Difference between revisions of "WebAssembly"
| Line 1: | Line 1: | ||
| − | ''' | + | '''Canister smart contracts should be run efficiently and fast by the Internet Computer (IC). They are running WebAssembly (Wasm) code, which is a highly portable code format widely used for web-based applications as well as client-server and blockchain applications. Wasm is open-source, built for high-performance and efficiency and takes advantage of a wide community effort. Canister Wasm code is created by compiling software written in high-level programming languages such as Rust and Motoko. Because it’s faster, more efficient, and more portable than alternatives, Wasm is key to building efficient applications on the IC.''' |
| − | WebAssembly | + | == Portability & High-performance == |
| + | WebAssembly has quickly established itself as one of the internet’s favorite code formats due to its portability, efficiency and wide-range community support. Most high-level languages can be compiled down to efficient and portable Wasm code. Wasm code can either be executed internally by browsers or run under virtual machines (VMs) with minimal overhead compared to native execution. For example, Cloudflare uses it to provide "cloud worker" functionality, and advanced blockchains can use it to run high performance smart contracts. | ||
| − | + | Target of Many High-level Languages | |
| + | Most high level languages can nowadays be compiled down to Wasm. In addition to LLVM being able to target Wasm, popular languages such as C, C++, Rust, .NET are now efficiently compiled to Wasm as well. | ||
| + | Andreas Rossberg, co-designer of WebAssembly, who joined the DFINITY Foundation in 2017, also led the effort to design the Motoko programming language, which is designed to take full advantage of WebAssembly features, and adapt them to reap special Internet Computer features such as actor model smart contracts and orthogonal persistence. | ||
| − | + | == Execution of WebAssembly == | |
| + | WebAssembly is platform independent and can execute on (m)any hardware and software platforms. Wasm code is intended to run on a stack-based virtual machine. There are many runtimes and virtual machines that enable Wasm execution either through a browser or as a separate sandboxed process. For the Internet Computer we use the Wasmtime project to run user-defined canister smart contracts, which provides good performance. An important feature for the IC software stack is enforcing deterministic smart contract execution (to enable state machine replication). For Wasm, this is achieved through removing floating point and SIMD operations. | ||
| − | + | == Security == | |
| + | The execution of Wasm code can easily be sandboxed and isolated from the operation of other smart contracts and processes on the IC nodes. The IC protects against attacks using OS process isolation and sandboxing. Each canister is compiled and executed in its own sandboxed process that communicates only with the main replica process via security-audited IPC. Sandboxes are given the minimal set of permissions needed to execute using object-based access control (SELinux). Furthermore, Wasm code can be formally verified. | ||
| − | * It provides near-native performance, greatly improving smart contract efficiency. | + | == Features == |
| − | + | In summary, there are several features of WebAssembly that enable it to be the code format for canister smart contracts on the Internet Computer: | |
| − | * It is targeted by | + | *It is formally specified, which increases its security. |
| − | + | *It provides near-native performance, greatly improving smart contract efficiency. | |
| − | * It has been very widely adopted as the new standard for computation on the Web, and consequently a massive decentralized R&D effort constantly evolves and improves the standard, and a large variety of virtual machine implementations have been created. | + | *It is targeted by LLVM, which means large numbers of programming languages can easily be used for smart contract creation. |
| − | + | *It has been very widely adopted as the new standard for computation on the Web, and consequently a massive decentralized R&D effort constantly evolves and improves the standard, and a large variety of virtual machine implementations have been created. | |
| − | + | *Its execution can be made deterministic by not allowing floating point and SIMD operations. | |
| − | + | *Its execution is memory-safe and sandboxed. | |
| − | |||
Revision as of 09:59, 7 November 2022
Canister smart contracts should be run efficiently and fast by the Internet Computer (IC). They are running WebAssembly (Wasm) code, which is a highly portable code format widely used for web-based applications as well as client-server and blockchain applications. Wasm is open-source, built for high-performance and efficiency and takes advantage of a wide community effort. Canister Wasm code is created by compiling software written in high-level programming languages such as Rust and Motoko. Because it’s faster, more efficient, and more portable than alternatives, Wasm is key to building efficient applications on the IC.
Portability & High-performance
WebAssembly has quickly established itself as one of the internet’s favorite code formats due to its portability, efficiency and wide-range community support. Most high-level languages can be compiled down to efficient and portable Wasm code. Wasm code can either be executed internally by browsers or run under virtual machines (VMs) with minimal overhead compared to native execution. For example, Cloudflare uses it to provide "cloud worker" functionality, and advanced blockchains can use it to run high performance smart contracts.
Target of Many High-level Languages Most high level languages can nowadays be compiled down to Wasm. In addition to LLVM being able to target Wasm, popular languages such as C, C++, Rust, .NET are now efficiently compiled to Wasm as well. Andreas Rossberg, co-designer of WebAssembly, who joined the DFINITY Foundation in 2017, also led the effort to design the Motoko programming language, which is designed to take full advantage of WebAssembly features, and adapt them to reap special Internet Computer features such as actor model smart contracts and orthogonal persistence.
Execution of WebAssembly
WebAssembly is platform independent and can execute on (m)any hardware and software platforms. Wasm code is intended to run on a stack-based virtual machine. There are many runtimes and virtual machines that enable Wasm execution either through a browser or as a separate sandboxed process. For the Internet Computer we use the Wasmtime project to run user-defined canister smart contracts, which provides good performance. An important feature for the IC software stack is enforcing deterministic smart contract execution (to enable state machine replication). For Wasm, this is achieved through removing floating point and SIMD operations.
Security
The execution of Wasm code can easily be sandboxed and isolated from the operation of other smart contracts and processes on the IC nodes. The IC protects against attacks using OS process isolation and sandboxing. Each canister is compiled and executed in its own sandboxed process that communicates only with the main replica process via security-audited IPC. Sandboxes are given the minimal set of permissions needed to execute using object-based access control (SELinux). Furthermore, Wasm code can be formally verified.
Features
In summary, there are several features of WebAssembly that enable it to be the code format for canister smart contracts on the Internet Computer:
- It is formally specified, which increases its security.
- It provides near-native performance, greatly improving smart contract efficiency.
- It is targeted by LLVM, which means large numbers of programming languages can easily be used for smart contract creation.
- It has been very widely adopted as the new standard for computation on the Web, and consequently a massive decentralized R&D effort constantly evolves and improves the standard, and a large variety of virtual machine implementations have been created.
- Its execution can be made deterministic by not allowing floating point and SIMD operations.
- Its execution is memory-safe and sandboxed.