Background
tap_battle demonstrates passkey authentication (secp256r1) combined with scoped gameplay sessions. Its session lifecycle is implemented via the pre-1.1.0 SessionBuilder pattern in src/auth.rs.
cougr-core 1.1.0 introduces session::SessionManager as the beta-standard API for session approval, execution, renewal, and status queries. That API is demonstrated in session_arena. Maintaining two session patterns without explicit classification risks directing integrators toward a deprecated approach.
Objective
Migrate tap_battle to SessionManager while preserving its public contract API and passkey authentication flow.
In scope
- Replace custom session state management with
SessionManager (approve, execute_action, renew, status).
- Retain existing public function signatures (
register_passkey, authenticate, tap, use_power_up, and related entrypoints).
- Preserve the passkey flow:
Secp256r1Storage, verify_secp256r1, and associated registration logic.
- Upgrade to
cougr-core = "1.1.0".
- Update
README.md to document the session lifecycle under SessionManager and reference session_arena as the minimal session example.
- Add test coverage for session expiry and fallback behavior, consistent with the pattern in
session_arena.
- Add a cross-reference in
session_arena/README.md to tap_battle for passkey-specific integration.
Out of scope
- Changes to passkey registration or verification primitives.
- Frontend or wallet integration work.
Definition of done
- All existing
tap_battle tests pass.
stellar contract build succeeds.
- Gameplay paths route session operations exclusively through
SessionManager; direct SessionStorage manipulation is removed from gameplay code.
README.md includes an updated session lifecycle description.
Dependencies
- Should follow or run in parallel with canonical
session_arena compliance work (see the canonical 1.1.0 reference examples issue).
Supersedes
Background
tap_battledemonstrates passkey authentication (secp256r1) combined with scoped gameplay sessions. Its session lifecycle is implemented via the pre-1.1.0SessionBuilderpattern insrc/auth.rs.cougr-core1.1.0 introducessession::SessionManageras the beta-standard API for session approval, execution, renewal, and status queries. That API is demonstrated insession_arena. Maintaining two session patterns without explicit classification risks directing integrators toward a deprecated approach.Objective
Migrate
tap_battletoSessionManagerwhile preserving its public contract API and passkey authentication flow.In scope
SessionManager(approve,execute_action,renew,status).register_passkey,authenticate,tap,use_power_up, and related entrypoints).Secp256r1Storage,verify_secp256r1, and associated registration logic.cougr-core = "1.1.0".README.mdto document the session lifecycle underSessionManagerand referencesession_arenaas the minimal session example.session_arena.session_arena/README.mdtotap_battlefor passkey-specific integration.Out of scope
Definition of done
tap_battletests pass.stellar contract buildsucceeds.SessionManager; directSessionStoragemanipulation is removed from gameplay code.README.mdincludes an updated session lifecycle description.Dependencies
session_arenacompliance work (see the canonical 1.1.0 reference examples issue).Supersedes