Great recap @HeroGamer - this was a solid read as I had to skip the session.
Kudos to @setzeus on the CoFund demo - I’ve had the chance to see it and it’s very polished work. On the auth ID bug you mentioned (same signer submitting multiple times to reach threshold due to unconsumed auth ID) - could you share a code snippet showing how this was handled?
This relates to @friedger 's smart wallet that we forked at pillarbtc.com - in our implementation we map signatures once consumed and assert-out on any signature that’s already been mapped, which should prevent that replay vector. Would be good to compare approaches.
@Setzeus - also curious about your thoughts on the contract-caller composability issue. I wrote up some thoughts here: Composability vs. Security: Rethinking contract-caller Restrictions in Stacks DeFi. TL;DR: strict contract-caller gating forces duplicated code across every integration rather than allowing shared extension contracts. Wondering if you’ve hit this friction with CoFund and how you’re thinking about it.
On the AI + deterministic systems discussion - worth noting there’s already working infrastructure here. The AIBTC working group contracts plus Friedger’s smart wallet (which Pillar forked) implement exactly this pattern: a “guardian” role that can only act within parameters enforced by the Clarity contract itself. The AI agent has autonomy in what actions to take, but the on-chain policy constrains how much it can spend or what operations are permitted. Similar concept to Bitflow’s keepers. The chain stays deterministic - you’re just giving an off-chain agent bounded access to those deterministic rails.
Looking forward to the signature workshop on the 20th.