remove unused dep, update comments

Author: amiecorso

src/EIP7702Proxy.sol

@@ -4,7 +4,6 @@ pragma solidity ^0.8.23;
 import {Proxy} from "openzeppelin-contracts/contracts/proxy/Proxy.sol";
 import {ERC1967Utils} from "openzeppelin-contracts/contracts/proxy/ERC1967/ERC1967Utils.sol";
 import {ECDSA} from "openzeppelin-contracts/contracts/utils/cryptography/ECDSA.sol";
-import {Address} from "openzeppelin-contracts/contracts/utils/Address.sol";
 import {StorageSlot} from "openzeppelin-contracts/contracts/utils/StorageSlot.sol";
 
 /// @title EIP7702Proxy
@@ -57,7 +56,7 @@ contract EIP7702Proxy is Proxy {
         guardedInitializer = initializer;
     }
 
-    /// @dev Checks if proxy has been initialized by comparing implementation slot
+    /// @dev Checks if proxy has been initialized by checking the initialized flag
     function _isInitialized() internal view returns (bool) {
         return StorageSlot.getBooleanSlot(INITIALIZED_SLOT).value;
     }
@@ -72,7 +71,12 @@ contract EIP7702Proxy is Proxy {
         bytes calldata args,
         bytes calldata signature
     ) external {
-        // construct hash incompatible with wallet RPCs to avoid phishing
+        // Construct hash without Ethereum signed message prefix to prevent phishing via standard wallet signing.
+        // Since this proxy is designed for EIP-7702 (where the proxy address is an EOA),
+        // using a raw hash ensures that initialization signatures cannot be obtained through normal
+        // wallet "Sign Message" prompts. This prevents malicious dapps from tricking users into
+        // initializing their account via standard wallet signing flows.
+        // Wallets must implement custom signing logic at a lower level to support initialization.
         bytes32 hash = keccak256(abi.encode(proxy, args));
         address recovered = ECDSA.recover(hash, signature);
         if (recovered != address(this)) revert InvalidSignature();