Conversation
There was a problem hiding this comment.
Pull request overview
This PR makes the SEP-45 web authentication contract immutable by removing all upgrade functionality and administrative controls. The contract becomes a simple, unchangeable implementation focused solely on authentication verification.
Key changes:
- Removed upgrade mechanism (Upgradable trait, upgrade function, and admin storage)
- Removed constructor that was used to set the admin address
- Added comprehensive documentation for the web_auth_verify function
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
There's not much context on this pull request for what's driving this change or what it is in service of. Could you add some additional details to the pr description and re-request me to review? Thanks! |
leighmcculloch
left a comment
leighmcculloch
left a comment
There was a problem hiding this comment.
If the intent is to make it immutable because any new version that gets deployed can be deployed to an entirely new contract address and referenced by servers for new validations, this looks great.
Sorry, I should have added this to the PR description. The intent is to deploy immutable versions of this contract and list them as implementations in the SEP-45 protocol. |
We plan to deploy a version of this contract that SEP-45 servers can use for validation. For servers to safety depend on a deployed contract, the code should be source-verifiable and immutable.
This PR removes the admin and upgrade functionality to make the contract immutable. Future versions will be deployed to new contract addresses and referenced by the protocol.