ICP custody with NNS frontend dapp
Currently, the easiest custody option is via the NNS Frontend Dapp.
Custody within NNS Frontend dapp
In networked smartphone or networked computer, do the following:
1. Log into NNS Frontend Dapp
2. Log in with Internet Identity
You can make an Internet Identity if you do not already have one
3. Add multiple devices
Strictly speaking, you do not need to add multiple devices, but it is highly recommended so you do not lose your ICP in case you lose your device.
4. Send ICP to your unique account
Within NNS Frontend dapp, navigate to the ICP tab
Account should look something like this
723cd441238da744a097c3a20f8f4050d8355afb46fe12a1428a63996c37d918
The NNS frontend dapp is now your custody solution.
Decisions user needs to make
How do you authenticate to Internet Identity?
Internet Identity does not use passwords and usernames to log in. Internet Identity takes advantage of the Web Authentication (WebAuthn) API to provide secure cryptographic authentication. This means that you authenticate by "something you have" (e.g a phone, yuibkey, etc...) instead of "something you know" (e.g. a password).
From the point of view of the user, a user would use the following methods to authenticate:
- Computers
- Yubikey (with computers with USB ports)
- Thumbprint (with computers with electronic fingerprint recognition features like Touch ID)
- Smartphones
- Face ID (for smartphones with facial recognition systems)
- Thumbprint (for computers with electronic fingerprint recognition features like Touch ID)
2. If I lose my device, can I still use Internet Identity?
If you have an Identity Anchor tied to only one device and you lose that one device, you will be locked out. As a best practice, we recommend adding multiple devices and recovery mechanisms to each Identity Anchor.
3. How do I add more devices to my Identity Anchor?
To add more devices to an existing Identity Anchor, please see the guide here.
Trade-offs and risks
If you use this combination, you are accepting the following trade-offs:
- If you only have 1 device tied to your Internet Identity, and you lose that device, you lose all access. You should add multiple devices in case one of them malfunctions. For example, if you have only one iPhone attached as a device to your Internet Identity, you are risking your ICP on that iPhone's Face Id always recognizing you. If it cannot, then you lost access to your ICP. Similarly, if you lose your phone, you would lose your ICP.
- Not all devices and browsers support WebAuthn, so this option is sometimes not available.
- You are accepting the risk that the community-vetted NNS Frontend dapp is not compromised
- You are accepting the risk that the community-vetted Internet Identity canisteris not compromised