Verifying the code of the Internet Identity service (a walk-through)

You probably have used to log into various applications (the NNS UI, OpenChat etc.) before, and if you do that, you are trusting this service to take good care of your credentials. Furthermore, you might want to check that the Internet Identity is really not tracking you. So you want to know: Is this really running the code we claim it to run? Of course the following applies to other canisters as well, but I’ll stick to the Internet Identity in this case.

I’ll walk you through the steps of verifying that.

I wanted to post this here directly, but somehow the forum website didn’t like the post (maybe some XSS protection filter got triggered?), so I put it on my blog:

It has since also been published on the official DFINITY medium blog:


Hey, really helpfull feature. Is it on the roadmap to implement a history of all the hashes of all the wasm modules deployed to one canister (every update of the code). If this would be possible then one have guaranties that an malicious canister owner can’t update the canister with malicious code for some short time and then update again with good code.

Good question. The Internet Computer generally doesn’t store a lot of history, and that’s by design.

In most cases, you would look at who the controller is and whether you can trust them. For example, if it’s another canister that would keep such a history.

Eventually I could imagine the system keeping a module version counter. That way, new installations are noticable, and even an untrustworthy party could keep a trustworthy record of previously installed code versions.