Enable Canisters to Hold ICP

Wrt your suggestions:

  • We’re currently conducting two internal security analysis efforts, and intend to make the implementation proposal only once they are complete

  • We have been working with 3rd party companies to review security of all parts of the IC. We are considering whether parts related to ICP on canister should be a priority for the next round, but it takes time (weeks up to a few months) to slot in.

  • We are working on a bug bounty program

  • I’d guess sandboxing to take several months (meta: I’ll take the feedback from this thread as a vote to give it high priority)


Are we saying that the rollout plan is to be extended until the end of sandboxing? I.e. even if the vote passes, it is unlikely to have the code updated by the Week of September 27, 2021 (as per the timeline above)?

It sounds to me like yes. It would open non custodian ICP (and other NFTs) trading.

There’s already a (ROM) $30m honeypot in IC.

1 Like

Our proposed plan is to not wait for sandboxing and roll out soon, but remind everybody that the IC is still in beta and recommend experimenting only with small amounts of ICP on canisters.


Please see here for why no one will buy : …“but it was beta”…


I understand you probably realise this, but isn’t the issue that some party over a long period of time, say 12 months, could find the owners of node providers and bribe them to run a different consensus mechanism. By shuffling you mitigate this long-term threat? Thanks.


how to submit mg propasol

Thanks for bringing this up! We are doing prep work for this right now and will put it up as a roadmap item in the coming days.


Update: Motion passed


Great to hear! I’m not sure which post you’re replying to, was it this one? Enable Canisters to Hold ICP - #77 by lastmjs

(I suspect you may have copied/pasted the wrong URL)

But fwiw I know Jan is referring to this post: Enable Canisters to Hold ICP - #77 by lastmjs

Haha, yes definitely the wrong url :slight_smile:

1 Like

Thanks for the clarification.

Sandbox for canister wasm execution is under way. The primary difficulties are a) the architectural changes to make it performant and b) disentangling the canister API such that no security-critical operations remain in the sandboxed process. The focus for initial version being implemented right now is functional correctness, disregarding performance requirements for the sake of correctness validation at first, and will therefore in all likelihood never be launchable on production network. We are committed to having sandbox launched well within this year still. More details and updates will become available in the following weeks as prototypes and designs finish.


This is excellent, thank you

Completely agree. Canaries are needed.


Update: we have a new thread for security sandboxing. We hope this will pick up speed shortly with more concrete plans.


Unbelievable!! The velocity with which we are executing as a team with careful thoughtfulness is great to see!


bump *** I just want to know when the proposal will be implemented (personally, I’m looking forward to this feature).