Was chatting with the AstroX Team about their ME app. I have concerns about their requirement to add an additional device to my Internet Identity. When I pressed them on the subject they said they had spoken with Dfinity and that there was some acknowledged security issue. They claim there was some mutual understanding and some collaboration being done with Dfinity.
@kpeacock can you confirm any of this? I don’t mean to put you in the spot. I’m just trying to assess what level of risk we have so we can advise our community members accordingly.
I can confirm that we are in contact with the team, but also that the current implementation gives their application complete control over your Internet Identity, NNS account, and any other sites you have logged in with that II.
It shows the need for more granular and sensible integration authorizations in II and NNS, but while those are not built, this workflow is highly risky to users. A malicious actor could drain your ICP, take your NFT’s, merge your Neurons with ones you don’t control, or kick you out of your II
The ME team seems legit obviously, since they’re in contact with Dfinity. The ICnaming collab adds to that as well, so I have no worries about using my II with ME as a device. My biggest concern is that this workflow could be used by scammers in the future. “Add us as a device on your II” is just too simple and exploitable for the scammers and thieves to ignore.
While I believe that the AstroX ME team has the best intentions, I do want to be clear that I disagree with “The ME team seems legit obviously, since they’re in contact with Dfinity”. I think the main reason that there is contact is because DFINITY thinks that the approach they are taking is very dangerous. DFINITY is not vouching for AstroX ME or the security of their app (which is also difficult because it’s closed source).
Yeah I don’t think I want to add any device to my Identity that isn’t one that I am in control of. The flow is way too similar to giving a site simple access. There def needs to be more security around II.
From my understanding it is like linking another device to your identity except it is also in the control of app Y. I could be wrong. I really don’t know how any of this works in detail.
Thanks to @LightningLad91 for opening this discussion, @kpeacock and @Manu for sharing some facts and your insights!
I’m the cofounder of AstroX. Our 1st product aka ME application provides a new way to use Internet Identity and its authorized dApps. It provides a level of ease of use and better UX both on desktop and mobile. There are many users who love it. Since ME beta launched a month ago, the total ME accounts created has passed 7K as of today.
There are also some community members who have doubts and questions. We want to respond these questions.
First, most questions focus on the device syncing process to gain access control of II, and NNS, and its security implication. Some developers in the community really want to know how ME works and its technical details. We are writing a technical article explaining in details how we design and implement ME, our thinking of security and what needs to be done. This article will be posted on our Medium shortly. Hopefully it may address all major questions and confusion that caused.
Second, about open-sourcing ME. We as Web3 developers, live and breath this spirit. So here is our open-source roadmap:
We will work closely with II team and keep following II’s development roadmap, especially on security improvement upgrades. Meanwhile, we plan to upgrade ME’s security measures including 2FAs and access control of ME devices. We will also work with community on identity/wallet risk education to raise security awareness.
Until then, we will keep the code base private to prevent malicious ones from copying and harm users. If malicious actors could easily clone and launch a ME-like product, IC social media might soon be plagued with spammer/phishing links (just like in ETH world many bots trying to steal user’s MetaMask seed phrase).
We believe in conversation and transparency, what we are planning to do is to invite quality developers from the community and members from the DFNITY foundation to join our GitHub and review the code base, so more eyes on us from doing something stupid or even malicious.
ME application will follow its own roadmap to evolve. It is in Beta now, and in the final release, the use of II and security measures will be totally different. We will open source our final production design, including frontend and canisters. By then, we welcome everyone to contribute and discuss.
Let’s continue this thread and we shall update more information along the way. Team AstroX and I are always available for a conversation. I think it’s the only way we can make IC community stronger together , and build better products and solutions for our users.
