Proposal 138130 to upgrade II (2025-08-22)

Governance NNS proposal discussions
, ,
1

This 138130 proposal is Internet Identity release release-2025-08-22 for commit 21d4aa051b10586700785d4728caabb1a77db0cf.

We’re working on changes to the OpenID implementation starting in this release with faster re-authentication, users will no longer need to pick their google account when they’ve authenticated before.

Besides this change there other changes related to OpenID that aren’t visible yet, small improvements, A/B tests, various fixes and lastly this release will enable the feature_flag_continue_from_another_device flag that will automatically sign a user in after the “Continue from another device” flow.

What’s Changed

Full Changelog: Comparing release-2025-08-19...release-2025-08-22 · dfinity/internet-identity · GitHub

Build flavors

For more information please see the Build flavors section of the README.

Filename sha256 (links to CI Run)
internet_identity_production.wasm.gz f9b8a9f2123bf76b2c9ee571cb5bb10f7c6f2f836c1513a2d6ec8cb7b09802e8
internet_identity_dev.wasm.gz e43612c989c35899308361d366d933c3b3af9669c9145ce6020d37fa36cc404f
internet_identity_test.wasm.gz 9c82544b14305b001a1da31ce664f962f4725ccfc9a5c8b741cf848947ec5e68
archive.wasm.gz 4e8431f2c01c32aced21439e8a97ea0abe224af8188958a477eadfad46e690fb
vc_demo_issuer.wasm.gz 58e4ab2b2e885959248370c318e4ae7a9398c47e35c14e36ee1e056043b0889b

Wasm Verification

To build the wasm modules yourself and verify their hashes, run the following commands from the root of the Internet Identity repository:

git pull # to ensure you have the latest changes.
git checkout 21d4aa051b10586700785d4728caabb1a77db0cf
./scripts/verify-hash --ii-hash f9b8a9f2123bf76b2c9ee571cb5bb10f7c6f2f836c1513a2d6ec8cb7b09802e8 --archive-hash 4e8431f2c01c32aced21439e8a97ea0abe224af8188958a477eadfad46e690fb

Make sure to compare the hashes also with the proposal payload when verifying canister upgrade proposals.

Argument Verification

Run the following command to verify the upgrade argument hash:

didc encode '(
  opt record {
    fetch_root_key = null;
    openid_google = null;
    is_production = null;
    enable_dapps_explorer = null;
    assigned_user_number_range = null;
    new_flow_origins = null;
    archive_config = opt record {
      polling_interval_ns = 15_000_000_000 : nat64;
      entries_buffer_limit = 10_000 : nat64;
      module_hash = blob "\4e\84\31\f2\c0\1c\32\ac\ed\21\43\9e\8a\97\ea\0a\be\22\4a\f8\18\89\58\a4\77\ea\df\ad\46\e6\90\fb";
      entries_fetch_limit = 1_000 : nat16;
    };
    canister_creation_cycles_cost = null;
    analytics_config = null;
    feature_flag_enable_generic_open_id_fe = null;
    related_origins = null;
    feature_flag_continue_from_another_device = opt true;
    openid_configs = null;
    captcha_config = null;
    dummy_auth = null;
    register_rate_limit = null;
  },
)' | xxd -r -p | sha256sum

The output should match the argument hash.

2 Likes