The Internet Computer is a new way of hosting applications on the internet that is more secure, more censorship resistant, and easier to use for developers. There are many technical innovations that bring about these benefits of security, decentralization, and ease of use. The Internet Computer has been under development since 2016 and just released their official mainnet in May of 2021. There are now real websites running on the Internet Computer in real life. See Internet Computer Apps for a few examples.
1. A Brief History of the Internet Computer
To start off, let’s review a brief history of the Internet Computer.
This is an abbreviated and simplified history right now. A more complete history will be coming over the next few months. Please reach out if you are interested in contributing.
Oct 2016: DFINITY foundation started by Dominic Williams, based in Zurich, Switzerland
Feb 2017: Raised $4.2 million in a seed fundraiser (4x more than the soft cap target)
Aug 2017: Planned to follow the Feb seed round with a main fundraiser, but decided on a different path
Feb 2018: Raised $61 million from Andreesen Horowitz and Polychain Capital
May 2018: Distributed $35 million of DFINITY tokens in an airdrop
Aug 2018: Raised $102 million from Andreesen Horowitz, Polychain Capital, SV Angel, Aspect Ventures, Village Global, Multicoin Capital, Scalar Capital, and Amino Capital, KR1, as well as DFINITY community members.
Nov 2019: Copper release: the SDK and Motoko (the beginning of the metallurgy named releases)
Jan 2020: Bronze release: the demo network
June 2020: Tungsten release: opened up test network to certain developers
Sep 2020: Sodium Network: unveiled Network Nervous System and economics of IC ecosystem
Dec 2020: Mercury alpha release: Launched alpha mainnet of the Internet Computer
May 2021: Mercury official release: Internet Computer genesis event; mainnet and ICP token launched
2. What is the Internet Computer Made Of?
The internet computer has many different components: subnets, nodes, canisters, the NNS, neurons, proposals, votes, ICP, and cycles. Let’s briefly define each one to help you better understand what the Internet Computer is made of.
Subnets: A subnet is a specific group of nodes. Anything that runs on a particular subnet is replicated across one to many nodes in the subnet.
The more technical (and accurate) definition of a subnet is a distributed group of nodes across geography and jurisdiction that builds a blockchain to achieve consensus on the exact set of messages/updates/transactions to execute.
Nodes: A node is a single machine running somewhere in the world. Nodes combine their computing power and run the Internet Computer Protocol.
Canisters: A canister is where an application runs on a subnet (or group of nodes). This means the canister is the code, state, memory, and storage for Internet Computer applications.
The NNS: The Nervous Network System (NNS). This is a system of neurons, proposals, votes, ICP, and staking that governs the Internet Computer. By governance, I mean almost all changes to the internet computer have to go through the NNS in a proposal.
Neuron: A neuron may contain staked ICP. When ICP is staked and the dissolve delay is greater than 6 months, the neuron is a voting entity in the NNS.
Proposal: In order to change the Internet Computer in any way, you have to do it through a proposal to the NNS (there may be a few edge cases that do not require NNS proposals). The proposal will outline a specific change, and then everyone with staked ICP in neurons will vote on it to decide whether to adopt the change or not.
Votes: Each neuron receives voting power based on how much ICP is staked in it, how long the ICP has been staked in the neuron, and how long the ICP has to be locked away (also called dissolve delay). When a neuron votes on an NNS proposal it earns rewards.
ICP: The Internet Computer Protocol, ICP, is a utility token that can be purchased at common exchanges (Coinbase, Binance) and staked in a neuron to participate in the governance of the internet computer. You also receive rewards in ICP for staking and voting on NNS proposals.
Cycles: ICP can be converted into cycles. For example, 1 ICP might be worth 5 trillion cycles. This conversion rate always changes based on NNS proposals. A cycle is an operation performed by a computer, so cycles are a more granular form of compute costs. Canisters (see definition above) do computations on the Internet Computer and consume cycles to do those computations.
3. What Can You Do on the Internet Computer
The Internet Computer vision is exactly what it sounds like, a computer that is as decentralized and scalable as the internet itself. Decentralized means that there is not a single company that runs the whole thing. Amazon Web Services is a centralized service because if they don’t like what you are building, they can refuse service to you and shut you down. A decentralized service means it is community owned, and you cannot be refused service unless a majority of the community votes in favor of it.
Practically, this means you can build websites and social media applications on the Internet Computer, or really, anything you can do on the internet you can do on the Internet Computer.
There are some limitations to the Internet Computer right now, such as scalability and privacy limitations, but eventually (give it a few years) you will be able to do anything on the Internet Computer that you can do on the internet.
But wait, you might be thinking, people have been building websites and apps on the internet for decades now. Why do we need another way to do what we are already doing?
Well, yes, we have been building things on the internet for decades, but it hasn’t all been sunshine and rainbows. There are a few major concerns with centralized internet and services, and the solutions to these concerns are the reasons why the Internet Computer is a much better technology:
1. Security (hard to hack)
2. Decentralization (censorship resistant)
3. Easy to use for developers
We’ll dive into each one of these elements and we’ll provide some concrete examples so it is easier to understand.
4. The Security Benefits of the Internet Computer
There are many cyber attack vectors. This list will grow over time, but for now, let’s look at some common cyber attacks and whether they are as successful on the Internet Computer as with a more centralized server setup (like AWS, Azure, Digital Ocean, etc). For the more technical crowd, these are pulled from the OWASP Top Ten (widely regarded as the top ten best security practices).
A misconfiguration is when servers and/or databases are improperly configured allowing improper access to public and private data. Sadly, this happens all the time due to the complexity of internet infrastructure. This could be disabling multi-factor authentication for admins, leaving data unencrypted at rest, or not properly provisioning access to resources. All of these are simple misconfigurations that occur all the time.
– Business enterprises had 2,269 misconfiguration incidents every month
– Businesses regularly underestimate the number of misconfigurations they experience by a factor of 10
On The Internet Computer
For developers building applications, there are many more moving pieces in a complicated AWS setup when compared with the Internet Computer. Because the Internet Computer has fewer moving parts, it is easier to configure correctly and accurately.
For example, [technical deep dive] on AWS you have to worry about things like a Virtual Private Cloud (VPC), creating your own subnetworks within the VPC, configuring ip addresses of your subnetworks, setting up security groups/firewall/port configuration, load balancers if you have lots of traffic, SSL certs, and DNS integration [end technical deep dive].
On the internet computer, however, you just choose a subnetwork to deploy to with your replication factor and privacy setting and you are done! Much simpler setup leads to much fewer misconfiguration vulnerabilities.
Privacy settings are currently not available when deploying to a subnet, but in the future we expect to be able to set simple privacy settings when choosing a subnet to deploy to.
This means bad software, and includes spyware, ransomware, viruses, and worms. You can get malware by clicking a bad link or email attachment. Once installed, the bad program can shut down the machine, continue installing bad software, watch keyboard/mouse activity, or conduct other disruptive activity.
– There are more than 1 billion malware programs
– Half a million new pieces of malware are detected every day
– 7% of websites Google tested were infected with Malware
– In 2009 the “ILOVEYOU” worm affected roughly 10% of all computers around the world
On The Internet Computer
Malware can still be introduced to sites running on the Internet Computer through old software dependencies, which is the same as centralized cloud providers. The benefit of the Internet Computer is that the operating system is abstracted away, so it is much less likely that there will be operating system vulnerabilities that would lead to a successful malware attack. Also, it would be much harder to hack an individual machine to introduce a malware attack because by default, every website on the Internet Computer is actually running on at least 7 different machines. This means someone would have to hack 3 of the 7 in order to have a successful malware attack on an Internet Computer node.
Phishing is a cyber attack where someone tries to get you to give them your private information (passwords, private keys, etc.) by pretending to be someone you trust. The vast majority of phishing attacks happen through email.
– Phishing is the most common type of cybercrime.
– 96% of phishing attacks arrive by email
– Windows executable files were the most common types of malicious files
On The Internet Computer
Phishing attacks are still possible on the Internet Computer, meaning someone could send you a fake email from the DFINITY foundation in order to get you to divulge private information.
The majority of applications (so far) on the Internet Computer are using Internet Identity to manage authentication. Internet Identity uses biometrics and physical keys (like Yubikey) to authenticate. This means that even if someone wanted to steal your password, they couldn’t because the Internet Identity doesn’t use passwords and the Internet Computer would only store the public cryptographic information from your biometrics login. This makes authentication credentials much more secure in the Internet Computer than a traditional cloud provider.
A denial-of-service attack is when many machines coordinate to make thousands or millions of requests to your server all at the same time, effectively making your resource unavailable to your users.
– Hiring a cyber-criminal to commit a DDoS is as easy as an internet search and as little as $5.
– The average cost of a DDoS attack ranges between $20k -$40k per hour.
– DDoS attacks have increased more than 2.5 times over the last 3 years.
On The Internet Computer
The Internet Computer has built-in infrastructure to handle denial-of-service attacks (similar to other centralized cloud providers). It will be interesting to see how well these mitigations work once they are put to the test. Currently we do not know enough about the DDoS protections at the canister or subnet level to know whether this will be more secure than other cloud providers.
Security Fixes Not Implemented
In many cases, a security vulnerability is discovered and patched (in the main code repository), but the patches are not uniformly applied across all websites and applications.
– 60 percent of security breaches happened when a security fix was available but was not yet implemented
On The Internet Computer
The Internet Computer is governed by the Network Nervous System (NNS). When an update is needed, someone can submit a proposal to the NNS, everyone can vote on the acceptance or rejection of the proposal, and then the fixes are automatically applied across all nodes in the network. This means that when a security vulnerability is discovered and fixed, the fix can be pushed out to 100% of the nodes, effectively mitigating this security vulnerability on the Internet Computer. This is kind of a double-edged sword though, because it also means if there is a security vulnerability on one node, it is present across the entire network. And further, in order to fix it, the security vulnerability will need to be shared publicly in an NNS proposal for long enough to vote on it, which introduces another interesting attack vector.
Login processes are often implemented incorrectly, which allows attackers to get access to passwords, keys, or other private data.
On The Internet Computer
Authentication on the Internet Computer is very secure. In fact, it is much more secure than regular internet services. First, the Internet Computer enforces SSL by default, which prevents any unencrypted data being sent or received from your machine. Second, using public/private cryptographic information the Internet Computer only has your public cryptographic information (your private cryptographic information is stored on your device). This means even if a canister was hacked they could only get your public cryptographic information.
Occasionally a centralized content delivery network (CDN) or hosting provider will go down and will take down a portion of the internet with it.
– Two continents impacted by Dyn Cyberattack in 2016, affecting Airbnb, Amazon, BBC, CNN, eBay, Netflix, and Twitter
– The entire British Airways Fleet grounded because of IT failure in 2017
– Microsoft Azure down for 11 hours due to human error in 2018
– Facebook down for 36 hours on March 13, 2019 affecting 7.5 million people
– Google server crash in December 2020, affecting YouTube, Google Drive, Google Meet, and Gmail
– Fastly configuration bug on June 8, 2021 which affected Amazon, Reddit, Twitch, Github, Shopify, and Spotify.
On The Internet Computer
The default replication factor for nodes in a subnet is 7, which means that your application will be running simultaneously in seven different places around the world. Only 2/3 of the nodes in a subnet are needed for consensus, which means up to 1/3 of the nodes could get taken down and your application would still function perfectly. This is an improvement on centralized hosting services because while it is possible to setup a replication structure like this outside of the Internet Computer, it is much easier to do on the Internet Computer which has this functionality by default. There would be much fewer outages if every application was hosted on the Internet Computer.
Insufficient Logging & Monitoring, Cross-Site Scripting, Injections, and Insecure Deserialization are all the same between development environments. It is up to the individual app developer to ensure these are implemented correctly.
5. The Decentralization Benefits of the Internet Computer
On January 21, 2021 Parler was taken down by AWS as well as a number of other technology companies. Whether you agree with the reason they were taken down or not, doesn’t it seem strange that a giant, for-profit technology company gets to decide who gets banned and who doesn’t? Shouldn’t these decisions be left to the community?
On January 8, 2021, the President of the United States, Donald Trump, was banned from multiple social media sites. Whether you agree with the reason he was banned or not, isn’t it strange that a giant for-profit technology company gets to make the decision of who gets banned from their platform and who doesn’t? Shouldn’t these decisions be left to the community?
With decentralized social media apps running on the Internet Computer and decentralized hosting on the Internet Computer, these decisions can be made by the community. Governance of the Internet Computer happens through the Network Nervous System (NNS). The NNS receives proposals, and anyone who has staked their ICP in a neuron (with at least a 6 month dissolve delay) can participate in voting on proposals.
These proposals could include banning a specific user, or sets of users, that match specific criteria, or they could include guidelines or restrictions on the kind of content that is allowed in a particular platform.
The decentralization of the Internet Computer means that whoever would like a vote to determine what happens in the Internet Computer can have it, provided they go through the appropriate process of buying and staking ICP.
6. The Ease of Use Benefits for Developers
Let’s compare setting up a complex application on Amazon Web Services to the Internet Computer.
Setting things up on AWS you have to worry about creating a Virtual Private Cloud (VPC), creating your own subnetworks within the VPC, configuring ip addresses of your subnetworks, setting up security groups to ensure everything has proper access and roles within each respective subnetwork, configuring your firewall, making sure your port configurations make sense, implementing a load balancer, ensuring you have SSL certs for all domains, and making sure DNS is set up properly.
Deploying to the Internet Computer is as simple as choosing your subnet, a replication factor, and a privacy setting. The Internet Computer abstracts away the majority of the complexity (SSL certs and DNS coming soon hopefully).
The developer experience still isn’t perfect with the Internet Computer (e.g., data migrations are hard, etc.) since it is a new project which just recently released its first public mainnet, but many more improvements are under development right now.
7. A Quick Recap
A quick recap for those of you who just want the summary:
The Internet Computer is a new way of hosting applications on the internet that is more secure, more censorship resistant, and easier to use for developers. There are many technical blockchain innovations that bring about these benefits of security, decentralization, and ease of use.
ICP is a utility token that can be (1) staked inside a neuron to vote on NNS proposals and receive staking rewards, or (2) converted into cycles to be used for hosting, computation, and storage costs. ICP is not a currency and you will probably never buy anything with your ICP (except for cycles).
The Internet Computer has been under development since 2016 and finally released some code for the first time in Nov of 2019. They have since released many additional releases and just released their official mainnet in May of 2021. There are now real websites running on the Internet Computer in real life. See Internet Computer Apps for a few examples.
Check out How to Get More Involved if you are interested in getting more involved.