In a way, we have too many options to choose from on the IC, unlike Ethereum where there are few options - all convenient but none of them decentralized. Wallet on the AWS or a wallet in a Google-governed extension.
The wallet dapp can be DAO-governed.
The wallet dapp can be user-governed (Neutron-like - still users need to somehow find out if an upgrade is secure or not - probably using social networks)
The wallet can be a browser extension.
The wallet can be part of the dapp (II) where dapp devs don’t share keys with other parties.
The wallet can be an iframe to another dapp that’s DAO-governed.
The wallet can be inside browser memory or stored in passwords.
The wallet can require two-factor authentication.
Multiply that by the identity options. The identity can come from the wallet or somewhere else. When it’s not the same identity that’s used for tokens, the dapp can have fast calls without signing every transaction - something devs may need for games, social networks, and personal dapps.
In a way, it’s good that there isn’t one wallet/identity provider that has taken hold of all users, leaving room for exploring different options and finding the best one. IC’s identity and wallets are superbly decentralized now. Users are paying the price however for the inconvenience and complication.
Yes, universal extension for edge cases or a script for all dapps. I can’t find the script, but I’ve seen it in the forum.
Never happened to me using II. The principal you get from II is connected to the domain name and nothing else. Maybe you used app_something_com instead of something_com and they weren’t linked. Or used the old ICDex address that didn’t use custom domains. That’s still caused by dapp devs.
It’s true you need to put more effort into maintaining more accounts across different apps, even if all you need to remember are their domain names while using one Internet Identity. But it also has benefits, none of the dapps can steal all your tokens or block your access in a way one wallet/identity used everywhere can. There are some privacy benefits too.
It’s always a trade-off between decentralization and convenience. Eventually, the convenient parts will become decentralized, and the decentralized parts will become more convenient.
If you don’t trust a dapp and its contracts but want to desperately use it. There are other options - haven’t been developed yet tho. They are possible in the case where you want to exchange A for B, but you don’t know if the dapp will deliver. There can be another protocol - a blackholed canister that makes sure the exchange happens atomically and you won’t release tokens unless you get the other token. That protocol combined with ICRC-25 will give you slower, but more secure swaps in untrusted environments.
Haven’t seen them implemented yet. I would like to see these in action too.