@SamWilsn is the EIP already “finalized” to a point that you (the coauthors and the EIP reviewers) for sure won’t consider leaving chainId and nonce out of the signed message?
Personally I think it would be a huge missed opportunity to not give Invokers complete flexibility in implementing their own replay protection and revocation mechanisms. Revocation in particular should be VERY easy to get right in terms of audit – if you want to be sure that your Invoker uses authorizations that can be revoked via nonce, just check if the nonce is part of the commit.
For those of us who didn’t follow 3074’s entire journey, can you share the main objections to leaving replay protection / revocation for Invokers to handle?