We discussed a proposal for a new Soroban auth approach that provides protocol-level support for the account abstraction and authorized sub-contract calls. There's a public doc for review and discussion: https://docs.google.com/document/d/1J-J3ClTUkrsLiJag906OH4hmNkZI3Jk6_Y9ZYt_psAI/edit?usp=sharing