IC Drive is a decentralized private storage app on the Internet Computer Blockchain. With IC Drive, the users are in control of their data. Users can store all kinds of files in IC Drive and share them with other users in a secure manner. In this post, we are going to discuss some key things related to IC Drive and its underneath tech.
What is Internet Computer?
Internet Computer is a blockchain network that can run applications at web speed and at scale. It is powered by decentralized cloud servers spread across the globe and is an alternative to proprietary offerings like AWS, Azure, etc. with added abstraction to allow developers and teams to focus on building apps without worrying much about the underlying infrastructure issues. One can build smart contract-based trustful tokenized applications on it.
What language do we use?
Essentially one can use any programming language which compiles down to WASM to build DApps on the Internet Computer. We particularly choose Motoko for IC Drive since it’s a programming language designed specifically for the Internet Computer and we believe in the vision of the Internet Computer and its community to drive the efforts for the development of the language to become the foremost option to build decentralized apps on the internet. Motoko is also easier as compared to rust as it abstracts some complexities for writing code for dapps that run on Internet Computer blockchain. Our website frontend is made using ReactJS which is also deployed on the Internet Computer.
Tell me about what happens when I sign up
A user has to sign up using the Internet Identity to access IC Drive. They do this securely using their Face ID, Fingerprint Scanner, or a Hardware authentication device like Yubikey.
Then the Internet Identity provides IC Drive, a pseudonymous identity of the user to protect them being tracked across other apps built on the Internet Computer.
Canisters (like the smart contracts on other blockchains) are where the program code of IC Drive and the storage resides. Currently, the storage limit of each canister is 4GB. After a user signs up using the Internet Identity, their pseudonymous identity is used to create a new canister containing the code of all the functionalities related to files storage, management, sharing, etc.
Controller of the user canister
The user becomes the controller of this new canister created using their pseudonymous identity. Although, initially IC Drive’s main identity is also another controller of this newly created user canister whose sole purpose is to provide new updates and functionalities to the user canisters. Soon, we will also allow the users to remove this additional controller on a tradeoff that users will then won’t be able to get any new updates to IC Drive.
How does IC Drive store files on the blockchain?
Whenever a user uploads files using IC Drive, every file is broken into chunks of 1.5 MB, and the file metadata along with all the chunk counts and chunks themselves are stored on the user canister. All the chunk data is stored in the canister memory. Since the update queries require the consensus of multiple nodes to bring permanency, this operation is a little slow compared to update operations in the web2 world. The user canister containing their data is replicated across multiple nodes in the subnet where the canister lies which ensures replication of user data. A subnet represents a group of a large number of nodes running the internet computer code. Even if a single node containing the user data crashes, the internet computer protocol ensures that the user data can be fetched from other nodes in the subnet.
Can a nation-state force data out of user canisters?
The hardware of nodes where your data is stored is yet to be resistant to side-channel attacks. Side-channel attacks generally refer to an attack that is not caused by an algorithm, software bugs, or program logic but rather on the computer system itself on its hardware via power, sound, or electromagnetic leaks. There is still a possibility of such an event happening, although the chances being quite less. To mitigate this, we are working on a client-side encryption mechanism allowing users to have an option to encrypt their data for added security. We are exploring the best way to implement this as it comes with a trade-off with user experience.
IC Drives uses Motoko programming language for its core logic and ReactJS for the frontend, both of which are pushed to canisters on the Internet Computer. Canisters currently have a 4GB memory limit and are replicated on multiple nodes in a subnet. Each user gets their own canister which is their unique place of storing their files and can be accessed using their Internet Identity via the dapp frontend.
In this post, we had a technical overview of how IC Drive is built on the Internet Computer. Other developers can use this to propose new features and improvements to IC Drive and its architecture or build their own dapps. In coming posts, we will also dive into more technical details like choice of particular data structures and inter-canisters calls, etc.
Author: Nandit Mehra
Reviewed by: Ravish Sharma