Update EIP-5792: Fine-tune the "capability" rhetoric of EIP-5792 (plus non-normative wordsmithing as a bonus) #8396

bumblefudge · 2024-04-09T16:54:51Z

This PR:

moves the wallet_getCapabilities RPC method to the END of the EIP, and adds a little guidance (some normative, some non-) for implementers to use it safely
- in particular it mentions provider caching and injecting of capability objects, which are unspecified behaviors already present in the market and which can add additional vectors to be considered for both security and privacy
- it also explains why "capability" semantics are used and adds a SHOULD warning people not to misinterpret unset variables or trust a provider too much
has tons of unrelated grammar tweaks and clarity tweaks which I don't feel too strongly about. Suggestions from any authors merged if they're distracting from the more substantive changes!

…re explicit

…sack comment

eth-bot · 2024-04-09T16:55:19Z

✅ All reviewers have approved.

bumblefudge · 2024-04-09T23:19:34Z

marking as draft to prevent any auto-merging-- but ready for review!

arein

Lgtm

EIPS/eip-5792.md

lukasrosario · 2024-04-12T17:47:46Z

EIPS/eip-5792.md

-The capabilities field is how an app can communicate with a wallet about capabilities a wallet supports. For example, this is where an app can specify a paymaster service URL from which an [ERC-4337](./eip-4337.md) wallet can request a `paymasterAndData` input for a user operation.
+The optional `capabilities` property enable an app to grant to a wallet its own relevant capabilities as objects. For example, this is where an app can specify a paymaster service URL from which an [ERC-4337](./eip-4337.md) wallet can request a `paymasterAndData` input for a given user operation.


can we remove this change? think the original was more clear.

please re-review after newest commit. here too an OCap diehard might want "grant" rather than "communicate"?

lukasrosario · 2024-04-12T17:55:54Z

EIPS/eip-5792.md

-For each chain on which a wallet can submit multiple calls atomically, the wallet SHOULD include an `atomicBatch` capability with a `supported` field equal to `true`.
+For each chain on which a wallet can submit multiple calls atomically, the wallet SHOULD include an `atomicBatch` capability with a `supported` field equal to `true`. For each chain where it cannot, it SHOULD return the same field as `false`. Unspecified support for a given, named chain SHOULD be interpreted as not exposing this information to the application, and as such, applications SHOULD NOT interpret an absent value as equivalent to `false`.


i disagree with this. can we change to ...For each chain where it cannot, it MAY return the same field as 'false'. Unspecified support for a given, named chain SHOULD be interpreted as equivalent to 'false'.

i dont think the wallet should have to be so explicit about this

Good point, I think this was worded badly. Please rereview after latest commit.

(Sidenote, if we are really going full OCap, would authorized make more sense than supported as the name for that boolean?)

EIPS/eip-5792.md

bumblefudge · 2024-04-16T17:36:17Z

tysm!

lukasrosario

🙏

eth-bot

All Reviewers Have Approved; Performing Automatic Merge...

Jaca777 · 2024-04-22T06:36:06Z

bumblefudge:bumblefudge/wordsmithing-eip-5792

bumblefudge added 15 commits April 3, 2024 22:30

general editorial

3a74178

reorganize headers so that ## Contents TOC links to all 4 RPC methods

cbef48f

reorganize feature discovery method and atomicBatch cap to both be mo…

abb6dc0

…re explicit

add reference to supplemental capability expression

1489333

add derek to authors list for previous commit

a37e0d6

mention special case of provider-cached caps

f9d78ef

add DRAFT privacy considerations as per dan finlays input on pr 8361

33a8083

make privacy considerations a subsection of sec cons to appease linter

2b67282

reformat a cross-link to appease the robot copyeditor

0654f90

motivation wordsmith, per comment from wilsoncusack

956c6de

wordsmith capability approach in intro to getCap method, per wilsoncu…

4e7cb46

…sack comment

Merge branch 'master' into bumblefudge/wordsmithing-eip-5792

8d97a24

cleanup for new PR

61a5d03

cleanup for new PR

830082a

cleanup for new PR

5242637

github-actions bot added c-update Modifies an existing proposal s-draft This EIP is a Draft t-interface labels Apr 9, 2024

eth-bot added the a-review Waiting on author to review label Apr 9, 2024

eth-bot changed the title ~~Fine-tune the "capability" rhetoric of EIP-5792 (plus non-normative wordsmithing as a bonus)~~ Update EIP-5792: Fine-tune the "capability" rhetoric of EIP-5792 (plus non-normative wordsmithing as a bonus) Apr 9, 2024

bumblefudge added 3 commits April 9, 2024 09:57

markdown linter caught a bad header

1a2b1ee

line breaks and one word change to motivation

f296be3

explain chainId more explicitly in case sections are read out of order

8be19b9

arein approved these changes Apr 10, 2024

View reviewed changes

mouhand999 approved these changes Apr 10, 2024

View reviewed changes

EIPS/eip-5792.md Show resolved Hide resolved

lukasrosario reviewed Apr 12, 2024

View reviewed changes