Wallet Backups - How?

I tested the new wallet which is accessible from browser and mobile devices. However, several people have asked about a backup solution for if the device or devices are stolen.

What’s the current plan for this?

3 Likes

If you’re talking about the NNS app, then the “backup” would be to just sign in on another device or to use a security key (ex Yubikey, allows you to take your auth keys around with you securely). The NNS/Wallet app is based on DFINITY’s “Internet Identity” system, which in turn is based on webauthn. While being more convenient, without using a security key or keeping a session across devices, you have no “password” to later retrieve your account, which can be seen as a downfall of webauthn.

There is the option of self-custody with DFINITY’s keysmith tool, but I haven’t used that so I don’t know if there’s a(n easy) seed/backup solution there.

2 Likes

I have the same question: My devices including my Yubikey get lost. What do I do now? Normally I have a second Yubikey in a secure location but I see no option to save a second one??

1 Like

Try the “signing in from a new device?” option while using your second Yubikey on a different device, this will instruct you on how to link your NNS account access to that second key’s identity.

so I just need a second Mac from a friend? :upside_down_face:
Is it device-independent as long as the Yubikey is unique? So could I just use my Yubikey on another device to log in? I thought the device itself is also linked to the account

I believe so. The device may temporarily store some credentials but everything should be derived directly from the key. It also doesn’t have to be a desktop, if your phone supports your key then you could also try that.

This should also mean that using my FaceID on the Phone should work on any phone which is linked to my iCloud?

The convenience is good but that’s a hell of a downfall. I know numerous people who lose phones or laptops. With passwords and pass phrases (crypto) they keep a record somewhere. Yubikeys are not common (yet) and are easily lost or stolen.

If e.g. an Apple device is used, will a new apple device be able to get access or is this completely tied to the specific hardware?

Perhaps a recovery system could be developed whereby 3rd parties can work together to give you access again? Then it’d be a natural service to offer.

2 Likes

@benbasic @sillytuna to my knowledge, no, iCloud/apple devices do not sync webauthn, and I don’t expect them to as that could be a potential security risk (the magic of webauthn lies in your keys being unique and verifiable to that user only). Also commenting on a “backup system,” that again would be impossible as your private keys would have to be exposed to the app (if your device uses software-based key management, it is possible to get the keys, but that destroys their veritability). While I’d love to see a system like that, at the moment it’s just not feasible.

3 Likes

So there’s no recovery method at all? This is a major flaw to adoption. The vision Dfinity have been pushing is of a “poor but talented developer Nigeria can launch an internet company with just a basic laptop”. But now they need a $50 Yubikey and an expensive smartphone with biometrics just to have two devices. It might seem like a nice idea in the west coast tech world but in the real world it is a barrier which will harm Dfinity. I will not be storing and locking up my coins on the NNS if there’s a risk I lose them all if I lose my phone.

2 Likes

Hey folks,

I would chime in here to add that we’re working on hardware wallet support. It’s high priority and on the way, though the independent review process is out of our hands.

Please take a look at our support documentation for self custody best practices.

2 Likes

How to send ICP to my NNS app from an air-gapped computer?

So yes, there are some barriers and the implementation is novel, however I’d like to note that even most budget smartphones have biometrics. Also, this is a flaw with webauthn (a w3c standard), not DFINITY (although it is their responsibility for choosing webauthn), and I’m with you that it’s annoying, but I think we should have patience, as there are more options coming soon. Please note that there are also software implementations of webauthn if you want free redundancy.

So there is a method or not?

There is no method. Livelyx, what kind of solutions could dfinity design that can work for normies do you think? Even if it means protocol changes.

(Hardware wallets, yubi keys etc are not the solution - they need their phone to back up to icloud for example, or some other recover system)

At launch, the recovery strategy is to link as many devices as you have available. I have personally registered:

  • Android screen unlock
  • Work Yubikey
  • Personal Yubikey
  • Mac TouchId

As independent strategies. The Yubikey is portable, and I can use it on a new device or browser if I choose. If I ever lose control of a device, I can go to the manage-devices section after logging in, and I can remove access from the lost device.

We do have ideas about how to offer advanced support for lost access, but we targeted a small and highly secure strategy.

As for the iCloud - @livelyx is correct. The devices are independent and cannot be used interchangeably.

8 Likes

Lol I live in Nigeria…smartphones are not a big deal here at all. Trust me, things are actually not as bleak in 3rd world countries like they tell you.
You can get a good Android smartphone here for around USD40. Even a student can afford that here. The NNS doesn’t necessarily need face or fingerprint unlock either. Your screen unlock pin works just fine.

That doesn’t stop the team from thinking about a less risky but secure key management though.

10 Likes

I just withdrew a few ICPs from Binance to experience the entire system.
As a crypto practitioner, the entire user experience is really great.

  1. There is no need to back up the private key, and the private key will never be exposed because they are stored in the security chip inside the device (which may be similar to the concept of TEE hardware), reducing the risk of leakage.
  2. I registered my laptop and mobile phone, and I believe in the level of the security chip of these two devices. Both devices can independently have all the permissions of this account, this has actually reached the traditional sense of wallet backups. It is very unlikely that they will be broken or lost at the same time. Therefore, the probability of loss is very low. If you think it is not enough, you can buy more equipment.
  3. Even if I lose my mobile phone/computer, but without my biological characteristics, ICP is still safe. Once the device is lost, it is necessary to ensure that the data cannot be leaked.
  4. Risks always exist. Metamask may have bugs, ledger hardware wallet may have bugs, and even credit cards/PayPal may be stolen. Before becoming a billionaire and being targeted by hackers, these security measures are sufficient. :wink:
5 Likes

I am using an old iPhone fully updated with just finger print auth. Storing it in my fire proof safe. Seems good enough for now.

May need to invest in one of these yubikey things for pc usage.

3 Likes

I think many were frustrated with the concept of having to own a second device. I agree that it’s very unlikely for both devices to get lost/stolen/broken at the same time, but with traditional wallets you can use the same seed anywhere (no need for a “backup device”), and you can export it anywhere (like paper or somewhere else safe), webauthn doesn’t allow this.

I haven’t looked in-depth into how the IC uses the webauthn APIs for it’s identity service, but I believe there may be a possibility for some kind of “identity seed,” don’t quote me on that though.

1 Like