The cycles-ledger opens up new possibilities for Fully Owned Canisters.
A service could serve a frontend that enables the user to:
→ Login with II and obtain a principal valid at the service frontend
→ Direct the user to deposit ICP or cycles
→ Create their own canister
→ Install a wasm that also serves certified frontend assets (and most importantly, has the service domain listed in the /.well-known/alternativeOrigins file)
→ And finally, take full ownership of the canister by obtaining a principal through II again, with this time the new canister domain as the derivationOrigin.
This allows the service frontend to update the controllers of the canister to only the user II principal (and the canister itself should also be a controller of itself)
I’m also working out some safety mechanisms to allow the user ownership options ranging from ‘full paranoid mode’ to shared ownership with the service used.