Hi @jennifertran,
Great question!
MSQ’s scoped-identities work very similar to how it is done in the Internet Identity, so they provide similar security features.
Imagine you’re using ExampleSwap DEX on daily basis. One day you’re browsing Reddit and see a post like this Only today! ExampleSwap's final airdrop! Perform a single swap and become eligible for it! https://app.exampieswap.com.
You follow the link, and find yourself on ExampleSwap. Everything looks and works the same. You see the same pools, same exchange rates, usual UIs and data everywhere. The only thing that is different is that you’re not authorized for some reason. But the website, once you enter, shows you a pop-up like Your authorization session has expired to keep you safe. Please re-connect your wallet. You think “yeah, that’s how dApps on the IC usually work - they deauthorize you from time to time, so I guess it is fine”. Now let’s consider two scenarios.
1 You use some global-identity wallet (no names to not offend anyone)
You re-connect your wallet, it says something like This website wants to be able to call these 45 canisters, do you allow it?. Obviously, you don’t check every canister ID manually, you just check a couple of them, see that they are the same as the last time you authorized, and press “Allow”. Now you think “Okay, looks like it is time to swap ang get the airdrop!”. You choose the ICP/EXE pair, select amounts and press the Swap button. Your wallet says This website wants to perform a batch of transactions on your behalf: Approve ICP, Transfer ICP - do you agree?. Everything seems normal, so you agree. Everything happens as usual, you see the swap is performed. Let’s imagine that the exchange rate is 1:1, so when you check your wallet you see that exaclty N ICP was deducted from it and exactly N EXE was added to it. Everything is great. The website even shows you a message like You're now eligible for the airdrop, which will be distributed today at 23:59 EST. Thank you and have a great day!
You turn off your computer and go for a walk with your friends. The next day you check you balance again to find out that you no longer own any ICP - they are all gone.
Turns out this was a phishing website. It was a perfect copy of ExampleSwap that was connected directly to ExampleSwap’s canisters. But instead of performing your swaps directly via liquidity pool canisters, it performed them though a proxy canister. When you approved ICP, you actually approved it to that proxy canister, which instead of asking for N ICP allowance, asked for 1.000.000 ICP allowance. Then it performed the swap for you and transferred you the EXEs. It did everything as you would expect to not raise any alarms early and be able to trick more people like you the same way. Then, after several hours it just transferred all the ICP’s from your wallet, since you allowed it to do so via the ICRC2 approve call.
You could save yourself from this attack, but this would require you to manually check all the consent messages and payloads that the wallet is trying to sign. For example, you could notice a new canister (proxy canister) among 44 old ones during the wallet connection phase. But most probably you would just think that this is some new canister ExampleSwap has added to their list.
Or you could notice that a canister ID targeted for the approve ICP call is different from ExampleSwap’s ICP/EXE pool canister ID. But most probably you don’t remember ICP/EXE pool canister ID and you would be too lazy to check it through the dashboard.
You could also notice that the allowance amount is way higher than your swap amount, but many dApps do that - they ask you for a bigger allowance to not call this method multiple times and be able to just transfer from you without bothering you with another consent message.
And of course, you could notice that the domain name is different - it is exampieswap.com and not exampleswap.com - but this requires some focus. And most probably, once you click on that link and see that everything looks exactly the same, you won’t second guess yourself about checking the domain name. Especially if you’re in a rush to go get outside to see your friends.
So, in this scenario, the chances your signature for the ICRC2 approve method being stolen are pretty high, even if you are an experienced crypto user. For newbies this rate is almost 100%.
Why don’t we see these attacks happening yet? My personal understanding is that because IC’s DeFi space is tiny (in comparison with Ethereum). A real attack on some DEX like Sonic or ICPSwap like this would yield… $30k, $50k at best luck? Since creating a perfect website clone like this would already cost at least half of that amount, it is simply not worth it. But if nothing changes, and the space grows over time, we will definitely see cases like this - on Ethereum they happen very often.
2 You use some scoped-identity system, like MSQ or Internet Identity
You re-connect your wallet only to find out that for some reason it offers you a different set of identities for this website. They don’t match the old ones - you have a different principal now for some reason. Let’s assume you’re super-unfocused right now and don’t notice that.
You continue to the DEX. You navigate to the swaps tab and try to swap ICP for EXE. But for some reason you don’t own any ICP. You’re refreshing the page, thinking that this might be a connectivity problem, but nothing changes.
And that’s it. End of story. Even if you’re an absolute newbie, you will most probably try rebooting your pc and opening ExampleSwap again. If you open it via your bookmarks, you’ll figure out that there is no airdrop. And even if you don’t figure it out - making a swap via the legit website is absolutely safe. If you open it via the same phishing link again, you’ll see that nothing has changed and you’re going to ask questions.
There is no way to perform such an attack when your identity system uses website’s origin as a seed for keypair generation. Even if you figure out a way to use cyrillic letters instead of latin in your phishing domain name (“eхampleswap.com” - “х” is cyrillic vs “exampleswap.com” - all latin) - you can’t fool the hashing algorithm, because these letters have different byte content anyway.
Conclusion
Scoped-identity auth systems (as MSQ) are just superior in terms of protecting users against nasty stuff online. Yes, there are problems with interoperability such systems introduce. But it will all be figured out in a couple of years. The most important thing is to guarantee safety.