Internet Identity 2.0

Yes, this is indeed the case at the moment.

Users can go to their 2.0 dashboard from id.ai and add a new passkey to reduce their reliance on a single passkey.

We also thought of allowing the upgrade even though it was already upgraded. We might do that, but it might also be confusing for users who don’t have this scenario.

That’s why I wrote that the seed phrase from 1.0 must work as a normal way to log in to the new ii.2.0. Is that some problem? We cannot rely solely on devices - no matter how many there are.

We will support that for sure. It’s one of our top priorities to add seed phrases to 2.0 and keep the backwards compatibility with 1.0 see phrases.

Hoping we can have same seed phrase system like ii1.0😆

IMG_71001170×560 77.6 KB

Any update? Is it ready and secure?

Yes, it’s ready for developers. With a few hiccups:

• Seed phrases are not supported (yet).
• Existing users need to go through the upgrade flow.

If developers accept those two limitations, there is no reason to not start using id.ai as the URL for the identity provider.

Great, I didn’t understand whether, after a user has upgraded his ii, they will still be able to log in with Internet Identity version 1 using that same Internet Identity, in case other dapps haven’t yet upgraded to version 2. Thank You

Yes, upgrading is only an add-on.

We address some of these questions in a more recent post and also the FAQ linked during the upgrade

2. Will I lose access to Internet Identity 1.0 after upgrading?

No. Upgrading adds a new discoverable passkey for Internet Identity 2.0 without removing your existing Internet Identity 1.0 authentication methods.

This means:

• You can still log in to services using Internet Identity 1.0 as before.

• You can also log in to Internet Identity 2.0-enabled services using your new passkey.

So I understand:

Internet Identity 1.0 seed phrase account recovery will work

1. before upgrading to Internet Identity 2.0 (current status) and
2. after upgrading to Internet Identity 2.0 ?

Is this correct?

This would mean that if I loose access to my passkey devices while using Internet Identity 2.0 I can

1. recover my Internet Identity 1.0 account with my seed phrase and then
2. upgrade that recovered account (identity) again to II 2.0 through id.ai?

All without loosing any data or access!
e.g. NNS account(s) with and without Ledger device control, dapps, oisy wallet?

Is this correct, too?

No, as i know, you can upgrade ii.1.0 to 2.0 only once. So if you somehow loose your access to your ii2.0 - you loose it for good. At least until they figure out a way to fix it (for example, the possibility of re-upgrading). I have already raised this issue in my previous post.

Sorry，I am a bit confused.I have never understood that the combination of private and public keys is the cornerstone of digital currency. In order to be easy to remember, private keys can be converted into phrases (12/24). Without phrases in 2.0, is there no private key? If not, then what does it rely on for encryption? How can 2.0 be launched without a private key or phrase? Thank you!

Wait what? II 2.0 still has seed phrases?

You understand that is the single most confusing and error-prone step for new users into Web3, no?

Any chance we can use II 2.0 without ever seeing the word seed phrase?

No it isn’t , for now. And that’s the problem

If this confuses someone, they probably shouldn’t use crypto until they learn how to use paper and pencil.

I think we all agree here that the seed phrase is a last resort, and it simply has to be. No serious investor won’t touch something that is not safe.

And the new 2.0 is still UNSECURE (depends entirely on peripheral devices = means unsecure!)

Completely agree with this point. Assuming a person has been away for 10 or 20 years and has a seed phrase (or private key), then BTC can definitely be retrieved. However, if BTC can freely remove the private key (seed phrase) or only rely on the device or something like centralized Google, then it can be certain that the device is likely to be damaged or outdated without upgrading, and the Google account is likely to be cancelled. This is not allowed for digital currencies. No large fund dares to invest their funds in uncontrollable and insecure digital currencies, So don’t quite understand. Without seed phrases, how could they dare to go to the beta version. Investors may not use seed phase, but IC cannot do without it. This is a matter of attitude and principle.

In Internet Identity, the seed phrase (24 words) is the recovery method, similar to how most blockchains manage private keys. That phrase is simply a way to back up and later regenerate the cryptographic key pair used by your anchor.

• Pubkey is used to identify your credentials as the owner of a given identity, but it is itself changeable and there can be many of them (up to 10 per anchor).
• Pubkeys are “changeable” in the sense that you can add a new credential_id (with a new pubkey) or remove an old one, but the anchor remains the same.

Thank you very much. I understand what you’re saying. Pubkey is a great tool for daily use, but whether it’s Google authentication, hardware, or computers, they can all have problems, especially if they can’t withstand the test of time. For example, if Google doesn’t log in regularly, it will be logged out. Therefore, phrases must be used as the last resort for retrieval. Hardware may also be damaged over time, or its performance may not be able to be upgraded - for example, after being stored for ten years. The basic concept of encryption is’ your private key, your asset '. Imagine a person who has been wrongly imprisoned for fifteen years and has a private key (or phrase), there is no problem retrieving it, but Pubkey is likely to be ruined. I lost Pubkey after upgrading my computer, so I used phrases to retrieve it. Google authentication has also been revoked due to its expiration date. Security must be the top priority for digital currencies. Of course, thank God, it has been confirmed that 2.0 will have seed phrases, but I don’t understand why they launched a trial version before this feature was available, which seriously deviates from the security concept of the crypto market.

Yes, recovery flow will continue workin on 1.0 and we will add support for it in 2.0.

As @casualchess points out, at the moment we allow upgrading only once. But we might fix that for advanced users that know what they are doing.

And yes, the NNS account(s) and other apps are not affected by the upgrade.

Just out of curiosity, how you are so sure of the security/confidentiality of a piece of paper over 20 years?

I have witnessed no less than 10 crypto friends who knew how to use a pen and paper and who have lost millions of USD because of the loss, stolen and forgotten seed phrases/mnemonics.

Sure, it is their fault. Not the UX and products’ of this industry. You can keep saying that till everyone leaves.

Do NOT add “advanced features” to the II.

You know why so few users who use II 1.0 ICP before?

Because people couldn’t figure out the “advanced functions” and they simply leave.

Keep it simple, stupid.