The Identity system needs to add an option to choose whether to use the same ( unified ) address ( Principal ID ) or a different address ( Principal ID )

To ensure users’ identity security and privacy, the Identity system of DFINITY has an encryption and confusion mechanism, which will confuse some fields for each container. As a result, each DFINITY eco-project obtains different wallet addresses through the same Identity.
Is it right?

Many times, users want to use the same address ( Principal ID ) across different DFINITY eco-projects.
It’s also convenient for projects to interact with each other.
Could the user choose whether to use the same ( unified ) address ( Principal ID ) or a different address ( Principal ID ) when they use the Identity system to log in to different DFINITY eco-projects?

So I think the Identity system needs to add an option to choose whether to use the same ( unified ) address ( Principal ID ) or a different address ( Principal ID ).

4 Likes

It is very dangerous now. If principal is same, a fake team get the principal of user, then they can do anything include transfer user assets in other project without user second confirm.

So maybe need a function, principal is not same but principal ID is same.

The implication of using a unified Principal will require to have some sort of “Confirmation” mechanism within the Internet Identity window (something like MetaMask / sollet.io, where a window.postMessage is done)

2 Likes

Yes, user confirmation is required. I’m just saying, how can there be a way for different canisters to get unified account information, like addresses. But the assets are safe.

1 Like

You can use Plug; but it’d require you to confirm all update calls; (like Metamask)

There could be the same mechanism implemented on Internet Identity;

I really hope Internet Identity can solve this issue. II is such good UX generally, but this is a major flaw. Using a browser extension is very undesirable for UX.

2 Likes