Yes, we added EIP-2535 at some stage in the implementation of the first pre-alpha version, but then removed EIP-2535 for the following reasons.
- If FacetCut is restricted to view/pure only, the resulting lift is limited
- if arbitrary FacetCut is allowed because of the use of delegatecall, then FacetCut can destroy the institution of storage (e.g. a wrong or malicious FacetCut can modify some storage that he should not be allowed)
We are also thinking about how to securely add dynamic plug-in capabilities to a self-custody wallet,
for example:
- a centralized auditing institution is required, making it necessary for users to wait more than 2 days to use plugins that are not audited by the institution
(to prevent ownerkey theft while the internal storage slot has been modified by FacetCut and can no longer be used for social recovery.) - or use segregated storage slot (split by different addresses, but this leads to higher costs)
wait for your advice