Difference between revisions of "ICP custody with NNS frontend dapp"
Diego.prats (talk | contribs) |
Diego.prats (talk | contribs) |
||
Line 7: | Line 7: | ||
1. Log into [https://nns.ic0.app/ NNS Frontend Dapp] | 1. Log into [https://nns.ic0.app/ NNS Frontend Dapp] | ||
+ | |||
+ | [[File:nns-frontend-dapp-login.png|1024px|nns frontend dapp login]] | ||
2. Make an [https://identity.ic0.app/ Internet Identity] if you do not already have one | 2. Make an [https://identity.ic0.app/ Internet Identity] if you do not already have one | ||
Line 13: | Line 15: | ||
* Strictly speaking, you do not need to add multiple devices, but it is highly recommended so you do not lose your ICP in case you lose your device. | * Strictly speaking, you do not need to add multiple devices, but it is highly recommended so you do not lose your ICP in case you lose your device. | ||
− | 4. Within NNS Frontend dapp, navigate to the '''ICP''' tab. Send ICP to your unique account. Account should look something like this | + | 4. Within NNS Frontend dapp, navigate to the '''ICP''' tab. |
+ | |||
+ | [[File:nns-frontend-dapp.png|1024px|nns frontend dapp]] | ||
+ | |||
+ | Send ICP to your unique account. Account should look something like this | ||
<code>723cd441238da744a097c3a20f8f4050d8355afb46fe12a1428a63996c37d918</code> | <code>723cd441238da744a097c3a20f8f4050d8355afb46fe12a1428a63996c37d918</code> |
Revision as of 20:33, 7 January 2022
Currently, the easiest custody option is via the NNS Frontend Dapp.
Custody within NNS Frontend dapp
In networked smartphone or networked computer, do the following:
1. Log into NNS Frontend Dapp
2. Make an Internet Identity if you do not already have one
3. Add multiple devices
- Strictly speaking, you do not need to add multiple devices, but it is highly recommended so you do not lose your ICP in case you lose your device.
4. Within NNS Frontend dapp, navigate to the ICP tab.
Send ICP to your unique account. Account should look something like this
723cd441238da744a097c3a20f8f4050d8355afb46fe12a1428a63996c37d918
5. That is it. You can now log in to the NNS frontend dapp as your custody solution.
Decisions user needs to make
How do you authenticate to Internet Identity?
Internet Identity does not use passwords and usernames to log in. Internet Identity takes advantage of the Web Authentication (WebAuthn) API to provide secure cryptographic authentication. This means that you authenticate by "something you have" (e.g a phone, yuibkey, etc...) instead of "something you know" (e.g. a password).
From the point of view of the user, a user would use the following methods to authenticate:
- Computers
- Yubikey (with computers with USB ports)
- Thumbprint (with computers with electronic fingerprint recognition features like Touch ID)
- Smartphones
- Face ID (for smartphones with facial recognition systems)
- Thumbprint (for computers with electronic fingerprint recognition features like Touch ID)
2. If I lose my device, can I still use Internet Identity?
If you have an Identity Anchor tied to only one device and you lose that one device, you will be locked out. As a best practice, we recommend adding multiple devices and recovery mechanisms to each Identity Anchor.
3. How do I add more devices to my Identity Anchor?
To add more devices to an existing Identity Anchor, please see the guide here.
Trade-offs and risks
If you use this combination, you are accepting the following trade-offs:
- If you only have 1 device tied to your Internet Identity, and you lose that device, you lose all access. You should add multiple devices in case one of them malfunctions. For example, if you have only one iPhone attached as a device to your Internet Identity, you are risking your ICP on that iPhone's Face Id always recognizing you. If it cannot, then you lost access to your ICP. Similarly, if you lose your phone, you would lose your ICP.
- Not all devices and browsers support WebAuthn, so this option is sometimes not available.
- You are accepting the risk that the community-vetted NNS Frontend dapp is not compromised
- You are accepting the risk that the community-vetted Internet Identity canisteris not compromised