Social recovery for Internet Identity

Copied from Megathread: Community Submissions for DFINITY Foundation’s Roadmap - #15 by lastmjs

Consider adding social recovery to the Internet Identity. It would be excellent for users to create their own personal trust networks, allowing other IIs to have the power to regenerate lost IIs or have other powers, controlled by the creator of the II.

The fact that II cryptographic information is only stored on locally-owned devices is quite scary…one natural disaster, one bad encounter on the street, etc could result in a lost II. It needs to be decentralized.


This is a big concern. I’d love to see a social recovery. It is also a fun way to introduce friends to the system and show them how it works.


I am facing that right now.

I’m currently running a disaster test, assuming I lose my device will I be able to login to my account using another device without having to worry about security key stored in some kind of local device?

Guess what, I couldn’t. I can’t generate a security phrase except I have a security key store in an external device (like Yubikey or something like that).

This is something we need to look into.

For those using Mobile device, if you lose your phone your accounts are gone and if you have funds in it that becomes worst.

We need to have a decentralised recovery mechanism so that you can login with any device anywhere provided it’s your fingerprint or login with your phrase key you have written somewhere not on security device.

When you login with a new device the server will sense your fingerprint and request for a seed Phrase for confirmation.

You should be able to do this with the recovery phrase

It’s requesting for an external device to be able to generate it.

The Internet Identity allows you to add arbitrary cryptographic keys to your account, and it’s API is open. So I think this could be done as a community-created add-on. For example, it could be a a static webpage that, fully on your computer:

  • Creates a threshold ECDSA key with your desired n-out-of-m property.
  • Shows you the m secret key shares to distribute among your friends.
  • Gives you the link (clickable or as QR code) that would add the public key as a new “device” to the Internet computer.

If you need to recover, with your new device;

  • You go to the Internet Identity page, and go through the add-device flow.
  • You take the generated add-device-link and paste it in the recovery page.
  • You also paste enough of the secret key shares.
  • The recovery page adds your new device to II and you are back in action.

(I hope I am not missing something, but this might work very well).

So all it takes is a bit of crypto programming in JavaScript and a single static page that you can host on the Internet Compute or elsewhere (no backend needed). At least a working prototype should not be too hard.

Of course, there is a question of whether this should be offered natively by the Internet Identity. But one doesn’t have to wait for it, and one does not have to work for DFINITY to build it.


This could be an amazing MVP, thanks for the explanation.


Also, the Internet Identity repository is open source right?


Yes, but you don’t actually need the code for that; it’d be a service that integrates with the existing live Internet Identity, not a fork of it.


Yes, for an MVP a separate service might be fine, but I’m wondering if this shouldn’t just be integrated into the II directly. Since the code is all open (I believe the canisters as well, if that’s needed), technically someone in the community could actually work on adding this to the II system directly.

The barriers to creating this functionality outside of DFINITY seem relatively low (when compared with something like extending chain key with ECDSA for example).