What is your Applicant Name*
Ryan Soury
What is your Email?
ryan@usher.so
Can you provide more information about yourself?
Ryan is the Founder and Solutions Architect at Usher Labs, a research and development firm dedicated to securing “trusted” data for managing digital assets on blockchains. The main solution developed by Usher Labs is Verity, a zkTLS protocol.
Verity enables the verification that data from any API is genuine and unchanged, while keeping both data and specific parameters private. This allows for the verification of data from even restricted APIs on any blockchain. In simple terms, it proves that data truly comes from the intended API without exposing sensitive information.
Ryan plays a key role with companies like Truflation, leading the architecture for decentralised technologies and implementing Verity. Verity is also being adopted by projects like ChainSight and Rooch Network, and Usher Labs partners with Kwil and Streamr to support DePINs that require verifiable data management.
What is the name of the project?
Band “Any API” — Connect and verify data sourced from any restricted API.
What category does the project fall under?
ie. (Development, Research, Community, Infrastructure) Development
Infrastructure
Can you provide a project description?
The original vision of the Band Protocol is to connect the world’s data to blockchains and smart contracts across various ecosystems, as outlined in the BandChain Oracle. However, a challenge arises when data is behind restricted APIs that require specific API keys or contract agreements. Currently, data from these sources is accessed within environments managed by Band’s Validators through Remote Data Source Execution, which necessitates sharing secrets and private parameters with the Validators. This requirement discourages the integration of restricted APIs with the Band data delivery protocol.
Our project aims to solve this issue. By leveraging the Verity protocol, we plan to extend Band’s accessibility to these restricted data sources while preserving privacy and ensuring full verification of the data’s authenticity and integrity. This integration is achieved using Band’s Oracle Scripts, where zkTLS proofs can be verified before delivering the data to any network supported by Band.
What are the project goals?
This project aims to create a framework that allows developers to deploy a Band Data Source and self-host an “External Adapter”. This will enable any API to connect to the Band Protocol for secure on-chain data delivery.
An “External Adapter” is a concept inspired from Chainlink, where developers deploy a self-hosted function to access data while maintaining control over sensitive information.
The project flow is as follows:
-
The on-chain caller (e.g., the
cw-bandintegrated app-chain) submits a request for data, using the Verity Oracle Script (VOS) identified by a unique identifier.The VOS accepts two parameters: a Data Source ID to fetch data from and a JQ value to verify the response.
-
The
ask_external_data(i64, i64, &[u8])function is executed within the Oracle Script’s entry point. -
Developers can create their own Data Sources, for example, using Band Builder.
Each new Data Source acts as a proxy to an External Adapter (EA) managed and hosted by the developer (e.g., on AWS Lambda).
-
The Data Source uses a Python script to send the request to the External Adapter.
-
The External Adapter (EA) performs the following tasks:
a. Generates a TLS Proof using the Verity Prover library.The Verity Prover works with a Verity Notary to support TLS Proof generation.
b. Extracts the required data value.
c. Sends the data value as a byte array in the response. -
The results are sent back to the Data Source executable and then to the VOS OWasm Oracle Script.
-
The VOS Oracle Script:
a. Receives the TLS Proof, extracted data value, and result byte array.
b. Verifies the TLS Proof using a built-in Rust verification library.
c. Confirms that the extracted data value matches the result byte array.
Optional: For more control over the output, developers can deploy their own Oracle Script to process the output of the Data Source.
To better understand this flow, please refer to the two diagrams provided below:
How does this project bring value to the Band Ecosystem?
This project will enable Band to securely deliver verified data from any API while preserving privacy. By leveraging Band’s unique source-at-request model, it creates new incentives and a framework for developers to deploy Data Sources that are only accessed when an on-chain payment is made.
The key motivation to adopt Band “Any API” is that it fully abstracts away the complexity of verifying that data is authentic to its source. This value proposition is not currently offered by other Decentralised Oracle Networks (DONs). Additionally, Band’s permissionless nature allows developers to create new Data Sources freely, further enhancing its utility and appeal.
With an end-to-end verifiable data pipeline—from API to Smart Contract—powered by Band, we aim to drive adoption among protocols that need data from restricted APIs, such as those in sports, ticketing, business applications, social networks, and beyond.
Can you provide a project implementation plan with milestones?
Milestone #1 — Framework Development
The first phase focuses on building the essential components for the “Any API” integration:
- Developing the Verity Oracle Script (VOS) to manage the entry point for the Data Source and handle TLS proof verification.
- Creating a Band Data Source template to simplify the deployment of new Data Sources by developers.
- Building the External Adapter (EA) framework to enable secure data fetching and TLS proof generation.
Milestone #2 — Unit Tests and End-to-End (E2E) Tests
With the framework components developed, we will proceed with rigorous testing:
- This phase includes comprehensive unit tests for each component to ensure they function correctly, reliably, and securely.
- We will conduct end-to-end tests to validate the entire data pipeline, from API request to on-chain verification. These tests will be recorded using X (Twitter) data as a source to demonstrate practical application.
Milestone #3 — Expanding Band Documentation with an “Any API” Section
The final phase focuses on enhancing Band’s documentation to support developers in using the new “Any API” feature.
This includes creating a new “Any API” section that provides:
- A reference to the framework’s source code.
- Step-by-step instructions for deploying a new Band Data Source that proxies requests to a self-hosted External Adapter.
- An overview of the entire process, supplemented with diagrams to help developers understand the framework’s purpose and how it ensures end-to-end data verification.
By completing these milestones, we aim to deliver a robust, secure, and user-friendly framework for integrating any API with the Band Protocol.
What budget are you requesting? (In dollars or BAND)
We estimate that the base development for this project will require approximately 110 hours over a period of 4 weeks. Based on a rate of $80 USD per hour, we are requesting a budget of $8,800, which we are also happy to accept in BAND tokens.
Additionally, since the development will utilise Verity infrastructure, we are eager to engage in co-marketing and co-supporting hackathons to encourage developers to integrate data from any API.
To conclude…
We believe this proposal offers a valuable enhancement to the Band ecosystem by enabling seamless integration of data from any API in a secure, verified manner. However, we welcome any feedback, suggestions, or critiques from the community to help us refine and strengthen this initiative further.
If you have ideas on how we can improve this framework, or if you wish to challenge any aspect of its design or purpose, please share your thoughts.