Overview
Update PoolFactory contract for MVP with lazy whitelisting. Pool ownership is automatically assigned to transaction sender, and authorization is managed via backend lazy whitelisting.
Tasks
Lazy Whitelisting Approach
Instead of removing authorization completely, we're implementing lazy whitelisting:
- ✅ Only authenticated app users can create pools (spam protection)
- ✅ Backend automatically whitelists users on first pool creation attempt
- ✅ User pays pool creation gas, backend pays whitelisting gas
- ✅ Maintains decentralization (users submit transactions directly)
- ✅ Can revoke access if needed
Acceptance Criteria
Related Documentation
- See .dev/POOL_CREATION_ARCHITECTURE.md Phase 3 (Lazy Whitelisting)
- See .dev/POOL_CREATION_TASKS.md Tasks 1-3
Depends On
Backend lazy whitelisting function (Issue #83)
Part of Epic
#35
Overview
Update PoolFactory contract for MVP with lazy whitelisting. Pool ownership is automatically assigned to transaction sender, and authorization is managed via backend lazy whitelisting.
Tasks
onlyAuthorizedCreatormodifier oncreatePool()function (spam protection)poolOwnerfromPoolParamsstructpoolOwner = msg.senderautomatically increatePool()functionwhenNotPaused,nonReentrant, and_validatePoolOwner()for securityLazy Whitelisting Approach
Instead of removing authorization completely, we're implementing lazy whitelisting:
Acceptance Criteria
onlyAuthorizedCreatormodifier remains activeRelated Documentation
Depends On
Backend lazy whitelisting function (Issue #83)
Part of Epic
#35