It's Your Internet Identity, But Not Your Money

Internet Identity Login for DeFi is a Disaster: Asset Control is Not Truly in the Hands of Identity Holders.

1. Transferring Any Asset to a DApp: If the DApp itself does not support this type of asset, the user’s assets will be lost (at least, I don’t know how to regain control of these assets, is there any method?).

2. DApp Developers’ Control: DApp developers can make the same Internet Identity (II) login result in different principals for the same DApp, leading to the loss of all assets associated with the original principal. For example, new and old versions of ICL might generate different principals. This has made me distrustful of Internet Identity. Projects not yet on SNS can easily do this, and if a DApp developer removes support for a certain token on the frontend, I am helpless.

As an active user in the IC ecosystem, it’s inevitable to transfer tokens to unsupported DApps. People usually tell me to be more careful and attentive. But those are my assets, my Internet Identity, my principal; why should they be lost because a DApp doesn’t support them? If this is the case, does the design philosophy of Internet Identity have a fundamental flaw?

Review of Connect Wallets:

Looking back at Connect Wallet solutions, Stoic has not received support for a long time and can no longer be used normally. Plug Wallet has too many bugs, making it hard to say it can be used normally. Why doesn’t the IC ecosystem have a widely supported, safe, and efficient wallet?

QQ_17286259337251920×1120 81.8 KB

After more than three years, it’s still the same.

What’s even more ridiculous is that of the two wallet developers, one disappeared after a scam but still manages ckBTC, while the other - the Fleek team - left the IC ecosystem. Currently, both wallets are still coasting on their past reputation.

Just as an fyi @ysyms and @hehe - standards have only recently been written that enables NFID Wallet to be used as a wallet. It’s currently going through an audit and will be the only open-source wallet on the network.

You can see a demo of NFID Wallet being used as a proper wallet at https://demo.identitykit.xyz

Plug isn’t open source?

There is not such a thing like a wallet in defi.

Well, DEFI is built on a fragmented infrastructure

If the user’s asset sovereignty is not guaranteed, then everything about Internet identity is built on fantasy.

Why do we need a wallet that is not entirely ours? Can DFINITY respond to this? Is there any way we can get back what is rightfully ours? Can it be improved? Or… does DFINITY believe that the control of web3 users over their assets is up to the developers of each DAPP? @dominicwilliams

I personally think it’s the best thing since ice cream. Ofc everyone is entitled to an opinion.

They won’t be lost. You can inject scripts inside your browser and move these assets. Someone can create an extension that injects these scripts and if you trust it, gain access to all tokens connected to that identity. (Someone was linking to a script in this forum you can inject through your console) Even if the custom domain gets deleted. You could point that domain on your PC to another host that gives you access to the identity and the tokens.

May happen with fringe tokens like $Tendy. NNS dapp, just added a future to support external ledgers.

In a way, it’s like sending ERC-20 tokens to an address in a blockchain that doesn’t support them.

Your wallet is always governed by the developers who made it. Even with hardware Ledger. How many users will be able to review the upgrades? Near zero. When the wallet is an extension - developers can just upgrade it without even asking you if you want an upgrade. And Google can shut them down without even asking them. Actually, a random person can make Google shut an app or extension down by filing enough reports that would make the support staff ban it. Then wallet/identity devs would be filing tickets and possibly waiting for months.

Internet Identity has a special power - You don’t need the dapp developers to trust additional parties when it comes to identities and tokens except for the NNS Dao - and it’s pretty secure and reliable.

Additionally, the asynchronicity plays a role here. If you want to put something like an order inside a DEX, you will need to lock the tokens in a contract, they can’t stay inside your remote wallet. Apps can also work 2-3 times faster if their canisters hold the tokens, hence you get the most out of Sonic and ICPSwap if you deposit funds in pools - which are like wallets.

Internet Identity is optional. Devs don’t need to use it at all. It’s up to them. What could Dfinity do? Delete Internet Identity and force developers to use other identities?

Nobody stops a dapp from using a hardware wallet and require transaction signing on everything token-related and after doing that allow you to have one wallet across all dapps.

There is also the ICRC-25 (draft) which will allow (as far as I understand it) the NNS Dapp, Oisy, and alike to work like extension wallets with one account across multiple apps. The DeFi dapp will open a window to the wallet dapp, which will prompt the user to sign a transaction.
[ICRC/ICRCs/ICRC-25 at main · dfinity/ICRC · GitHub]

This will eliminate the need to copy/paste accounts and go around dapps sending funds. You can have a 'deposit from NNS dapp, Oisy, etc" and the UI shouldn’t allow you to fetch tokens it doesn’t support.

sounds good. Hope it can be popularized

I can‘t do this. Will there be a universal script? Or do different DAPPs need to implement it separately? And I have encountered the situation where I log in to the same URL and get different principals. But I seem to understand the root cause. Each DAPP needs to maintain a separate wallet and is not portable. But before they did SNS, it was just an APP instead of a DAPP, which requires additional trust. Well… I hope icrc-25 can be launched soon, the current situation is too chaotic.

Therefore, this requires too much work, which makes each dapp adapt to different assets.

Just needs some improvements. MakeICRC-25 as ubiquitous as internet identity

But ICRC25/ICRC35 seems to have been shelved or implemented? I don‘t see anything similar used in nns

In a way, we have too many options to choose from on the IC, unlike Ethereum where there are few options - all convenient but none of them decentralized. Wallet on the AWS or a wallet in a Google-governed extension.

The wallet dapp can be DAO-governed.
The wallet dapp can be user-governed (Neutron-like - still users need to somehow find out if an upgrade is secure or not - probably using social networks)
The wallet can be a browser extension.
The wallet can be part of the dapp (II) where dapp devs don’t share keys with other parties.
The wallet can be an iframe to another dapp that’s DAO-governed.
The wallet can be inside browser memory or stored in passwords.
The wallet can require two-factor authentication.

Multiply that by the identity options. The identity can come from the wallet or somewhere else. When it’s not the same identity that’s used for tokens, the dapp can have fast calls without signing every transaction - something devs may need for games, social networks, and personal dapps.

In a way, it’s good that there isn’t one wallet/identity provider that has taken hold of all users, leaving room for exploring different options and finding the best one. IC’s identity and wallets are superbly decentralized now. Users are paying the price however for the inconvenience and complication.

Yes, universal extension for edge cases or a script for all dapps. I can’t find the script, but I’ve seen it in the forum.

Never happened to me using II. The principal you get from II is connected to the domain name and nothing else. Maybe you used app_something_com instead of something_com and they weren’t linked. Or used the old ICDex address that didn’t use custom domains. That’s still caused by dapp devs.

It’s true you need to put more effort into maintaining more accounts across different apps, even if all you need to remember are their domain names while using one Internet Identity. But it also has benefits, none of the dapps can steal all your tokens or block your access in a way one wallet/identity used everywhere can. There are some privacy benefits too.

It’s always a trade-off between decentralization and convenience. Eventually, the convenient parts will become decentralized, and the decentralized parts will become more convenient.

If you don’t trust a dapp and its contracts but want to desperately use it. There are other options - haven’t been developed yet tho. They are possible in the case where you want to exchange A for B, but you don’t know if the dapp will deliver. There can be another protocol - a blackholed canister that makes sure the exchange happens atomically and you won’t release tokens unless you get the other token. That protocol combined with ICRC-25 will give you slower, but more secure swaps in untrusted environments.

Haven’t seen them implemented yet. I would like to see these in action too.

yes it is possible, seed rounders have wallets on the CLI that can also be controlled via nns ui

make an NNS proposal for this the NNS should be modified so that anyone who can prove ownership of a principal in any container should be able to extract out assets.

@ysyms @infu We spent a LOT of time writing these standards and wrapping them into IdentityKit. NNS could be used in another dapp through IdentityKit if it supports these standards (specifically ICRC27 for accounts or ICRC28 for delegations).