Realizing the Vision of the World Computer
Learn how the Internet Computer blockchain realizes the vision of the World Computer. Dive into its technology, open-source repositories, in-depth video academy sessions, white papers, publications, and detailed technology articles.
Architecture of the Internet Computer
The Internet Computer (IC) realizes the vision of a World Computer – an open and secure blockchain-based network that can host programs and data in the form of smart contracts, perform computations on smart contracts in a secure and trustworthy way, and scale infinitely. To achieve this, blockchain technology – the foundation of the IC – had to be reconceived from ground up, building on many lessons learnt from earlier blockchain projects.
Smart contracts on the Internet Computer are called canister smart contracts, or canisters, each consisting of a bundle of WebAssembly (Wasm) bytecode and smart contract data storage. Each canister has its own, isolated, data storage that is only changed when the canister executes code.
Canisters are hosted on subnets, the top-level architectural building block of the IC. A subnet is an independent blockchain, running on node machines, or nodes, deployed in globally-distributed data centers. A single subnet can securely host tens of thousands of canister smart contracts, totalling in hundreds of gigabytes of memory – there are currently dozens of subnets, growing to thousands in the future. For each canister hosted on a subnet, its code and data is stored on every node in the subnet, and its code is executed by every node in the subnet. This replication of storage and computation is essential to achieve fault tolerance, so that canister smart contracts will continue to execute even if some nodes in the subnet are faulty (either because they crash, or even worse, are hacked by a malicious party). This replication is powered by the core Internet Computer Protocol (ICP), which implements a high-throughput, low-latency consensus mechanism and an efficient virtual machine for WebAssembly execution, backed by a blockchain.
The IC's multi-subnet architecture is much more powerful than the well-known sharding approach because it enables smart contracts on different subnets to communicate with each other seamlessly – much like services in a traditional microservices architecture, but fully on chain. Canisters communicate via asynchronous messages, i.e., they don't block on sending a message, but process the response when it eventually arrives. This novel approach to inter-canister calls allows for scaling out the IC by simply adding more subnets.
The core ICP makes heavy use of chain-key cryptography, a toolbox of advanced cryptographic protocols (based on threshold cryptography) that enables the decentralized operation of the IC with unprecedented scalability. Chain-key cryptography also includes a sophisticated collection of technologies for robustly and securely addressing operational concerns, such as how to deal with faulty nodes or protocol upgrades, which we call chain-evolution technology (for example, enabling nodes to easily join a subnet without validating every block beginning from the genesis block, as in other blockchains). Another building block in the chain-key crypto toolbox are chain-key transactions. They enable a canister to interact with (write to) other blockchains using threshold cryptography.
Having scalable and decentralized technology to power the operation of the network is not enough. In order to meet the requirements of complete decentralization, the IC needs a fully decentralized approach to governance. Governance of the IC platform and its R&D roadmap is accomplished through a tokenized Decentralized Autonomous Organization (DAO), which is called the Network Nervous System (NNS). Each individual dApp on the IC can have its own governance system similar to the NNS by customizing and deploying an out-of-the-box tokenized DAO based on the Service Nervous System (SNS) for the dApp.
Learn more about how the Internet Computer works and realizes the vision of a World Computer!
The Internet Computer was launched and open-sourced on May 10th 2021 by the DFINITY Foundation.
Core IC Protocol
The Internet Computer is powered by the Internet Computer Protocol (ICP), from which its utility token, the ICP token, derives its name. The core part of the IC protocol, the core IC protocol, is a 4-layer protocol that is running on the nodes of each subnet. By running the core IC protocol, the nodes of a subnet realize a blockchain-based replicated state machine that makes progress independently of the other subnets (but communicates asynchronously with them). This architecture of many concurrently-operating subnets enables the IC to scale practically without limits. Subnets process messages, which are submitted by users or come from other subnets.
The core IC protocol comprises the following four layers, from bottom to top:
- Message routing
The lower two layers, P2P and consensus, together implement a selection and ordering of incoming messages and provide messages to the upper two layers in the form of blocks. The upper two layers, message routing and execution, receive blocks containing ordered messages from the lower part of the stack and execute them in a completely deterministic manner on every node of the subnet. This realizes a replicated state machine, where every node in the subnet transitions from the same starting state to the same ending state in every round (it must be ensured that every node executes the same messages in the same order, i.e., fully deterministically).
The peer-to-peer layer (P2P) of the Internet Computer, the bottommost layer in the protocol stack, is responsible for the secure and reliable communication between the nodes of a subnet. The P2P layer realizes a virtual peer-to-peer broadcast network between the nodes of a subnet, building upon the Internet Protocol (IP) connectivity between the nodes. This makes the P2P layer the communications fabric that connects all the nodes of a subnet. Using P2P, a node can broadcast a network message, also called artifact, to all the nodes in the subnet. Artifacts can be things like input to canisters submitted by users or protocol messages (e.g., block proposals) generated by the IC protocol. P2P ensures that artifacts to be broadcast are eventually delivered to all nodes of the subnet. Eventual delivery reflects the asynchronous nature of real-world communication networks, which we assume for the Internet Computer protocol.
Every blockchain needs a consensus mechanism that allows the nodes to agree on the messages to be processed, as well as their ordering. Consensus is the component of the core IC protocol that drives the subnets of the IC. Each subnet is a blockchain that runs the IC core protocol, including consensus, independently of the other subnets. The purpose of the consensus protocol is to output the same block of ordered messages on each node of a subnet in a given round so that each node can make the same state transition when deterministically executing those messages.
The IC’s consensus protocol is designed to meet the following requirements: low latency (almost instant finality); high throughput; robustness (graceful degradation of latency and throughput in the presence of node or network failures). The IC consensus protocol also provides cryptographically guaranteed finality. This is in contrast to Bitcoin-like protocols which only provides probabilistic finality, where a block is considered final once a sufficient number of blocks have built on top of it in the blockchain.
The message routing layer implements the routing of inter-canister messages between subnets. This layer is also often referred to as cross-subnet messaging or simply XNet messaging. Secure XNet messaging is a key ingredient for the architecture of loosely-coupled subnets and thus a prerequisite for the scalability of the IC. In every IC round, message routing receives a block of messages to be processed from consensus – the same on each node of the subnet – and places the messages into the input queues of their target canisters, a process called induction. Then, it triggers the execution round which will potentially lead to new canister messages in the executed canisters' output queues. Once execution is done, the messages in the output queues will be routed to the respective subnet-to-subnet streams to be processed by the consensus protocol instances running on other subnets.
Another crucial functionality implemented by the message routing layer is state certification, that is, the subnet certifying parts of the replicated subnet state in every round in a decentralized manner. Among others, this certification is used by other subnets to verify the authenticity of the subnet-to-subnet streams or to allow users to authentically read the processing status of messages previously submitted by them. State certification and secure XNet messaging enable, among others, the secure and transparent communication of canisters across subnet boundaries, a challenge that any blockchain that has multiple shards struggles with.
The execution layer, the topmost layer of the core IC protocol stack, is responsible for executing canister smart contract code. Code execution is done by a WebAssembly (Wasm) virtual machine deployed on every node. WebAssembly bytecode can be executed deterministically, which is important for a blockchain system, and with near-native speed. Canister messages, i.e., ingress messages by users or messages by other canisters, have been inducted into the queues of the canisters on the subnet by message routing. Message routing then hands over control to the execution layer, which deterministically executes messages, either until all messages in the canisters' queues are consumed or the cycles limit for the round has been reached, to ensure bounded round times.
The execution layer has many unique features, which sets apart the IC from other blockchains:
- Deterministic time slicing (DTS) - The execution of very large messages requiring billions of Wasm instructions to be executed can be split across multiple IC rounds. This capability of executing messages over multiple rounds is unique to the Internet Computer blockchain.
- Concurrency - Execution of canister Wasm bytecode is done concurrently on multiple CPU cores, which is possible due to each canister having its own isolated state.
- Pseudorandom number generator - Execution layer has access to unpredictable and unbiasable pseudorandom number generator. Canisters can now execute algorithms that require randomness.
The Internet Computer protocol uses a toolbox of advanced cryptographic mechanisms, collectively known as chain-key cryptography, which allows the IC to achieve functionalities and scalability that are impossible on other blockchains.
A key component of chain-key cryptography is a threshold signature scheme, which is like an ordinary digital signature scheme, except that the secret signing key is distributed among all the replicas in a subnet in such a way that the key cannot be stolen by compromising one (or even a large fraction) of the replicas in the subnet. The technology has many benefits including:
- Anyone can verify the content received from the Internet Computer by simply validating a signature without syncing the entire blockchain.
- The topology of IC can evolve autonomously -- New nodes and subnets can be added, faulty nodes can be recovered and protocol can be upgraded autonomously.
- A source of unpredictable and unbiasable pseudo-random numbers for canisters. Canisters can securely run algorithms that need randomness.
Chain-key transactions extends chain-key technology to allow transactions targeted at other blockchains to be computed fully on-chain using the Internet Computer Protocol. Using chain-key transactions, the IC can integrate with other blockchains such as Bitcoin and Ethereum in a completely trustless manner without needing any bridges. Canisters can now securely store and transact Bitcoin. The secret key of the Bitcoin is shared between all the nodes running the canister. The canister can trasact Bitcoin (using a chain-key transaction) only when at least 2/3rd of the nodes agree to make the transaction. Indeed, using chain-key transactions is the strongest, most decentralized way of integrating blockchains as no additional trust assumptions besides that of the two blockchains are required, particularly no additional parties that manage signature keys or their shares.
Tokenomics & Governance
The Internet Computer (IC) is underpinned by advanced tokenomics. It makes use of an utility token called ICP, which is used for a variety of functions on the platform including participation in governance and paying for computation & storage. In addition, the IC's tokenomic model provides a funding framework for exciting Web3 projects being built on the Internet Computer.
Network Nervous System
The Internet Computer is a decentralized system run by many independent machines. These machines all have to know certain facts, for example to which subnet they contribute (the topology), which protocol version they should run, and when they should upgrade to a new protocol version. On the Internet Computer these decisions are made by an open, tokenized governance system that is called the Network Nervous System (NNS). The NNS is one of the largest decentralized autonomous organizations (DAOs). Anyone can become a participant of the NNS and contribute to decisions by staking ICP tokens.
Service Nervous System (SNS)
Similarly to how the Internet Computer (IC) is controlled by the Network Nervous System, an individual application on the IC (called dapp) can be controlled by a decentralized community. The Internet Computer’s built-in solution for a DAO (decentralized autonomous organization) that tokenizes and decentralizes a dapp is called the Service Nervous System (SNS). In the process of creating an SNS, new tokens are minted and sold in a community-based fundraising. The dapp’s control is handed over to the SNS and everyone who has SNS tokens can contribute to decisions on how the dapp evolves going forward. This allows distributing the power and ownership of the dapp over a number of parties, thereby eliminating single points of failure and gaining censorship resistance. Moreover, the newly created tokens can be used to create incentives to foster user adoption and participation.
The Internet Computer scales its capacity horizontally by creating new subnets that host additional canisters - just like traditional cloud infrastructure scales by adding new machines. Once the IC's Network Nervous System (NNS) decided to create a new subnet, it selects a group of spare nodes that have joined the IC but have not yet been allocated to any subnet and creates the initial configuration of the new subnet. The selected group of nodes then begins to form a new subnet blockchain.
In any large-scale distributed system, it is inevitable that individual nodes fail due to hardware breaking, network connectivity issues, or even the owner deciding to remove the nodes from the network. In such cases, the IC's Network Nervous System selects a spare node that replaces the failed node in its subnet. The new node then performs a state synchronization with the existing nodes on the subnet and begins contributing to the subnet blockchain's consensus protocol.
The Internet Computer blockchain is governed by the Network Nervous System (NNS), its algorithmic governance system. One of the many duties of the NNS is to orchestrate upgrades to the Internet Computer to a new protocol version when the community has adopted an upgrade proposal. Making upgrades to any blockchain requires solutions to several challenging problems posed by the nature of decentralized systems including how to allow arbitrary changes to the protocol, preserve state of all canister smart contracts, minimize downtime, and roll out upgrades autonomously.
Smart contracts on the Internet Computer come in the form of canisters: computational units that bundle together code and state. Each canister defines functions that can be called by other canisters and parties external to the IC, such as browsers or mobile apps. Canisters communicate with one another via asynchronous messages but the execution of each such message is done in complete isolation, allowing for massive levels of concurrent execution. Canisters are managed by controllers. Control structure of canisters could be centralized (e.g. when the controllers include some centralized entity), decentralized (when the controller is a DAO) or even non-existent, in which case the canister is an immutable smart contract. Controllers are the only entities which can deploy the canister to the Internet Computer, start/stop their execution and update their code. The controllers also need to ensure that canisters hold sufficient cycles. These are the unit used on the IC to acquire resources for canister execution (memory, network bandwidth and computational power). To this end the IC monitors the resource usage of canisters and deducts their cost from a cycle balance maintained locally by each canister.
Motoko is a new programming language for smart contracts. It is designed to seamlessly support the programming model of the Internet Computer and makes it easier to take advantage of the unique features of the blockchain. Motoko is strongly typed, actor-based, and has built-in support for orthogonal persistence and asynchronous message passing. Productivity and safety features include automatic memory management, generics, type inference, pattern matching, and both arbitrary- and fixed-precision arithmetic. Messaging transparently employs the Internet Computer’s Candid interface definition language and wire format for typed, high-level, and cross-language interoperability.
Canister smart contracts can declare variables as certified. Whenever set, these variables will automatically get a Merkle tree certificate, signed by the Internet Computer blockchain. This allows anyone to verify the authenticity of this type of data using the Internet Computer's public key.
Smart Contracts Serve the Web
The Internet Computer is the only blockchain that can host a full dapp – frontend, backend and data. This is a crucial and distinguishing feature allowing dapps to run 100% on-chain inheriting the security and decentralization of blockchain without sacrificing speed or affordability. This is possible because the IC can securely serve HTTP requests.
Assets are served from the Internet Computer in a tamper-proof way using certification: Each asset is accompanied by a certificate, which is signed by the entire subnet allowing the user to verify that a response is correct and authentic even when communicating with a malicious node.
The boundary nodes are the gateway to the Internet Computer and enable seamless access to the canister smart contracts with stock browsers. They provide an HTTP endpoint and translate all incoming user requests to API canister calls, which are processed on-chain. In addition, the boundary nodes act as a cache to improve the performance of the dapps hosted on the Internet Computer.
The main means of identity and authentication used on the web are usernames and passwords, which are hard to manage and well-known for their security vulnerabilities. To solve these pitfalls, the Internet Computer blockchain pioneered a more advanced and much more secure method of cryptographic authentication, known as Internet Identity, which is more convenient to use, works across all of a user's devices, and helps to protect user privacy.
Internet Identity is a gateway to applications on the Internet Computer. When you use Internet Identity, websites cannot collect and share information about your online activity. This is because Internet Identity helps you create and manage anonymous, independent accounts for every website so that you get the privacy of having many different accounts without the burden of managing them.