docs(specs): update auth-capture evm spec#2359
Conversation
Document server-routed authCapture operations via payload type and remove autoCapture as the operation selector. Co-authored-by: Cursor <[email protected]>
|
@avidreder is attempting to deploy a commit to the Coinbase Team on Vercel. A member of the Team first needs to authorize it. |
Use authorize as the server operation discriminator while preserving authorization for token payload fields. Co-authored-by: Cursor <[email protected]>
Add serverAuthorizationRequired to advertised authCapture requirements when facilitators require server identity proof. Co-authored-by: Cursor <[email protected]>
|
@avidreder Not sure what the plan with this PR is since it's a draft but this is not the best design. Server interacting with the escrow should be coded in the captureAuthorizer smart contract itself and we already do so with our contracts. You're adding a very specific style of captureAuthorizer (facilitator EOA) helpers, which a) as I mentioned before should be discouraged even if supported: #1425 (comment) and b) will be very confusing for anyone using the smart contract captureAuthorizer because the new functions added in the spec would be broken and c) Not really sure how this is supposed to work merchant developer experience wise. Would they change their endpoint and hit the facilitator directly? right now schemes are set and stay at each endpoint and clients hit them. If there is any demand for this kind of structure anyways despite my objections above and how the same functionality can be done via captureAuthorizer smart contracts more trustlessly, I'd at least recommend an optional companion doc not in the main spec itself to not pollute it for smart contract captureAuthorizer use cases which is where we see most demand. Would love to know @fabrice-cheng's thoughts as well. |
Use charge for the single-shot authCapture operation instead of authorizeAndCapture. Co-authored-by: Cursor <[email protected]>
Move the EVM-specific serverAuthorization wording into the EVM binding and keep the base authCapture spec network-neutral. Co-authored-by: Cursor <[email protected]>
Document facilitator routing through captureAuthorizer contracts that expose the escrow operation interface. Co-authored-by: Cursor <[email protected]>
State that captureAuthorizer is provided by the server in the generic authCapture spec. Co-authored-by: Cursor <[email protected]>
Document gas and wallet safety expectations for facilitators calling smart contract operators. Co-authored-by: Cursor <[email protected]>
Use auth-capture as the scheme name in the auth capture specs and examples. Co-authored-by: Cursor <[email protected]>
avidreder
changed the title
avidreder
changed the title
2 participants
Description
Updates the auth-capture specs to make server-requested operations explicit:
extra.autoCaptureoperation selection withpayload.typeforauthorize,charge,capture,void, andrefund.AuthCaptureEscrowcall.serverAuthorization,extra.serverAuthorizationRequired, smart contract operator guidance, and server self-facilitation guidance.Tests
Checklist