Application I/O
Last updated
Last updated
Following page describes for an iExec application:
Mastering all sections in detail is not required, only pick what you need for your particular use-case.
The different kinds of input are listed below:
| name | type | confidentiality | provider |
|---|---|---|---|
* secret inputs are only available in Confidential Computing tasks.
The requester uses args to pass non-sensitive arguments to the app.
args are defined by the requester via requestorder params.iexec_args.
args are forwarded as they are, straight to the application.
The requester uses input files to pass non-sensitive files to process.
input files are defined by the requester via a list of download URLs in requestorder params.iexec_input_files.
Each input file is downloaded in the IEXEC_IN directory and gets its name exposed to the application via IEXEC_INPUT_FILE_NAME_x (where x is the index of the file starting with 1).
Input files count is exposed via IEXEC_INPUT_FILES_NUMBER.
The requester uses requester secrets to securely pass secrets to the application.
The requester pushes named secrets to the SMS.
The requester defines a mapping of secret names onto secret numbers via requestorder params.iexec_secrets (secrets numbers must be strictly positive).
Each requester secret is exposed to the application in IEXEC_REQUESTER_SECRET_x where x is the secret number set by the requester.
The requester uses a dataset to use third-party confidential data in the application.
The dataset provider creates a dataset and defines the governance in datasetorders.
The requester specifies the dataset to use via requestorder dataset.
The dataset file is downloaded and decrypted on the fly in the IEXEC_IN directory. It gets its name exposed to the application via IEXEC_DATASET_FILENAME.
The dataset address is also exposed via IEXEC_DATASET_ADDRESS.
The developer uses an app developer secret to inject an immutable secret into the application.
The app developer pushes an app developer secret to the Secret Management Service.
Once pushed, an app developer secret cannot be modified.
The app developer secret is exposed to the application in IEXEC_APP_DEVELOPER_SECRET
Runtime variables are environment variables set by the iExec protocol and available for your application.
* The requester may request multiple tasks in a single requestorder (Bag of Tasks), a unique index is given to each task of the bag.
An iExec application produces a result archive (zip file) for the requester with the following tree:
The iExec worker automatically creates stdout.txt and stderr.txt containing the logs of your application.
Your application must create the computed.json file in IEXEC_OUT when the computing is over.
Any file placed in IEXEC_OUT will also be added to the result archive.
Your application must always create a computed.json file in the iExec output directory as a proof of execution.
It contains at least a field deterministic-output-path which is the path of the deterministic portion of your results (file or a non-empty folder) and is required for the proof of execution (this file should always be the same when same inputs are given).
computed.json could look like { "deterministic-output-path" : "/iexec_out/result.txt" }.
The computed.json file is compared across replicated tasks in the Proof of Contribution protocol to achieve a consensus on workers.
iExec platform currently only supports result files whose name doesn't exceed 31 characters. Please ensure your file names respect this limit. Otherwise, the app execution on iExec will fail.
| Name | Type | Content |
|---|---|---|
| Name | Type | Content |
|---|---|---|
string
public
requester
files
public
requester
strings
secret*
requester
file
secret*
requester/ third-party
string
secret*
app developer
IEXEC_IN
path
Absolute path of iexec input folder
IEXEC_INPUT_FILES_NUMBER
int >= 0
Total number of input files
IEXEC_INPUT_FILE_NAME_x
string or unset
Name of the input file indexed by x (x starts with 1)
IEXEC_REQUESTER_SECRET_x
string or unset
requester secret number x (x starts with 1)
IEXEC_DATASET_FILENAME
string or unset
Name of the dataset file
IEXEC_DATASET_ADDRESS
address
ethereum address of the dataset used (or address zero)
IEXEC_APP_DEVELOPER_SECRET
string or unset
app developer secret
IEXEC_OUT
path
Absolute path of iexec output folder
IEXEC_TASK_ID
bytes32
taskid of the running task
IEXEC_BOT_TASK_INDEX
int >= 0
Index of the current task in the Bag of Tasks*
IEXEC_BOT_FIRST_INDEX
int >= 0
Index of the first task in the current Deal (Bag of task* subset)
IEXEC_BOT_SIZE
int >= 1
Total number of parallelized tasks in a Bag of Tasks*