Deprecated webauthn validator

[jolestar]

Summary

Summary about this PR

• Closes #issue

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
rooch-portal-v2.1	Ready	Preview	Comment	Nov 26, 2025 11:30pm
test-portal	Ready	Preview	Comment	Nov 26, 2025 11:30pm

1 Skipped Deployment

Project	Deployment	Preview	Comments	Updated (UTC)
rooch	Ignored	Preview		Nov 26, 2025 11:30pm

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[Copilot]

Pull request overview

This PR deprecates the WebAuthn validator (ID=3) in favor of the DID validator (ID=4) with WebAuthnV0 envelope. The change provides clear migration paths across TypeScript SDK, Move framework, Rust types, and documentation while maintaining backward compatibility for existing struct definitions.

Key Changes

• WebAuthn validator's validate() function now aborts with a deprecation error instead of performing validation
• Test suite for WebAuthn validator has been removed
• Deprecation annotations and migration guidance added across all layers (TypeScript, Move, Rust, docs)

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
sdk/typescript/rooch-sdk/src/crypto/authenticator.ts	Added JSDoc deprecation annotation to WEBAUTHN enum with migration guidance
frameworks/rooch-framework/sources/auth_validator/webauthn_validator.move	Replaced validation logic with abort; marked structs/functions as deprecated while keeping them for compatibility
frameworks/rooch-framework/sources/tests/webauthn_validator_test.move	Removed entire test file as validator is deprecated
frameworks/rooch-framework/sources/auth_validator/builtin_validators.move	Added deprecation comments to WebAuthn validator constants and init function
frameworks/rooch-framework/doc/webauthn_validator.md	Updated auto-generated documentation to reflect deprecation
frameworks/rooch-framework/doc/builtin_validators.md	Updated auto-generated documentation with deprecation note
crates/rooch-types/src/framework/auth_validator.rs	Added Rust #[deprecated] attribute and fixed incorrect module mapping

---

You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.

[Copilot]

[nitpick] The migration guidance references Authenticator.didWebAuthn() but doesn't explain when to use each option. Consider adding brief guidance on which migration path to choose, for example: 'Migration: Use Authenticator.did(txHash, signer, vmFragment, SigningEnvelope.WebAuthnV0) for explicit envelope control, or Authenticator.didWebAuthn(txHash, signer, vmFragment) for convenience.'

Suggested change

	* Migration: Authenticator.did(txHash, signer, vmFragment, SigningEnvelope.WebAuthnV0)
	* or Authenticator.didWebAuthn(txHash, signer, vmFragment)
	* Migration: Use Authenticator.did(txHash, signer, vmFragment, SigningEnvelope.WebAuthnV0) for explicit envelope control,
	* or Authenticator.didWebAuthn(txHash, signer, vmFragment) for convenience.