fix: audit N-08 (#279)

src/AAFactory.sol

@@ -22,7 +22,7 @@ contract AAFactory {
   address public immutable beacon;
 
   /// @notice A mapping from unique account IDs to their corresponding deployed account addresses.
-  mapping(string => address) public accountMappings;
+  mapping(string accountId => address deployedAccount) public accountMappings;
 
   /// @notice Constructor that initializes the factory with a beacon proxy bytecode hash and implementation contract address.
   /// @param _beaconProxyBytecodeHash The bytecode hash of the beacon proxy.

src/validators/SessionKeyValidator.sol

@@ -22,11 +22,9 @@ contract SessionKeyValidator is IModuleValidator {
   event SessionCreated(address indexed account, bytes32 indexed sessionHash, SessionLib.SessionSpec sessionSpec);
   event SessionRevoked(address indexed account, bytes32 indexed sessionHash);
 
-  // account => number of open sessions
   // NOTE: expired sessions are still counted if not explicitly revoked
-  mapping(address => uint256) private sessionCounter;
-  // session hash => session state
-  mapping(bytes32 => SessionLib.SessionStorage) private sessions;
+  mapping(address account => uint256 nOpenSessions) private sessionCounter;
+  mapping(bytes32 sessionHash => SessionLib.SessionStorage sessionState) private sessions;
 
   /// @notice Get the session state for an account
   /// @param account The account to fetch the session state for