Internet Computer Roadmap Guide: 25 Motion Proposals Outlining New Areas for Crypto Innovation

The DFINITY Foundation seeks the community’s feedback and approval on a set of major motion proposals outlining R&D plans for the future.

The Internet Computer blockchain is constantly upgrading itself without the need for divisive hard forks and disruptions to the network. The Network Nervous System (NNS) is the autonomous tokenized governance system that makes this possible, controlling the Internet Computer in a completely open, permissionless, and decentralized manner. By staking ICP utility tokens in voting neurons, the NNS allows anyone in the world to submit and vote on proposals to the network. If adopted, the proposals are executed automatically, enabling the network to adapt in real time.

The DFINITY Foundation is committing R&D resources to the Internet Computer ecosystem in the form of technical contributions, which are subject to community discussion, voting, and adoption via NNS proposals. At each stage of a proposal’s lifecycle, neuron holders have the ability to direct the Foundation’s efforts in making the Internet Computer more efficient, faster, and easier to use for developers. The community decides what upgrades are initiated and what code is adopted.

As 2021 comes to an end, the Foundation is outlining its R&D plans for the next few years, and in recent weeks has been seeking the community’s input and feedback on these plans. (Please see the Developer Forum for in-depth explanations.) Rather than having voting for a slate of proposals unfold over many days, there will be a single voting period beginning on Monday, December 20, that includes all of them, allowing neuron holders to conveniently review the proposals within the NNS front-end dapp and record all of their votes.

VOTING IS LIVE: See below for links to vote on the proposals. DFINITY is abstaining from voting, so be sure to participate in order to log your vote and receive rewards.

The 25 motion proposals outlining major upgrades and new features are listed in detail below, and provide an on-chain mechanism for the community to vote on the blockchain’s future direction. Previous motion proposals have revolved around specific features and tended to have clear, finite goals that are delivered and completed. They also tended to be measured in days, weeks, or months. The following proposals have a broader direction and scope across active areas of R&D, involving deep research in cryptography, networking, distributed systems, language, virtual machines, and operating systems. They correspond to where the strengths of the DFINITY Foundation’s technical expertise are best suited.

Note: Please do not vote “reject” in order to prioritize one of these long-term R&D projects over others. Prioritization of these initiatives can be determined through community discussions.

To align the Internet Computer community around a shared understanding of these major technical initiatives, this effort will publicly identify researchers and engineers with subject expertise to engage and discuss with the community. There will also be many follow-up discussions and proposals on each topic when work is underway and smaller milestones and tasks are defined.

VOTE ON THE PROPOSALS HERE:

1. Integration with Ethereum
2. General Integration
3. Decentralized CA and DNS
4. Trusted Execution-Enhanced IC
5. Dapp Governance (SNS)
6. DeFi Enhancements
7. Node Performance
8. Scalability
9. Storage Subnet Blockchains
10. Secure OS
11. Tokenomics
12. SDK
13. Motoko
14. Post-Quantum Security
15. Internet Identity
16. Privacy: Multi-Party Computation
17. Formal Verification
18. Security Proofs
19. Malicious Node Security
20. People Parties
21. Decentralized Node Management
22. Boundary Nodes
23. Subnet Blockchain Splitting
24. Canister Migration
25. Subnet Blockchain Recovery

1. Integration with Ethereum (VOTE ON THE PROPOSAL HERE)
   This motion proposal is about the efforts of integrating the Internet Computer (IC) with Ethereum, which comprises the following items:
   • Ethereum blockchain integration: Integrating the Internet Computer blockchain with the Ethereum blockchain in a trustless manner, i.e., without using any trusted intermediaries such as bridges. This will enable smart contracts on the Internet Computer to call smart contracts on Ethereum and vice versa.
   • EVM support on the IC: Providing an Ethereum execution environment (EVM) on the Internet Computer to run Solidity-/EVM-based smart contracts on the IC.
   **Read more about this proposal on the Developer Forum and join the conversation…**
2. General Integration (VOTE ON THE PROPOSAL HERE)
   The objective of this initiative is to integrate the IC with outside systems. We have identified multiple classes of external systems of interest in this domain: The Web 2.0, i.e., HTTP(S) and other standard protocols, other blockchains, and end user devices. As can be observed, these are quite different integrations collectively put together in this motion proposal. Ultimately, the goal of integrating the IC with such systems is to provide greater value to both the IC and the systems it integrates with.
   **Read more about this proposal on the Developer Forum and join the conversation…**
3. Decentralized CA and DNS (VOTE ON THE PROPOSAL HERE)
   The IC enables developers to build and host web dapps that are served completely on-chain from end to end to any browser. To ensure end-to-end security and verifiability of such content, one needs to make decentralized blockchain-based certification compatible with built-in browser tooling and verification mechanisms. This project aims to provide mechanisms that ensure seamless verification of the content that is served from the Internet Computer blockchain to any browser and guarantee end-to-end security without additional tooling, using built-in tools only. This includes making the IC a decentralized Certificate Authority and providing a decentralized DNS on the IC.
   **Read more about this proposal on the Developer Forum and join the conversation…**
4. Trusted Execution-Enhanced IC (VOTE ON THE PROPOSAL HERE)
   The IC is a general infrastructure for a wide variety of applications processing all kinds of security-sensitive data ranging from user-centric private information to financial digital assets. While the IC as of today already provides a high level of fault-tolerance and security, all available technical means to improve its security and resilience should be explored. With the wide-spread advent of hardware-based trusted execution, the current protection of the IC against attacks such as rogue data centers providers and intrusions at the host level can be further strengthened and fortified. This proposal aims to devise a trusted execution-harnessed IC to further increase its security in terms of integrity and privacy against privileged local attackers, as well as provide additional means for users to validate the integrity of the IC. Together, this will substantially increase the security of the IC and all of its hosted assets and data.
   **Read more about this proposal on the Developer Forum and join the conversation…**
5. Dapp Governance (SNS) (VOTE ON THE PROPOSAL HERE)
   Tokenization enables powerful incentive systems that set dapps apart from traditional applications. A tokenized dapp allows anyone in the world to purchase tokens and thereby contribute to the dapp’s funding. Moreover, tokens can be paid to early adopters and active users, which will help to attract more users. By giving voting rights to users who have (locked) tokens, open and decentralized governance is established. With this project, we plan to provide building blocks that allow dapp developers to operate decentralized and open governance systems and integrate them with their dapps. Concretely, we plan to deliver such building blocks in multiple stages, such that the community can make use of intermediate deliverables while the systems can continuously be evolved and improved.
   **Read more about this proposal on the Developer Forum and join the conversation…**
6. DeFi Enhancements (VOTE ON THE PROPOSAL HERE)
   Decentralized finance is a main use case in the blockchain space. DeFi dapps can be deployed as canister smart contracts on the Internet Computer blockchain to take advantage of the ICs features including scalability and on-chain web support. This proposal recommends adapting the Internet Computer and its ecosystem to further support DeFi applications, the goal is to make it as easy as possible to develop and deploy capable DeFi dapps and participate in the DeFi ecosystem.
   **Read more about this proposal on the Developer Forum and join the conversation…**
7. Node Performance (VOTE ON THE PROPOSAL HERE)
   The current design and implementation of the IC protocol has been focused on simplicity and low engineering effort. While this suffices to demonstrate the possibilities of canister smart contracts, unleashing the full capacity of the IC requires a high-performance design and implementation. The goal of this project is to address bottlenecks and thus increase the performance of individual IC nodes, so that more query and update requests can be executed in the same amount of time. This will involve improvements to the orthogonal persistence mechanism, NIC virtualization, OS and Canister scheduling, caching, and the investigation of HW accelerators for compute-intensive tasks.
   **Read more about this proposal on the Developer Forum and join the conversation…**
8. Scalability (VOTE ON THE PROPOSAL HERE)
   In order to be able to serve millions of smart contracts, the scalability of the Internet Computer Protocol and implementation will be improved to support more nodes per subnet to be able to tolerate a higher number of malicious nodes, higher throughput, and less overhead for users as well as for network operations. More precisely, the following shall be investigated and suitable mechanisms designed, analyzed, implemented, and tested:
   • Many more subnets with frequent inter-canister calls across different subnets. The communication overhead for two canisters running on different subnets should be kept to a minimum and new nodes should be able to join subnets fast even if the state of the canisters they host is huge.
   • Large subnets with hundreds of nodes to tolerate a higher number of faulty nodes, yet exhibit low latency and high throughput for update calls.
   • Developers and users sending large messages to canisters as well as inter-canister messages.
   **Read more about this proposal on the Developer Forum and join the conversation…**
9. Storage Subnet Blockchains (VOTE ON THE PROPOSAL HERE)
   Currently, the Internet Computer has two types of subnet blockchains: system (with high replication) and application (with medium replication). This motion proposes that the DFINITY organization invest engineering resources into researching and developing additional types of subnets. More concretely the motion proposes to explore the concept of storage subnets. The core feature of this subnet type will be: 1) It uses node machines with higher storage capacity and 2) it operates with fewer nodes (smaller replication factor) than other subnet types.
   **Read more about this proposal on the Developer Forum and join the conversation…**
10. Secure OS (VOTE ON THE PROPOSAL HERE)
    This project aims to complement the security of the IC by focusing on the IC providing virtual machines and the associated host operating system. The two main objectives of this proposal are to reduce the attack surface and mitigate the effects of a successful attack at the IC node level. This will be achieved by compartmentalization of the IC software and establishing a fine-grained security policy thereby limiting and controlling access and execution privileges of all system actors. Based on the former a layered security architecture to improve the resilience of the IC at the virtual machine and the host operating system level will be established. In case of successful attacks support for an early detection needs to be provided to facilitate an instant root cause and impact analysis enabling to deploy countermeasures.
    **Read more about this proposal on the Developer Forum and join the conversation…**
11. Tokenomics (VOTE ON THE PROPOSAL HERE)
    This project is about monitoring, designing, and reacting to the economics of the IC’s ecosystem. Its objective is to evolve tokenomics on the IC to best incentivize participation, both for those locking up their ICP utility tokens to participate in voting activities, and those who will use tokens to purchase cycles and/or support various market activities.
    **Read more about this proposal on the Developer Forum and join the conversation…**
12. SDK (VOTE ON THE PROPOSAL HERE)
    The DFINITY Canister SDK is the main tool and interface used by developers when building on the IC. This project proposes significant investment into the developer experience. The SDK shall provide a better debugging and testing environment, allow profiling of dapps, as well as ensure reliable canister upgrades and canister state retrieval. The SDK shall come with improved documentation and example code for more use cases, frameworks, and languages.
    **Read more about this proposal on the Developer Forum and join the conversation…**
13. Motoko (VOTE ON THE PROPOSAL HERE)
    The objective of this proposal is to gain community approval on DFINITY’s plans to extend and maintain Motoko as an attractive and feasible option for canister smart contract development on the IC. This would include: better IDE integration, package manager, logging and monitoring support, improved scalability of garbage collection and upgrades, and maintaining parity with new IC features such as heartbeat messages.
    **Read more about this proposal on the Developer Forum and join the conversation…**
14. Post-Quantum Security (VOTE ON THE PROPOSAL HERE)
    In the future, attackers may be aided by quantum computers. Quantum algorithms can break some of the cryptographic assumptions the IC relies on, specifically the hardness of computing discrete logarithms. A quantum-capable adversary could thus forge signatures used in the IC. Predictions of when quantum computers will be powerful enough to break the discrete logarithm problem vary, with a small minority of experts believing it could be within the next 5 years. Hardening the IC against quantum-capable adversaries is a significant effort. Attackers are already known to harvest ciphertexts to later be decrypted with quantum computers, so it makes sense to start early on in making the IC post-quantum secure.
    **Read more about this proposal on the Developer Forum and join the conversation…**
15. Internet Identity (VOTE ON THE PROPOSAL HERE)
    Internet Identity is a blockchain authentication system built for and on the Internet Computer. Internet Identity enables users to authenticate into each dapp with a pseudonymous identity, which is consistent across multiple user devices but unlinkable across different dapps. While Internet Identity as it is today already provides secure authentication and works seamlessly across multiple user devices — building on both web authentication (for secure key storage on client devices) and on the Internet Computer’s threshold cryptography (for supporting multiple ones) — several key features can still be improved. This motion suggests focusing R&D efforts in the following years to the following topics:
    • Improve security of recovery method management in the II canister.
    • Provide stronger cryptographic unlinkability guarantees with weaker trust assumptions.
    • Performance improvement in generating delegations.
    • Secure account recovery using external identity verification providers.
    • Decentralized anonymous credential-based authentication.
    • Better mechanisms against bots, e.g., based on web auth attestations.
    • Support for devices without web authentication.
    • Support Internet Identity use in native apps.
    **Read more about this proposal on the Developer Forum and join the conversation…**
16. Privacy: Multi-Party Computation (VOTE ON THE PROPOSAL HERE)
    Since computation is replicated on many nodes, users risk one of the nodes leaking information. Cryptographic protocols for multi-party computation (MPC) enable several nodes to jointly compute a function on confidential data without revealing the input or intermediate data. In theory, any function can be securely evaluated with MPC, but users pay a significant performance overhead. This research will provide MPC functionality on the IC for users who need strong privacy guarantees.
    **Read more about this proposal on the Developer Forum and join the conversation…**
17. Formal Verification (VOTE ON THE PROPOSAL HERE)
    This project concerns machine-checked verification of the IC’s properties. The IC provides a secure environment for the canister smart contracts executing on it. But like any software stack, the IC can contain bugs, even with best practices such as testing and code reviews. Bugs can directly compromise the canisters’ security, making the canisters unavailable, or losing or corrupting the canisters’ data, e.g., changing the balances in the ledger canister. The open, permissionless nature of the IC means that such bugs can be triggered not only spontaneously, but also exploited by malicious actors. Formal verification dramatically reduces the risk of bugs in a system, including security vulnerabilities.
    **Read more about this proposal on the Developer Forum and join the conversation…**
18. Security Proofs (VOTE ON THE PROPOSAL HERE)
    The IC is a complex beast that requires several non-standard cryptographic primitives to come together in order to provide its strong security guarantees. Provable security, also known as reductionist security, is a technique from theoretical cryptography where a new scheme, protocol, or system is mathematically proved to be secure as long as some precisely stated hardness assumptions hold. The DFINITY Foundation already used this technique to validate some of our core cryptographic components, such as the non-interactive distributed key generation that is at the basis of our Key Chain cryptography, threshold ECDSA that underlies the Bitcoin integration with the IC, and our consensus protocol.
    **Read more about this proposal on the Developer Forum and join the conversation…**
19. Malicious Node Security (VOTE ON THE PROPOSAL HERE)
    This project is about the IC monitoring, reacting, and handling malicious behavior from nodes in a subnet. Examples include: handling equivocating block makers more efficiently, and detecting and acting upon malicious behavior.
    **Read more about this proposal on the Developer Forum and join the conversation…**
20. People Parties (VOTE ON THE PROPOSAL HERE)
    The objective of this R&D motion proposal is to improve the initial people parties (proof of personhood/humanity) implementation that is currently being worked on and to be released shortly. Those improvements have the goal to, among other things, strengthen the personhood validation process, improve the decentralization of the implementation, extend the validation strategy based on validated participants from earlier rounds, and design a more scalable system.
    **Read more about this proposal on the Developer Forum and join the conversation…**
21. Decentralized Node Management (VOTE ON THE PROPOSAL HERE)
    The IC is designed for anyone to be able to become a node provider. The governance system of the IC, the NNS, scales the IC’s capacity by adding more nodes. The requirement of additional nodes depends on the desired capacity (and location requirements) of the IC at a given point in time. The network is expected to grow to millions of nodes running from thousands of data centers in the coming years. As decentralization is key to the mission of the IC, many new, independent node providers will be needed to support that growth. This proposal outlines the roadmap.
    **Read more about this proposal on the Developer Forum and join the conversation…**
22. Boundary Nodes (VOTE ON THE PROPOSAL HERE)
    The boundary nodes are the gateways to the IC. Their main purpose is to translate HTTP requests from users into calls to canister smart contracts on the IC and route calls to nodes on the corresponding subnet. In addition, boundary nodes provide load balancing, caching, rate limiting, IPv4-IPv6 translation (as IC nodes all use IPv6), and integrity verification for content served to users. This motion proposal sets the future roadmap for boundary nodes. It is proposed to enhance the design and implementation of the boundary nodes in several aspects, to make their deployment and operation more decentralized, make them easier to deploy and upgrade, and increase their security.
    **Read more about this proposal on the Developer Forum and join the conversation…**
23. Subnet Blockchain Splitting (VOTE ON THE PROPOSAL HERE)
    The internet computer is designed to have unbounded capacity by scaling out to different subnet blockchains. Each subnet however has a limited capacity, and the load on the different subnets varies wildly. As it stands today, there is no convenient way to balance load between subnets. This proposal would “split” a subnet into two subnets. The replicas are divided into two groups, each of which will become a separate subnet. The canisters are distributed over the two subnets in a similar fashion, such that each of the two “child” subnets only have half of the load before the split. Since all replicas already have the state of all of the canisters that were on the subnet, no slow transfer of state is required and the subnet downtime due to splitting should be minimal.
    **Read more about this proposal on the Developer Forum and join the conversation…**
24. Canister Migration (VOTE ON THE PROPOSAL HERE)
    This motion proposal is about efforts related to enabling the migration of canister smart contracts between different subnet blockchains of the IC. The objective of canister migration is to provide a tool for load balancing on the IC by allowing developers to move canisters or groups of canisters from one subnet to another. For example, one could envision moving a popular canister away from an otherwise heavily loaded subnet so that the popular dapp can meet its service level objectives again.
    **Read more about this proposal on the Developer Forum and join the conversation…**
25. Subnet Blockchain Recovery (VOTE ON THE PROPOSAL HERE)
    This proposal is about ensuring all NNS proposals are verifiable without revealing the state of a subnet. The internet computer consists of subnets that should run in a robust manner. That is, up to < 1/3rd of the replicas of a subnet can be malicious or unavailable, and the subnet will still make progress. If more replicas are unavailable at one time, the subnet would stall, and canisters can no longer progress update messages. For such scenarios, the IC supports a subnet recovery operation: via NNS proposals, the governance system can instruct other replicas to take over the responsibility of the subnet immediately.
    **Read more about this proposal on the Developer Forum and join the conversation…**

____

Start building at smartcontracts.org and join the developer community at forum.dfinity.org.