Introduction and key concepts

You don’t need to know much about the inner workings of the Internet Computer platform to write programs that run successfully on it. However, learning a few key concepts will help you get the most out of the unique features that the Internet Computer provides.

Knowing a little about the architecture and vision that form the foundation of the Internet Computer platform can make it easier for you to realize the benefits that align with your goals and inform the types of applications you develop. If you want to get right to developing code, though, you can skip this introductory material—key concepts and terminology—and look them up later when you need them in this section or in the glossary provided at the end of this guide.

What is the Internet Computer?

The Internet Computer is a shorthand name for a new computing infrastructure. In essence, the Internet Computer is:

  • A globally-accessible computing platform.

  • Built using an open protocol backbone that is similar in principle to the TCP protocol.

  • A network with computing capacity—for example, the hardware, CPU, and memory required to run programs—provided by connected peer nodes in independent data centers.

As a virtual infrastructure, the Internet Computer offers developers, organizations, and entrepreneurs a new way to build and deploy secure, autonomous, and tamper-proof software and internet-based services. The key distinction with the Internet Computer is that software and services can run directly on the internet itself using an open protocol rather than on a proprietary infrastructure or a specific hosting service.

The Internet Computer is an open infrastructure platform

The Internet Computer is not physical hardware that exists in any physical location. Instead, it represents a network of connected computers that communicate securely and provide processing services to users, developers, and other computers.

If you think of the Internet Computer as an infrastructure platform, it is similar to a public cloud provider, like Amazon Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure, or to a private cloud managed internally by a private organization.

Unlike a public or private cloud, however, the Internet Computer platform is not owned and operated by a single private company. Its architecture enables multiple computers to operate like one, very powerful, virtual machine. The computers that make up the virtual machine are organized into sub-networks of data centers around the globe. The distributed architecture enables secure peer-to-peer communication without firewalls or technologies that are vulnerable to attack. The open protocol enables independent service providers and data centers to participate, profit from, and contribute to an ecosystem of new internet-based services and applications.

A new model for delivering software and services

The Internet Computer open protocol reduces platform-based risks and paves the way for innovation by re-imagining how software is built, deployed, and accessed. For example, with the Internet Computer:

  • Software runs directly on the internet instead of a proprietary system, which reduces the total cost of IT ownership.

  • Developers can write code without worrying about securing or storing data, which simplifies programming and reduces time to market.

  • Services can communicate with each other without knowing the network topology or ports in use.

  • Software can be “autonomous” much like open source projects, allowing developers to innovate, contribute, and improve with confidence.

Highlights at-a-glance

As a platform, the main features and benefits of the Internet Computer include the following:

  • Extends the internet with serverless cloud functionality.

  • Enables the deployment of software with robust security.

  • Reduces the total cost of ownership required to deploy and maintain software for organizations of any size.

  • Provides access control using cryptographically-secure identities.

  • Supports an autonomous software model in which services can guarantee API availability.

  • Enables programs to run in a WebAssembly execution environment.

Basic architecture

The architecture of the Internet Computer platform consists of four main tiers or layers:

  • An execution environment layer

  • A message routing and distribution layer

  • A consensus-based security validation layer

  • A peer-to-peer inbound communication and replications layer

Each layer includes components and services that perform specific tasks to ensure secure communication and network performance across all of the participant nodes in the connected network.

The following diagram provides a simplified overview of the internet computer components deployed as a local test network node in a development environment.

Internet computer components in a developer’s environment

As a developer, these architectural components are transparent. If you set up a test network locally for your development environment, however, some steps of the development and deployment process interact with these components to give you a realistic sense of the workflow for a production deployment.

If you want to know more about the technical underpinnings of the Internet Computer platform, you can find more detailed information in technical papers available on the DFINITY website.

How to develop applications for the Internet Computer

For programmers and software developers, the Internet Computer platform provides unique capabilities and opportunities within a framework that simplifies how you can design, build, and deploy applications. A key part of this framework is a new, general purpose programming language, Motoko. Motoko is a programming language that has been specifically designed to take full advantage of the unique features that the Internet Computer provides, including:

  • The ability to define program directly using actor objects and classes.

  • The use of async and await syntax to enable programming asynchronous messaging as if it was synchronous processing.

  • Automatic support for message serialization and de-serialization.

  • The ability to leverage orthogonal persistence and not require maintaining or managing external databases or storage volumes.

As a modern, high-level programming language, Motoko provides some key features of its own, including:

  • Support for big integer operations and overflow protection.

  • A sound type system that statically checks each program to ensure it can execute without type errors on all possible inputs.

  • Support for function abstractions, user-defined type definitions, and user-defined actors.

For more detailed information about the Motoko programming language itself, including syntactical conventions and supported features, see the Language Reference Guide.

The following diagram provides a simplified drill-down view of the development environment as part of the Internet Computer ecosystem.

Your development environment as part of the Internet Computer ecosystem

Canisters, actors, and the code you produce

One of the most important principles to keep in mind when preparing to write programs using the Motoko programming language is that Motoko uses an actor-based programming model. An actor is a special kind of object that processes messages in an isolated state, enabling messages to be handled remotely and asynchronously. Many key features of the Internet Computer platform depend on this type of secure and efficient asynchronous message handling.

In general, each actor object is used to encompass the code for one application. Your Motoko code is then compiled and deployed as a WebAssembly module—along with some environment configuration information and interface descriptions—and released as a software canister.

Why your code is compiled into WebAssembly

WebAssembly is a low-level computer instruction format that provides a common execution platform. Because WebAssembly defines a portable, open-standard, binary format that abstracts cleanly over most modern computer hardware, it is broadly supported for programs that run on the internet and a natural fit for deploying applications that are intended to run on the Internet Computer platform.

However, the main languages that currently support compilation to WebAssembly are either unsafe (for example, C or C++) or quite complex to learn (for example, Rust). With Motoko, developers can compile to portable WebAssembly while still delivering secure applications using a simple and high-level language.

The Motoko language offers many of the features that are common to other higher-level modern languages—like type safety and pattern-matching. But, in addition, Motoko provides built-in support for defining messaging services using actors in a way that is especially well-suited to the Internet Computer platform and is easy to learn whether you are a new or experienced programmer.

This guide provides an introduction to the basic features of the Motoko programming language in the context of writing programs using the SDK. For more detailed information about the Motoko programming language itself, see the Language Reference Guide.

Canisters include both program and state

A software canister is similar to a container in that it is deployed as a unit that contains compiled code and related files for an application or service. For example, the canister includes an interface description of the entry points that end-users can use to send messages to a program. The canister differs from a container, however, in that it also includes an associated state.

This concept of a canister consisting of both program and state is an important one because when a canister function is invoked by sending a message to one of its entry points, there are only two types of calls:

  • Query calls that allow a user to query the current state of a canister or call a function that operates on the canister’s state without changing it.

  • Update calls that invoke functions that change the state of a canister or result in the canister making an update call to one or more other canisters.

Query calls can be made to any node that holds the canister and can return an immediate response. Update calls, however can take time to change the state of the canister and, therefore, use the actor-based programming model (with state isolation) to allow concurrent and asynchronous processing.

For update calls, when the state change is complete, a response message is written to a rotating log. Users can query the status of their updates by contacting any node hosting the canister to read from the log. Response messages are limited in size and are only stored for a limited time.

As a developer, it is important to recognize this relationship between the actor object and the calls that change the canister state that you define in your program. Each actor object executes operations in an isolated state for a canister deployed on the network where the asynchronous processing takes place.

One good way to think of the Internet Computer is as a distributed computing platform that hosts software canisters. Once deployed on the Internet Computer platform, end-users can interact with the software through a front-end to access the entry points you have defined for that canister.

Resource usage

In general, all canisters consume resources in the form of CPU cycles for execution, bandwidth for routing messages, and memory for persisted data. To protect the platform from malicious users attempting to drain or overload resources, the Internet Computer platform provides flexible controls for managing their use and adapting to load and network changes.

As a developer, you can be sure your applications get the resources they require without having to plan for data storage and maintenance or for scalability.


As part of its message handling, the Internet Computer platform validates that all requests come from registered users or services and that the validated user is authorized to receive the payload requested.

As a developer, you don’t need to know anything about the underlying security architecture (blockchain or cryptography) to take advantage of the Internet Computer security features. If you need those details—for example, to prove compliance or address regulatory requirements—you can download documentation in the form of technical papers from the DFINITY website or contact DFINITY Support.