OutLayer. Verifiable off-chain computation for NEAR Blockchain

Getting Started

What is OutLayer?#

OutLayer lets you run any off-chain code (random numbers, HTTP requests, AI models, heavy computations) with cryptographic proof that exactly the code you specified ran with the inputs you provided.

Call OutLayer from NEAR smart contracts (yield/resume) or any app via HTTPS. Every execution produces verifiable TEE attestation - no trust required, just math.

Verifiable Execution (TEE)#

Every OutLayer execution runs inside Intel TDX (Trusted Execution Environment) and produces a cryptographic attestation proving:

🔐 Code Integrity - SHA256 of exact WASM binary

📥 Input Integrity - SHA256 of input data

📤 Output Integrity - Result from that code + input

🛡️ Worker Identity - Verified TEE measurements

🎯 Why this matters: Anyone can independently verify that your code ran correctly. No "trust us" - cryptographic proof signed by Intel hardware.Learn more →

Upgradeable TEE Vault#

Build wallet apps where private keys live inside TEE. Update your code anytime — secrets persist across upgrades thanks to Confidential Key Derivation (CKD).

How it works: Your project gets a unique derived key from DAO-controlled master key. Only your WASM code running in TEE can access it. Change your code — same key, same secrets.

💡 CKD Documentation • DAO Governance →

Two Ways to Use OutLayer#

Choose based on your use case. Both provide the same verifiable execution guarantees.

🔗 Blockchain (NEAR)

• Smart contract callbacks via yield/resume
• Pay with NEAR tokens
• On-chain settlement & refunds
• Best for: DeFi, DAOs, on-chain apps

Full documentation →

🌐 HTTPS API

• Direct HTTP calls, instant response
• Pay with USDC (Payment Keys)
• No blockchain knowledge needed
• Best for: Web apps, APIs, backends

Full documentation →

Blockchain Flow (NEAR Yield/Resume)#

NEAR's yield/resume allows smart contracts to pause execution, wait for off-chain computation, then resume with the result - all in one logical transaction.

User→Contract

Contract→OutLayer

request_execution(repo, input_data, limits, secrets)

⏸️ YIELD - Transaction paused

OutLayer→Worker

🔨 Off-chain work:

• Clone from GitHub

• Compile code (10 sec+)

• Execute WASM (<1 sec - few min)

• Read stdout output

Worker→OutLayer

Return execution output

OutLayer→Contract

▶️ RESUME - Process result in callback

✅ Transaction Complete!

User receives final result

🎯 Key benefit: From the user's perspective, it's still ONE transaction. They click once, wait a few seconds, and get the final result. No manual follow-up transactions needed.

HTTPS Flow (Direct API)#

Call OutLayer directly via HTTPS - no blockchain transactions, instant response. Ideal for developers who want to monetize their APIs and provide users with cryptographic proof of what code actually ran.

Your App→OutLayer API

POST + Payment Key + optional tip to author

API→TEE Worker

🔨 TEE execution:

• Load cached WASM

• Execute with input

• Generate attestation

Worker→API→App

✅ Instant Response!

JSON with result + attestation proof

🎯 Key benefit: Sub-second response, no blockchain knowledge needed. Same verifiable execution, just via HTTP. Pay with USDC via Payment Keys. Optionally send payment to app author via X-Attached-Deposit header.

Why OutLayer Makes This Easy#

✅ No infrastructure setup - We run the workers, you just write code

✅ No access control headaches - Your contract stays in control. We just return results, you decide what to do with them in your callback

✅ No worker delegation - You don't give us permissions on your contract. We can't do anything except call your callback with results

✅ GitHub-based deployment - Push code to GitHub, reference the repo in your contract call. We compile and execute automatically

✅ Encrypted secrets support - Need API keys? Store them encrypted on-chain with access control, we inject them as environment variables during execution

Quick Start: 4 Steps#

1️⃣ Write Your Code

Create a project that compiles to WebAssembly. Rust recommended, other languages supported.

📖 Tutorial • Examples • Building Apps

2️⃣ Push to GitHub or Provide WASM URL

Option A: Push to GitHub (public or private with access tokens). OutLayer will clone and compile on-demand.

Option B: Host pre-compiled WASM file anywhere and provide direct URL.

⏱️ GitHub: first execution compiles (10-30 sec), then cached. WASM URL: instant execution.

3️⃣ Call OutLayer

Option A: HTTPS API — call directly from any app

curl -X POST https://api.outlayer.io/call/owner/project \
  -H "X-Payment-Key: pk_..." \
  -d '{"param": 123}'

📖 HTTPS Guide • API Reference

Option B: NEAR transaction

near call outlayer.testnet request_execution '\
  {"source": {"GitHub": {"repo": "github.com/you/project", "commit": "main"}}, \
   "input_data": "{\"param\":123}"}' \
  --accountId you.testnet --deposit 0.1

Option C: Smart contract integration

📖 Contract Integration Guide

4️⃣ Receive Result

HTTPS returns JSON response instantly. NEAR contract receives callback automatically. Excess payment refunded based on actual resources used.

5️⃣ Verify Attestation

Every execution produces TEE attestation — cryptographic proof of what code ran with what inputs.

📖 How Attestation Works • View Executions

Secrets#

Store encrypted API keys and credentials with access control. OutLayer decrypts them during execution — your code reads them as environment variables. Update your code anytime — secrets persist across upgrades.

🔐 Protected Secrets (CKD): Generate keys that nobody knows — not even you. Only your WASM code running in TEE can access them. Perfect for wallet apps and signing keys.

💡 Manage Secrets • CKD Docs • Learn more →

OutLayer Documentation