Hi Everyone
A new Internet Identity release was cut this morning and the corresponding upgrade was submitted to the NNS in proposal 132528. The foundation voted on this proposal faster than usual, skipping the consideration period.
The reason for the quick voting was that this upgrade fixes a (public) vulnerability in the verifiable credentials flow. The vulnerability is now fixed.
If you have any questions, I’m happy to answer them.
Frederik
Since you are here, could you tell me the difference between the normal login and the recovery login ?
There is a device that I have as recovery. Why cant I log in directly with it and have to push recovery to do the exact same thing ? Isnt that a second useless redondant and totally equivalent flow ?
@Doudi: You are right, there is no real benefit to recovery devices (as opposed to just having multiple normal ones). We have it on our backlog to unify the flows, but have not gotten around to doing it unfortunately.
For now, I would recommend to simply add multiple normal passkeys.
I 'll use this opportunity to ask Dfinity to reconsider including II proposals in the “Grants for voting neurons” in order to incentivize reviews. Many of us agree that II is a great and very important part of the IC.
I think this request would be best addressed by @lara. 
Thank for bringing this up @ZackDS and for forwarding @frederikrothenberger!
The voting neuron grants have now already been launched. The idea was to go with the 4-5 proposal topics that are most critical for the platform’s security - of course many others, linke II upgrades, are also super relevant - but we had to start somewhere.
The current idea is that in the future additional incentives for neurons to verify proposals would be built into the platform rather than provided as grants.