Sorry to have missed this Identity Group discussion today. The following topics would have been brought up by AstroX. I’ll just leave them here for further discussion:
1. Mobile App Integration
Problem: Mobile Apps, for example Distrikt, are hard to integrate with II. Because II only accept and response to browser window. The integration flow will become as following:
- Mobile app needs to load up a browser window page to redirect the authentication payload.
- The middle page should be the same url to web version login page of the DApp to make sure the principal ID is the same to both end.
- Payload are session publickey , “frontend url” and anchor number.
- After II response with a delegation message, this middle page will have to rebuild the delegation chain and get it back to mobile native side to recover the correct delegation identity.
This flow is not very good for mobile DApps, and we need to find a way to remove the middle page and call II’s canister function directly or allow II’s frontend to receive payload from other client software besides of Browser
2. Global delegation Identity and cross-device authentication
This two problem are related.
First, global delegation identity, is more important than we think for users. Delegation Identities provided by II, initially design for a secure way to access domain-tied canister, to prevent the delegation leak and protect users’ privacy. However, users today are too familiar with global ID for example ethereum’s wallet, they find it very easy to use to login as many integrated website. These IDs are portable, easier to understand that seems every DApps display the same thing, and more importantly. Users can use them to receive and send assets(coins/nfts) across the DApp. On IC, users find it difficult to understand and getting confused when they mint a nft from DApp A, and they have to manually input the principal/accountId of DApp B (market place maybe) to be able to list it to the market.
We have been told that the II team is working hard to find a solution with “pemission/capabilities” model of delegation. Which is great, however, we still need to find a way to generate such global ID for users to understand and use.
Secondly, AstroX is experimenting with such global delegation. We need to be careful that the delegation targets(canister IDs) have to be passed into the canister signature. And every time when there is a new actor with new targets used by frontend, these targets are also needed to added to the signature. If not, the global delegation can access to all the DApps and putting users in dangerous situation. We have seen Plug wallet is using the same mechanism to prevent this situation happens, since they are also another solution of global IDs. Although we can keep this secure by signing every targeted canister, but It will also increase the cost of interaction of Users. For example, entrepot has over 190 NFTs listed right now, and more will be added to the market, users need to sign all of them. Now think of if some day oc.app is integrating with such global ID, since every user control his/her own canister, if you invite a friend to your chatting channel, another canister need to sign. Which will cause such delegation not applicable to IC DApps.
For our problem, is that we cannot use cross-device login. For example, Alice has a mobile app holding her identity, meanwhile she wants to login to a computer in the public Cafe. Now she won’t have to add the computer as a device to her II, but to control a temporarily session identity using her mobile app, just like scanning a QR code. Now if only when the delegation is global, the signing process is needed when new target canisters are added. Which will cause so much trouble in this device-to-device situation. We do really want to support this scenario, but to overcome this problem, we need advanced solution of global delegation capabilities or we just have to use other protocol like WebSocket or other methods.
