Make canister calls with delegations

Having the possibility to make canister calls with delegations would make it possible to use any identity in DFX indirectly including Internet Identity.

This also seems like a safer approach than exporting an identity from a wallet as PEM file. Currently I’m working on a wallet that has a non exportable identity but I would still like to enable developers to use this identity from DFX.

I’m currently thinking of a “Create delegation JSON file” screen in the wallet where the user specifies an expiration which is by default a value on the safe side like 10min.

This file could then be used e.g. like this:

dfx canister call your_canister_principal your_canister_method --delegation "./delegation.json"

I was wondering if anyone else had a better/alternative idea and/or suggestions.

GitHub discussion can be found at: Make canister calls with delegations · dfinity/sdk · Discussion #3182 · GitHub

1 Like

We had the same idea a while ago, especially login with Internet Identity, but it got pushed back on our backlog. If you would like us to prioritise this, please upvote this feature request on our feedback board

Considering work has already been done on this in rs-agent, would completing this implementation be a solution?

DFX could then implement two parts on top of this:

  • Set delegation method to point to a json file
  • Internet Identity login that creates a new identity, downloads the json and sets the delegation for this identity

I wouldn’t mind implementing the above based on the same implementation the web client has. The internet identity login would probably happen on a localhost site, there’s already the dashboard running with DFX too.

Sound fine to me. If you’re interested in doing it I’m happy to get you into one of our team meetings so we can get everyone on the same page before anyone puts in a bunch of work

I would be interested in doing it, feel free to invite me into any meetings regarding it.

1 Like