Regarding the issue of whitelisted addresses

Recently there is a restriction between ICP and Canister, only if we have the whitelist address as the transferation objective.
May I ask Dfinity when the restriction can be solved? or can we add the whitelist by ourselves to solve the problem?
This is a very critical issue. Directly affect our development plan. We are all eagerly looking forward to the official reply as soon as possible, thank you.

The unofficial reply is to create a regular principle using crypto libraries. The down side is that the key will be vulnerable to node operators.

Thank you for your answer. Well I still have some questions.
May I ask what is the regular principle, do you have any example?
Also who are the node operators?
What’s the reason for the key will be attacted by the node operators? could you explain it detaily.

Thank you very much in advance.

I don’t have an example handy, but I seem to remember running across one at one point.

You just need to create a private key on you canister using the random beacon and then derive your ledger address from that key. Once you’ve managed to send ICP there you can interact with the ledger canister from your code using the private key. I’m actually not sure if you can even do that from motoko because they don’t have a raw call that will let you sign with a different address.

The node operators are independent data centers around the world. In theory they have more to gain in rewards than from stealing your key up until the point that you hold enough ICP that it does become worth it to try to steal the key.


Thank you for your answer, one more question let’s put it simply, do you know how to transfer my canister to ICP address?

I also want to how to solve this problem.

I have a canister and I need transfer ICP to any Dfinity address.
But I don’t know how to do.Please tell me.Thank you.

Can I understand as this:

Ledger canister is the official authorization center in Dfinity network.
If A transfer ICP to my canister, I will note my canister with A’s address. At the same time I will tell ledger canister that A’s address is in our whitelist. From that on, I can transfer to A at anytime as I want.

Do you mean this way?

It seems that it takes time to wait for the official permission.

Currently, the only canisters on the whitelist are some of the canisters on the NNS (Governance, nns-dapp, Cycles minting canister)

Is there a plan for this or a timeline? I can see this is mostly in the backlog but it would be good to know if there’s at least a plan for this