sRFC 27: Blockchain Links (Blinks)

Blockchain links (”blinks”, for short) are fully-qualified URLs intended to expose Solana Actions to numerous clients. Blinks come in a few forms:

  1. actions.json published at the origin of a domain
    1. This file acts as a configuration file to allow remapping of human-readable, domain-specific URLs to alternative URLs for resolving Actions.
  2. URL-encoded Solana Actions endpoint included in the ?action= query parameter prefixed with solana-action:
  3. A URL with the solana-action: URI scheme

Rationale

Blockchain applications suffer from many user experience issues. In order for an application to prompt the user to sign and send a transaction via a browser wallet extension, the application needs to be wallet-aware, limiting the surface area of possible blockchain-related use-cases across the internet to only a handful of websites.

Blinks provide an opportunity to “break out” of that requirement by establishing a consistent standard for surfacing Solana Actions for direct invocation without having to leave the website. This can happen because browser extension wallets have full visibility of everything on the page, including blinks. In conjunction with the Solana Actions associated with the blink, the wallet is able to derive enough information to construct the transaction, simulate the transaction’s behavior, and present it to be signed and sent by the user, all without the originating website knowing anything about blockchain, or anything about Solana. Ultimately, the Solana blockchain is the always the operational source of truth, and the need for rigorous authentication schemes (i.e., click on link, login, recommit to the transaction) are pushed to the cryptographically-simple signature verification of the Solana protocol itself, making typically complex transactions like e-commerce as easy as signing and sending a transaction.

Put in layperson’s terms, blinks allows any website on the Internet that can display a URL to potentially be the start of a Solana transaction.

Additionally, given the richness of metadata (including OpenGraph) returned by blinks, other clients like Discord, Telegram, or even iMessage may be able to provide rich, interactive wallet-aware experiences without the native platform knowing anything about Solana.

Safety and Security

Blinks are associated to one or many Solana Actions, and each Solana Action lives at a domain that must be trusted by the user in some form or capacity; the Solana transaction itself is not embedded without context into the URL. The transaction returned by the Action API must still proceed through simulation, and still requires the user to sign and send in order to be “successful”, hence Actions surfaced via blinks have similar trust assumptions as going directly to the dApp, connecting to wallet, and subsequently signing / sending the transaction.

4 Likes