HOST Protocol

Webhooks for Web3. The first protocol-level outbound trigger in any EVM chain. Smart contracts that speak to the outside world — with cryptographic proof.

HTTP Outbound Service Trigger

CONTRACTCalls addRequest()with URL, payload,headers, nodesPRECOMPILEStatic call to 0x99executes the HTTPrequest atomicallyVALIDATORSigns the outboundrequest with itsprivate keyWEB2APION-CHAINOFF-CHAIN

The One-Way Street

Web3 has operated as a one-way street. Data enters from Web2, contracts execute, but nothing exits. Traditional Web2 services rely on webhooks — Stripe, Shopify, Slack, GitHub all use them. But blockchain developers are stuck with event logs that require indexing and polling.

Smart contracts are isolated by design. They can receive transactions and emit logs, but they cannot reach out. They can't call an API. They can't send a webhook. They can't even ping a server.

For enterprise adoption, this is a dealbreaker. Businesses need provable chains of custody — auditable proof that an on-chain event triggered a real-world action. Not event logs. Not polling middleware. Proof.

The Solution

HOST enables smart contracts to execute HTTP webhooks during transaction execution. Contracts can "speak back" to Web2 systems synchronously, eliminating the need for external indexing or polling middleware.

Every outbound request is signed by the validator that processed the transaction. This creates a cryptographic chain of custody — immutable, validator-attested proof that a specific on-chain event triggered a specific off-chain action.

This isn't a workaround or a middleware layer. HOST is a native precompile at address 0x...0099, built directly into the Vitruveo blockchain's execution layer.

Three-Layer Security Model

Not just anyone can trigger an outbound request. HOST enforces a strict permission hierarchy at every level.

LAYER 1: VALIDATOR NODEInfrastructure operators register on-chain, identified by unique addressesLAYER 2: DEVELOPEREOAs vetted by validators, must request and receive explicit approvalLAYER 3: SMART CONTRACTOnly whitelisted contracts registered by approved developerscan trigger HOST requests

Layer 1: Validator Node

Infrastructure operators register on-chain, identified by unique addresses with associated owner addresses managing approvals. Validators callregisterValidator(owner) to map their node address to an owner address.

Layer 2: Developer

EOAs vetted by validators must request and receive explicit approval before accessing validator services. Developers callrequestAccess(validatorNodeAddress), creating accountability and an audit trail.

Layer 3: Smart Contract

Only whitelisted contracts registered by approved developers can trigger HOST requests. Developers callregisterContract(validator, contract), enabling fine-grained control over which code can reach the outside world.

How It Works

A two-step atomic process: registration via the registry contract, then execution via static call to the HOST precompile.

01

Validator Onboarding

Validator calls registerValidator(owner), mapping its node address to an owner address that manages approvals.

02

Developer Access

Developer calls requestAccess(validatorNodeAddress) to request permission. Validator owner approves or denies.

03

Contract Whitelisting

Approved developer calls registerContract(validatorNodeAddress, contractAddress) to whitelist their contract.

04

Request Execution

Contract calls addRequest(url, payload, headers, nodes) on the registry, then makes a static call to the HOST precompile at 0x99.

End-to-End Encryption

HOST supports encrypted sensitive data using ECDH key agreement combined with AES-256-GCM symmetric encryption on the secp256k1 curve.

|PREFIXEphemeral PubKey65 bytesECDH secp256k1Nonce12 bytesCiphertextvariable lengthAES-256-GCMAuth Tag16 bytesCIPHERTEXT FORMAT

How It Works

Encrypted values are prefixed with | and are opaque on-chain — visible to everyone but decryptable only by the designated validator's private key.

The sender generates an ephemeral keypair, performs ECDH with the validator's public key to derive a shared secret, then encrypts with AES-256-GCM. The validator reverses the process using its private key.

Technical Details

Curve:secp256k1
Key Agreement:ECDH (Elliptic Curve Diffie-Hellman)
Symmetric Cipher:AES-256-GCM
Precompile Address:0x0000...0099
Registry:0xbdc8...5FA7

What HOST Enables

When smart contracts can reach the outside world with cryptographic proof, entirely new categories of applications become possible.

Autonomous Agents

Self-governing DAOs and intelligent automation systems that can interact with external services without human intervention.

Agentic Workflows

Multi-step AI tool chains triggered by blockchain events. A single transaction can kick off an entire automated pipeline.

Event-Driven AI

On-chain events triggering ML model analysis pipelines. Smart contracts that can call AI services and act on results.

Generative Content

NFT mints spawning AI-driven creative workflows. Token transfers triggering content generation with provable origin.

AI-Powered DeFi

Liquidation predictions, portfolio optimization signals, and risk assessment — all triggered natively from contract execution.

Enterprise Automation

Supply chain notifications, autonomous customer service, invoice generation — blockchain events driving real business processes.

Build with HOST

Interested in building on the HOST protocol or becoming a validator?

Contact Us