Introducing IDgeek - Identity Anchor Marketplace

Hello everyone!

We have launched a new project called IDgeek.

IDgeek is a secure and automated marketplace for buying or selling Internet Identity (II) Anchors with their linked assets.

The concept of selling II Anchors (and their linked neurons) has been a topic of discussion in various forums and communities, with differing opinions on its advantages and disadvantages.

Our vision is to address the lack of security surrounding the transfer or sale of II Anchors by providing a solution through IDgeek.

How it works.

To sell your II Anchor, the first step is to transfer it to the IDgeek smart contract, which will take control of the Anchor and allow the owner to receive it back if needed. Once the Anchor is transferred, you can list it on the IDgeek Marketplace. Upon successful sale, the money will be transferred to your account.

Important to note that on the IC, there is a way to keep access to the NNS even without having access to the actual Anchor. This can be done by granting permissions for up to 30 days using custom NNS interface. It is impossible to see or remove granted permissions. Therefore when you transfer your Anchor to IDgeek, there is a 30-day protection period. During this time, if your Anchor is sold, the Anchor and the funds will be held in an escrow account until the protection period is over. This is done to protect the buyer from fraudulent activities. After 30 days, IDgeek’s smart contract will check if the state of the accounts and neurons has been changed. If everything is okay, the transaction will be completed as normal. But if the seller tries to cheat, the transaction will be cancelled, and the buyer will get their money back.

We would greatly appreciate your feedback! Please share your thoughts with us.


Dfinity has told us that neuron marketplaces are a threat to ICP’s security.

So it would be good to get a discussion going with the foundation. Many in the community are worried and so I think we should discuss considerations.


That said, it is nice to be able to buy cool anchors so well done on creating a great user experience.


I agree. I would like to hear from Dfinity on this marketplace, especially since it enables quick neuron transfer at discounted rates.

In my personal view, I don’t think this poses a big threat. This only allows sale of neurons tied to II in the NNS FE dapp, which I think is a tiny fraction of the voting power. Neurons created with dfx / quill / ledger nano cannot be transferred with this method.


Thank god you are here Manu <3

Is the code open source? Can the community check it?

What is the mechanism for the canister to hold the II? Does that mean that the canister is storing a secret?



How are you able to determine this fact? Is there a way to see a breakdown of neurons that are II-generated vs. dfx / quill / ledger generated?

Perhaps this is also a question for @Kyle_Langham

  • Just to confirm from the side of DFINITY: We still have concerns on neuron markets for security reasons. In particular, we believe that it should be difficult to transfer neurons in order to ensure that neurons have skin in the game and thus vote in the long-term interest of the IC.
  • As mentioned by Manu above, this particular project focusing on transferring Internet Identity anchors is currently not a major concern, because neurons with substantial voting power are typically managed by alternative measures (DFX, Hardware wallet, Quill).
  • The team is still exploring ideas on how to make it more difficult to transfer neurons (or provide additional incentives to neurons which are not transferable). This could also affect neurons controlled by Internet Identity.

Hi Bjoern!

I’m really struggling to see how this is a network security issue… in fact, if Dfinity is concerned about having ‘skin in the game’ I think we should remove all Named Neurons and require people to vote manually. Below are three scenarios:

  1. I buy 100 ICP off the market and stake and vote = 100 ICP skin in the game
  2. I buy a neuron with 100 ICP locked for 80 ICP and vote = 80 ICP skin in the game
  3. I create a named neuron with 1 ICP (or actually just share by neuron number) for people to follow and get 100 ICP worth of followers = 1 ICP skin in the game

All 3 scenarios give me the same Voting Power however only one scenario has a security risk because of no skin in the game. Selling neurons is not a security risk especially when compared to Named Neurons.


The problem is more that the closer you get to selling/buying neurons, the closer we are to flash-loans and all the related attack vectors. In other words, it’s the duration of skin in the game, not (only) the amount that is important


You’re missing the point about potentially following a Named Neuron with NO skin in the game! Duration is irrelevant.

Also, missing the fact that it would still be incredibly costly to buy enough ICP (which you will need to buy neurons) or neurons to make such an attack… and then what? You still have the financial risk.

Whereas a Named Neuron doesn’t have that financial risk and can still vote with all the followed VP.

Some quick math… I want 100m VP roughly 50m ICP… I want to buy existing neurons and let’s say I can get a 40% discount so that is 30m ICP I need or 180m USD (this example completely ignores that this purchase volume will make the price of ICP and neurons rocket)… then I pass a bad proposal and my 180m USD is worthless?!

Meanwhile I can collude with a few Named Neurons and get 100m VP for much cheaper and less risk.


I’d like to further add that flashloans are impossible on the IC, due to the lack of atomicity. The action of “acquiring VP → vote → sell VP” is neither risk-free nor zero-cost, thus the IC is very resistant to such attacks compared to other implementations on other chains.


We are planning to open source the whole project and blackhole the module which controls the Anchors. I cannot provide an exact ETA at this moment though.

To gain control over an Anchor, the canister first obtains the public key through the threshold ECDSA protocol. Then, the process of adding this key to the list of devices for the transferred Anchor takes place. Once the public key from the canister is added, the canister removes all other devices associated with the Anchor, thereby gaining exclusive control over it in the InternetIdentity app.
It is important to note that after taking control, there is a maximum period of 30 days during which previously issued delegates for accessing various applications (excluding InternetIdentity) can still exist for the Anchor. Until these delegates expire, the owner has the ability to perform operations on the respective applications. This is why we impose a 30-day protection period for selling. No secret keys are stored, and threshold ECDSA protocol is used for signatures.
The owner who initiated this process is associated with the Anchor. The owner can make sale offers, and in the event of a purchase, ownership is transferred to the buyer. Additionally, the owner can initiate the return of the Anchor’s control to their own device. During the return process, the canister registers the user’s device, and after access confirmation, removes its public key from the list of devices.


I think the following summarizes my thoughts on this subject. And I’ll note that I don’t want this to take away from the very cool technical accomplishment of IDGeek. This tech(and tecdsa and/or subnet signed based neurons coming soon) was inevitable and these conversations are just part of the healthy evolution of the IC. Also, there are very likely ways to sell IIs that keeps the neurons from being part of that equation.

Copied from my tweet here:

I had to sleep on this to come up with a better example. I think there are a couple that I’ll try to lay out now.

In the US, you have the right to be presumed innocent until proven guilty and the right to a trial by jury. This creates an imbalance where, generally, you can’t keep someone in jail while the state builds its case.

The system in place to deal with this is the “bail bond” system, which aims to ensure that citizens maintain their rights while the state upholds the rule of law.

This bail bond is a “demand contract.” It requires that a specific person appear on a designated date to stand trial if they want their cash back. When SBF posts a $250,000,000 bond to guarantee his court appearance, the state holds those funds in escrow. If Gary Gensler shows up on the trial date and says “sorry, I paid my buddy SBF $125M, and I’m here to stand in his place, please return his bond to me,” the state will refuse, explaining that he fundamentally misunderstands the justice system and then confiscate the $250M bond. Allowing someone else to face judgment breaks the system of rule of law and promotes lawlessness, resulting in a worse society than would exist if justice were upheld. Laws aren’t a sufficient deterrent to lawlessness if you can pay someone to take the heat for you.

Furthermore, this bail money isn’t meant to compensate for the lack of justice if SBF doesn’t show up. Although it may help mitigate the consequences, it’s ultimately a different currency, and the result is a less just system than if the offender were held accountable or exonerated. This situation creates a tragedy of the commons, and the proverbial cup is not as full as it could have been. There is less justice because the subject has bypassed the system.

A NNS neuron is a form of demand contract, similar to a bail bond. The difference is that your actions (or hopefully productive governance) won’t be judged until the end of your staking contract. The contract exists to provide security to those using, investing in, and building on the platform. You indebt yourself to the platform, and it agrees to pay you maturity for your votes as long as you stand trial at the end and face the consequences of your performance. The market conducts this trial, rewarding you if the value of your bond increased and punishing you if it decreased.

If someone else appears for the trial, it breaks the social contract in place. Specifically, the NNS is willing to pay you for coordinating with the network under the assumption of the bond contract.

This security is a commons owned by the network as a public good. An individual trying to privatize personal gain from the commons at the expense of the commons is generally considered to be committing a crime.

You can’t dump toxic waste in the sewer, claim personal sovereignty, profit, and expect a functioning ecosystem in the future.

If you believe it’s acceptable for Alice to pay Bob to dump her toxic waste in the sewer and that it’s just “two individuals trading toxic waste,” then we have fundamentally different philosophical viewpoints on the commons and public goods. A few people doing this can disrupt the entire ecosystem…they don’t have to singlehandedly have the ability to induce a terminal velocity toward complete environmental destruction for it to be bad for everyone.

On the Internet Computer, the NNS has been granted a monopoly on computational and financial authority over the platform participants. This arrangement has its drawbacks, especially as Andrea points out, the distribution of voting power isn’t exactly egalitarian at this point. Additionally, we don’t have a judicial system in place to protect a set of “rights” against potential mob overreach. It’s evident that we have a long way to go in terms of governance mechanisms. While these are separate debates, they are worth having (or revisiting) at some point. However, the lack of a comprehensive system shouldn’t cause us to compromise on network security or stand by while individuals try to privatize the very thing that makes the whole system work for personal gain. This approach is a recipe for a toxic ecosystem.

Possible solutions (the right solution may exist at some intersection of these, but they are gradients, not absolutes) include:

  1. Use proof of personhood to constantly sign the bond and/or quarantine voting power if the person doesn’t provide zero-knowledge proof that they are the original staker upon each vote or follower designation.

  2. Force everyone to auto-stake maturity so that they can’t benefit financially until the trial date (a non-starter if we want to attract stakers until the system has enough utility for governance to have its own intrinsic value).

  3. Attempt to track and quarantine neurons (the worst solution, as Andrea has pointed out, this unfairly benefits elites who can hide their activity).

  4. Voluntary quarantine for an agreed-upon period and then allow a sale (suggested by coolpineapple).

  5. Explore other potential solutions collaboratively.

I’m not looking for anyone to provide a cure-all today…as @accumulatingicp has mentioned, we have “some” time before we might be in a place where brutal damage could be inflicted from this. But I do think we should get to a place where we can agree that there are dangers here, including death by 1000 cuts, that we should be proactive about discussing and planning for.


I find it hilarious and to be honest completely hypocritical to refer to staking as a contract with the NNS…considering that you led the charge to change the terms of that “contract” (ie staking/governance rewards) several times!


Those days were whack

1 Like

Super cool app and interesting thread of discussion!

One observation is that buying neurons is different than buying voting power. If the concern is the latter, I would argue that purchasing VP can already be done easily, and even manually! As long as it is possible to verify if a neuron has voted on a given topic, VP can be purchased. Worrying that an II market would lead to purchase of VP is perhaps absurd.

The full impact of liquid neurons is yet to be understood. For example, should an 8-year locked neuron of 1 ICP sell for greater than 1 ICP, or less? It seems arguments can be swayed both ways. Can’t wait to see more development of this market! Good job guys! I think it is a great experiment, will be rooting for you!


The NNS provides mutability for the protocol. Only self restraint and social norms can keep abuse from being a reality.

IF the NNS chose to make some change(which I think is essential for the n long term health of the protocol) here it is probably very wise to grandfather in existing neurons under current rules.

Also, dude


You lobbied excessively to change the replica to get a taggr’s canister back.

Your sanctimonious stance on immutability has 0 weight anymore. You sold your soul to devil. (Turns out the mutable canister devil is actually a really cool dude tho…helpful to have around in a pinch).


The consistency of your arguments are completely hilarious!

YOU are the one arguing about the immutability of neuron ownership!

I’m the one saying it should be mutable like everything else on this chain.

Please try to keep up!

1 Like

Let me be more clear then. We should judiciously Shepard the platform to maximize the value of the network in the long term.

This may include mechanisms that create incentivizes, punishments, and structures that do this. We should prioritize incentives over punishments, but punishments may be necessary for the health of the network.

Immutability isn’t a cure all for everything all the time. In this instance, finding a mechanism that secures the “skin in the game” mechanism is maximal for the network. Canister architecture is a different issue. As is governance. As is rewards. As is x.

Maximize the long term value of the network. Period.

Does tradable neurons do that? No. It subverts the fundamental skin in the game mechanism and offers no mitigating for the loss of security in that mechanism.