We want to make it possible for people to onboard new guardians.
Spec
Bob invites alice to be his guardian. Bob send Alice a special firebase link that contains the normal link information (invite secret and so on) as well as the information that Bob wants Alice to be their guardian.
So there's a new data field in this invite link that says "bob signed you up as guardian"
Implementation
Link contains additional info
Alice onboards with the link -> Wallet processes link and onboards normally
Once Alice created her account successfully, the wallet sends info to firebase that Alice accepted the guardian request - this is a little different from a normal guardian request since Bob did not know the username of alice at the time of the guardian request.
Alice proceeds and doesn't have to do anything else (to her, it's the normal onboarding process)
When Alice is onboarded, Bob's wallet receives the firebase notification that Alice accepted his guardian request
Bob's wallet shows the normal "accept" guardian button (however that normally works)
When bob Accepts, we do an additional security check to verify that Bob is set as Alices referrer (accts.seeds refs table)
Security
This allows us to handle the entire onboard a new user as guardian all client side.
This way we do not introduce any additional complexity on contract and keep the contract as simple as it is
We will then remove all our keys from the contract so nobody has access to it anymore. We can then no longer update the contract code either. That way key guardians do not weaken account security on a technical level.
Additional considerations
I think we should make guardians more flexible in how many guardians someone can have, within limits. But maybe someone wants 5/7 or 4 / 9 or whatever. That should be OK.
Overview
We want to make it possible for people to onboard new guardians.
Spec
Bob invites alice to be his guardian. Bob send Alice a special firebase link that contains the normal link information (invite secret and so on) as well as the information that Bob wants Alice to be their guardian.
So there's a new data field in this invite link that says "bob signed you up as guardian"
Implementation
Security
This allows us to handle the entire onboard a new user as guardian all client side.
This way we do not introduce any additional complexity on contract and keep the contract as simple as it is
We will then remove all our keys from the contract so nobody has access to it anymore. We can then no longer update the contract code either. That way key guardians do not weaken account security on a technical level.
Additional considerations
I think we should make guardians more flexible in how many guardians someone can have, within limits. But maybe someone wants 5/7 or 4 / 9 or whatever. That should be OK.