This project is currently in a closed beta. Request access to send on-chain requests here https://functions.chain.link/
Chainlink Functions allows users to request data from almost any API and perform custom computation using JavaScript.
It works by using a decentralized oracle network (DON).
When a request is initiated, each node in the DON executes the user-provided JavaScript code simultaneously. Then, nodes use the Chainlink OCR protocol to come to consensus on the results. Finally, the median result is returned to the requesting contract via a callback function.
Chainlink Functions also enables users to share encrypted secrets with each node in the DON. This allows users to access to APIs that require authentication, without exposing their API keys to the general public.
- Node.js version 18.0 or greater
- Clone this repository to your local machine
- Open this directory in your command line, then run
npm install
to install all dependencies. - Set the required environment variables.
- This can be done by renaming the file
.env.example
to.env
(this renaming is important so that it does not get checked in with git!) and then changing the following values: a.PRIVATE_KEY
for your development wallet. b. One of eitherGOERLI_RPC_URL
,MUMBAI_RPC_URL
orSEPOLIA_RPC_URL
for the network that you intend to use. - If desired, the
REPORT_GAS
,ETHERSCAN_API_KEY
andPOLYGONSCAN_API_KEY
can also be set in order to verify contracts, along with any values used in thesecrets
object inFunctions-request-config.js
.
- This can be done by renaming the file
- There are two files to notice that the default example will use:
a.
contracts/FunctionsConsumer.sol
contains the smart contract that will receive the data. b.calculation-example.js
contains JavaScript code that will be executed by each node of the DON. - Test an end-to-end request and fulfillment to this contract locally by simulating it using:
npx hardhat functions-simulate
- Deploy and verify the consuming contract to an actual blockchain network by running:
npx hardhat functions-deploy-client --network network_name_here --verify true
Note: Make sureETHERSCAN_API_KEY
orPOLYGONSCAN_API_KEY
are set if using--verify true
, depending on which network is used. - Create, fund & authorize a new Functions billing subscription by running:
npx hardhat functions-sub-create --network network_name_here --amount LINK_funding_amount_here --contract 0xDeployed_client_contract_address_here
Note: Ensure your wallet has a sufficient LINK balance before running this command. - Make an on-chain request by running:
npx hardhat functions-request --network network_name_here --contract 0xDeployed_client_contract_address_here --subid subscription_id_number_here
Each of these commands can be executed in the following format.
npx hardhat command_here --parameter1 parameter_1_here --parameter2 parameter_2_here
Be sure to specify the desired network using the --network
parameter when running these commands (except for compile
and functions-simulate
, which only run locally).
Example: npx hardhat functions-read --network goerli --contract 0x787Fe00416140b37B026f3605c6C72d096110Bb8
Command | Description | Parameters |
---|---|---|
compile |
Compiles all smart contracts | |
functions-simulate |
Simulates an end-to-end fulfillment locally for the FunctionsConsumer contract | gaslimit (optional): Maximum amount of gas that can be used to call fulfillRequest in the client contract (defaults to 100,000 & must be less than 300,000) |
functions-deploy-client |
Deploys the FunctionsConsumer contract | verify (optional): Set to true to verify the FunctionsConsumer contract (defaults to false ) |
functions-request |
Initiates a request from an FunctionsConsumer client contract using data from Functions-request-config.js |
contract : Address of the client contract to call, subid : Billing subscription ID used to pay for the request, gaslimit (optional): Maximum amount of gas that can be used to call fulfillRequest in the client contract (defaults to 100,000 & must be less than 300,000), requestgas (optional): Gas limit for calling the executeRequest function (defaults to 1,500,000) |
functions-read |
Reads the latest response returned to a FunctionsConsumer client contract | contract : Address of the client contract to read |
functions-read-error |
Reads the latest error returned to a FunctionsConsumer client contract | contract : Address of the client contract to read |
functions-set-oracle-addr |
Updates the oracle address for a FunctionsConsumer client contract using the FunctionsOracle address from network-config.js |
contract : Address of the client contract to update |
functions-build-request |
Creates a JSON file with Functions request parameters | output (optional): Output file name (defaults to Functions-request.json) |
functions-build-offchain-secrets |
Builds an off-chain secrets object for one or many nodes that can be uploaded and referenced via URL | output (optional): Output file name (defaults to offchain-secrets.json) |
Command | Description | Parameters |
---|---|---|
functions-sub-create |
Creates a new billing subscription for Functions client contracts | amount (optional): Initial amount used to fund the subscription in LINK (decimals are accepted), contract (optional): Address of the client contract address authorized to use the new billing subscription |
functions-sub-info |
Gets the Functions billing subscription balance, owner, and list of authorized client contract addresses | subid : Subscription ID |
functions-sub-fund |
Funds a billing subscription with LINK | subid : Subscription ID, amount : Amount to fund subscription in LINK (decimals are accepted) |
functions-sub-cancel |
Cancels Functions billing subscription and refunds unused balance. Cancellation is only possible if there are no pending requests. | subid : Subscription ID, refundaddress (optional): Address where the remaining subscription balance is sent (defaults to caller's address) |
functions-sub-add |
Adds a client contract to the Functions billing subscription | subid : Subscription ID, contract : Address of the client contract to authorize for billing |
functions-sub-remove |
Removes a client contract from an Functions billing subscription | subid : Subscription ID, contract : Address of the client contract to remove from billing subscription |
functions-sub-transfer |
Request ownership of an Functions subscription be transferred to a new address | subid : Subscription ID, newowner : Address of the new owner |
functions-sub-accept |
Accepts ownership of an Functions subscription after a transfer is requested | subid : Subscription ID |
Command | Description | Parameters |
---|---|---|
functions-deploy-oracle |
Deploys & configures a new FunctionsRegistry, FunctionsOracleFactory and FunctionsOracle (OCR and Billing configs must be set separately afterwards) | |
functions-set-ocr-config |
Sets the OCR config using values from FunctionsOracleConfig.json | configfile : JSON file with generated OCR config |
functions-set-billing-config |
Sets the OCR config using values from FunctionsOracleConfig.json | configfile : JSON file containing billing config in a 'BillingRegistryConfig' field |
functions-set-don-key |
Sets the DON public key in the Functions oracle contract using value from network-config.js | |
functions-add-senders |
Add wallets to allowlist in the Oracle contract | addresses : Comma-separated list of addresses |
functions-remove-senders |
Remove wallets from allowlist in the Oracle contract | addresses : Comma-separated list of addresses |
functions-set-node-key |
Sets the per-node public key in the Functions oracle contract | key : Node-assigned public key (not preceeded with 0x), node (optional): Address of the node for which the public key is to be set (defaults to caller's address) |
In order to use an allowlist CSV file to add users to the whitelist:
- Download the allowlist CSV file and add it to the root of this repository
- Rename the file to
allowlist.csv
(or pass the file name for the--filename
argument in the command below) - Run the command
npx hardhat functions-add-senders --network network_name_here --eventcodes comma-separated_list_of_valid_event_codes_here
- This command will produce the files
updatedAllowlist.csv
andinvalidUsers.csv
.
updatedAllowlist.csv
will contain the contents ofallowlist.csv
, but will accurately update theApproved/Added
column as well as add to theNotes
column if the user was not added and indicate the reason of either invalid address, TOS agreement or event code.invalidUsers.csv
will contain any users fromallowlist.csv
who were not added due to invalid address, TOS agreement or event code, with the reason indicated in theNotes
column.
Chainlink Functions requests can be configured by modifying values in the requestConfig
object found in the Functions-request-config.js
file located in the root of this repository.
Setting Name | Description |
---|---|
codeLocation |
This specifies where the JavaScript code for a request is located. Currently, only the Location.Inline option is supported (represented by the value 0 ). This means the JavaScript string is provided directly in the on-chain request instead of being referenced via a URL. |
secretsLocation |
This specifies where the encrypted secrets for a request are located. Location.Inline (represented by the value 0 ) means encrypted secrets are provided directly in the on-chain, while Location.Remote (represented by 1 ) means secrets are referenced via encrypted URLs. |
codeLanguage |
This specifies the language of the source code which is executed in a request. Currently, only JavaScript is supported (represented by the value 0 ). |
source |
This is a string containing the source code which is executed in a request. This must be valid JavaScript code that returns a Buffer. See the JavaScript Code section for more details. |
secrets |
This is a JavaScript object which contains secret values that are injected into the JavaScript source code and can be accessed using the name secrets . This object will be automatically encrypted by the tooling using the DON public key before making an on-chain request. |
walletPrivateKey |
This is the EVM private key. It is used to generate a signature for the encrypted secrets such that the secrets cannot be reused by an unauthorized 3rd party. |
args |
This is an array of strings which contains values that are injected into the JavaScript source code and can be accessed using the name args . This provides a convenient way to set modifiable parameters within a request. |
expectedReturnType |
This specifies the expected return type of a request. It has no on-chain impact, but is used by the CLI to decode the response bytes into the specified type. The options are uint256 , int256 , string , or Buffer . |
secretsURLs |
This is an array of URLs where encrypted off-chain secrets can be fetched when a request is executed if secretsLocation == Location.Remote . This array is converted into a space-separated string, encrypted using the DON public key, and used as the secrets parameter. |
perNodeOffchainSecrets |
This is an array of secrets objects that enables the optional ability to assign a separate set of secrets for each node in the DON if secretsLocation == Location.Remote . It is used by the functions-build-offchain-secret command. See the Off-chain Secrets section for more details. |
globalOffchainSecrets |
This is a default secrets object that any DON member can use to process a request. It is used by the functions-build-offchain-secret command. See the Off-chain Secrets section for more details. |
The JavaScript source code for an Functions request can use vanilla Node.js features, but cannot use any imported modules or require
statements.
It must return a JavaScript Buffer which represents the response bytes that are sent back to the requesting contract.
Encoding functions are provided in the Functions library.
Additionally, the script must return in less than 10 seconds or it will be terminated and send back an error to the requesting contract.
In order to make HTTP requests, the source code must use the Functions.makeHttpRequest
function from the exposed Functions library.
Asynchronous code with top-level await
statements is supported, as shown in the file API-request-example.js
.
The Functions
library is injected into the JavaScript source code and can be accessed using the name Functions
.
In order to make HTTP requests, only the Functions.makeHttpRequest(x)
function can be used. All other methods of accessing the Internet are restricted.
The function takes an object x
with the following parameters.
{
url: String with the URL to which the request is sent,
method: (optional) String specifying the HTTP method to use which can be either 'GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD', or 'OPTIONS' (defaults to 'GET'),
headers: (optional) Object with headers to use in the request,
params: (optional) Object with URL query parameters,
data: (optional) Object which represents the body sent with the request,
timeout: (optional) Number with the maximum request duration in ms (defaults to 5000ms),
responseType: (optional) String specifying the expected response type which can be either 'json', 'arraybuffer', 'document', 'text' or 'stream' (defaults to 'json'),
}
The function returns a promise that resolves to either a success response object or an error response object.
A success response object will have the following parameters.
{
error: false,
data: Response data sent by the server,
status: Number representing the response status,
statusText: String representing the response status,
headers: Object with response headers sent by the server,
}
An error response object will have the following parameters.
{
error: true,
message: (may be undefined) String containing error message,
code: (may be undefined) String containing an error code,
response: (may be undefined) Object containing response from server,
}
This library also exposes functions for encoding JavaScript values into Buffers which represent the bytes that a returned on-chain.
Functions.encodeUint256(x)
takes a positive JavaScript integer numberx
and returns a 32 byte Buffer representingx
as auint256
type in Solidity.Functions.encodeInt256(x)
takes a JavaScript integer numberx
and returns a 32 byte Buffer representingx
as aint256
type in Solidity.Functions.encodeString(x)
takes a JavaScript stringx
and returns a Buffer representingx
as astring
type in Solidity.
Client contracts which initiate a request and receive a fulfillment can be modified for specific use cases. The only requirements are that the client contract extends the FunctionsClient
contract and the fulfillRequest
callback function never uses more than 300,000 gas.
An end-to-end request initiation and fulfillment can be simulated using the npx hardhat functions-simulate
command. This command will report the total estimated cost of a request in LINK using the latest on-chain gas prices. Costs are based on the amount of gas used to validate the response and call the client contract's fulfillRequest
function, plus a flat fee. Please note that actual request costs can vary based on gas prices when a request is initiated on-chain.
Instead of using encrypted secrets stored directly on the blockchain, encrypted secrets can also be hosted off-chain and be fetched by DON nodes via HTTP when a request is initiated.
Off-chain secrets also enable a separate set of secrets to be assigned to each node in the DON. Each node will not be able to decrypt the set of secrets belonging to another node. Optionally, a set of default secrets encrypted with the DON public key can be used as a fallback by any DON member who does not have a set of secrets assigned to them. This handles the case where a new member is added to the DON, but the assigned secrets have not yet been updated.
To use per-node assigned secrets, enter a list of secrets objects into perNodeOffchainSecrets
in Functions-request-config.js
before running the functions-build-offchain-secrets
command. The number of objects in the array must correspond to the number of nodes in the DON. Default secrets can be entered into the globalOffchainSecrets
parameter of Functions-request-config.js
. Each secrets object must have the same set of entries, but the values for each entry can be different (ie: [ { apiKey: '123' }, { apiKey: '456' } ]
). If the per-node secrets feature is not desired, perNodeOffchainSecrets
can be left empty and a single set of secrets can be entered for globalOffchainSecrets
.
To generate the encrypted secrets JSON file, run the command npx hardhat functions-build-offchain-secrets --network network_name_here
. This will output the file offchain-secrets.json
which can be uploaded to S3, Github, or another hosting service that allows the JSON file to be fetched via URL.
Once the JSON file is uploaded, set secretsLocation
to Location.Remote
in Functions-request-config.js
and enter the URL(s) where the JSON file is hosted into secretsURLs
. Multiple URLs can be entered as a fallback in case any of the URLs are offline. Each URL should host the exact same JSON file. The tooling will automatically pack the secrets URL(s) into a space-separated string and encrypt the string using the DON public key so no 3rd party can view the URLs. Finally, this encrypted string of URLs is used in the secrets
parameter when making an on-chain request.
URLs which host secrets must be available ever time a request is executed by DON nodes. For optimal security, it is recommended to expire the URLs when the off-chain secrets are no longer in use.