ethereum · eth-bot · Jul 9, 2022 · Jun 3, 2022 · Jun 3, 2022 · Jun 3, 2022
@@ -40,19 +40,20 @@ The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL
 
 
 Let:
- - `mainAddress` represent the wallet address we are trying to authenticate or very asset ownership for
- - `mainENS` represent the reverse lookup ENS string for `mainAddress`
- - `authAddress` represent the address we want to sign with in lieu of `mainAddress`
- - `authENS` represent the reverse lookup ENS string for `authAddress`.  It must be in the format `auth[0-9]*.<mainENS>`.
+ - `mainAddress` represents the wallet address we are trying to authenticate or prove asset ownership for.
+ - `mainENS` represents the reverse lookup ENS string for `mainAddress`.
+ - `authAddress` represents the address we want to use for signing in lieu of `mainAddress`.
+ - `authENS` represents the reverse lookup ENS string for `authAddress`.  It must be in the format `auth[0-9]*.<mainENS>`.
+
 
 ### Setting up one or many `authAddress` records
 The pre-requisite assumes that the `mainAddress` has an ENS ETH resolver record configured.
 
 1. Using your `mainAddress` wallet, sign into ens.domains and create a subdomain record for `mainENS` called `auth[0-9]*`.  This becomes the `authENS`
-2. Set the ETH resolver record for this `auth[0-9]*` subdomain to the `authAddress`
+2. Set the ETH resolver record for the subdomain created in step 1 (`authENS`) to the `authAddress`.
 3. Using `authAddress`, sign into ens.domains and set the ENS reverse record to `authENS`
 
-Repeat this process with as many addresses as you would like.
+Currently this EIP does not enforce an upper-bound on the number of `authAddress` entries you can include. Users can repeat this process as with as many address as they like. 
 
 ### Authenticating `mainAddress` via `authAddress`
 Control of `mainAddress` and ownership of `mainAddress` assets is proven if any one of associated `authAddress` is the msg.sender or has signed the message.
@@ -74,7 +75,9 @@ Further, I have multiple devices:
  - My iPhone has mobile metamask hot wallet, and I can add it as an auth account by setting auth1.wilkins.eth to that wallet (and the corresponding reverse record). 
  - My iPad has the same and can be set to auth2.wilkins.eth, etc. 
 
-Lost my device? No problem, just delete the record.  No need to import/reimport seed phrases.
+Lost Access to Signing Key/Device: 
+In the event that a user losses access to the signing key of an `authAddress` they can simply delete the corresponding ENS record. An attractive side effect of this is that there is no need to import/reimport seed phrases. 
+In the unfortunate event that you lose access to the signing key of the `mainAddress`, users will lose access to that top-level domain and all related subdomains. As always, this private key data should be treated as highly sensitive. 
 
 
 ## Reference Implementation
@@ -104,7 +107,7 @@ async function getLinkedAddress(provider: ethers.providers.Provider, address: st
 ### Contract side
 
 ### With a secure server
-If there is a secure, you could run the client/server code above, then use the result in conjunction with specs like [EIP-1721](./eip-1721.md): `Standard Signature Validation Method for Contracts` for a cheap and secure way to validate that the the message signer is indeed authenticated for the main address.
+If your application operates a secure backend server, you could run the client/server code above, then use the result in conjunction with specs like [EIP-1721](./eip-1721.md): `Standard Signature Validation Method for Contracts` for a cheap and secure way to validate that the the message signer is indeed authenticated for the main address.
 
 #### Without a secure server (web client only)
 Provided is a refrence implementation for an internal function to verify that the message sender has an authentication link to the main address.