interface to make resource requests to smart contracts and to receive HTTP-like responses.

## Motivation

Ethereum is the most-established blockchain for building decentralized applications (referred to as `DApp`s). Due to this, the Ethereum DApp ecosystem is very diverse. However, one issue that plagues DApps is the fact that they are not fully decentralized. Specifically, to interface a "decentralized" application, one first needs to access a *centralized* website containing the DApp's front-end code, presenting a few issues. The following are some risks associated with using centralized websites to interface with decentralized applications:

- Trust Minimization: An unnecessarily large number of entities need to be trusted
- Censorship: A centralized website is not resistant to being censored
- Permanence: The interface may not have a mechanism that permits it to be permanently stored
- Interoperability: Smart Contracts cannot directly interact with DApp interfaces
  
## Specification

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

### Name Resolution

EIPs that propose a name resolution mechanism MAY reference this EIP and MAY recommend that clients support their mechanism. Clients MAY also support regular DNS, as defined in RFC 1034 and RFC 1035.

### Separation of Concerns

It is RECOMMENDED to separate the application logic from the front-end logic (the contract implementing the interface defined in [Contract Interface](#contract-interface)).

### Contract Interface

DApp contracts MUST implement the interface defined in the following file: [Contract Interface](../assets/eip-5219/IDecentralizedApp.sol).

### Note to Implementers

To save gas costs, it is recommended to use the `message/external-body` MIME-type, which allows you to point to data that the smart contract might not have access to. For example, the following response would tell a client to fetch the data off of IPFS:

```yaml
statusCode: 200
body: THIS IS NOT REALLY THE BODY!
headers:
  - key: Content-type
    value: message/external-body; access-type=URL; URL="ipfs://11148a173fd3e32c0fa78b90fe42d305f202244e2739"
```

## Rationale

The `request` method was chosen to be readonly because all data should be sent to the contract from the parsed DApp. Here are some reasons why:

- Submitting a transaction to send a request would be costly and would require waiting for the transaction to be mined, resulting in bad user experience.
- Complicated front-end logic should not be stored in the smart contract, as it would be costly to deploy and would be better run on the end-user's machine.
- Separation of Concerns: the front-end contract shouldn't have to worry about interacting with the back-end smart contract.
- Other EIPs can be used to request state changing operations in conjunction with a `307 Temporary Redirect` status code.

Instead of mimicking a full HTTP request, a highly slimmed version was chosen for the following reasons:

- The only particularly relevant HTTP method is `GET`
- Query parameters can be encoded in the resource.
- Request headers are, for the most part, unnecessary for `GET` requests.

## Backwards Compatibility

This EIP is backwards compatible with all standards listed in the [Name Resolution](#name-resolution) section.

## Security Considerations

The normal security considerations of accessing normal URLs apply here, such as potential privacy leakage by following `3XX` redirects.

## Copyright

Copyright and related rights waived via [CC0](../LICENSE.md).