diff --git a/src/libraries/SsoStorage.sol b/src/libraries/SsoStorage.sol
index 67fbc2cb..5ce9d891 100644
--- a/src/libraries/SsoStorage.sol
+++ b/src/libraries/SsoStorage.sol
@@ -8,24 +8,15 @@ library SsoStorage {
   bytes32 private constant SSO_STORAGE_SLOT = 0x996e49e905bb2c30d677a2ad554e4b964a479b19a0509deafafca5126b88ba23;
 
   struct Layout {
-    // ┌───────────────────┐
-    // │   Ownership Data  │
+    // Ownership Data
     EnumerableSet.AddressSet k1Owners;
-    uint256[50] __gap_0;
-    // └───────────────────┘
-
-    // ┌───────────────────┐
-    // │     Validation    │
+    // Validation
     EnumerableSet.AddressSet moduleValidators;
-    uint256[50] __gap_2;
-    // └───────────────────┘
-
-    // ┌───────────────────┐
-    // │       Hooks       │
+    // Hooks
     EnumerableSet.AddressSet validationHooks;
     EnumerableSet.AddressSet executionHooks;
-    uint256[50] __gap_4;
-    // └───────────────────┘
+    // Storage slots reserved for future upgrades
+    uint256[256] __RESERVED;
   }
 
   function layout() internal pure returns (Layout storage l) {
diff --git a/src/validators/SessionKeyValidator.sol b/src/validators/SessionKeyValidator.sol
index 0365f82f..97131017 100644
--- a/src/validators/SessionKeyValidator.sol
+++ b/src/validators/SessionKeyValidator.sol
@@ -101,7 +101,7 @@ contract SessionKeyValidator is IModuleValidator {
   }
 
   /// @inheritdoc IERC165
-  function supportsInterface(bytes4 interfaceId) external view override returns (bool) {
+  function supportsInterface(bytes4 interfaceId) external pure override returns (bool) {
     return
       interfaceId == type(IERC165).interfaceId ||
       interfaceId == type(IModuleValidator).interfaceId ||
diff --git a/src/validators/WebAuthValidator.sol b/src/validators/WebAuthValidator.sol
index d7eb0e9d..e7e676ef 100644
--- a/src/validators/WebAuthValidator.sol
+++ b/src/validators/WebAuthValidator.sol
@@ -77,7 +77,7 @@ contract WebAuthValidator is VerifierCaller, IModuleValidator {
   /// @param signedHash The hash of the signed message
   /// @param signature The signature to validate
   /// @return true if the signature is valid
-  function validateSignature(bytes32 signedHash, bytes memory signature) external view returns (bool) {
+  function validateSignature(bytes32 signedHash, bytes calldata signature) external view returns (bool) {
     return webAuthVerify(signedHash, signature);
   }
 
@@ -108,7 +108,7 @@ contract WebAuthValidator is VerifierCaller, IModuleValidator {
     );
 
     // prevent signature replay https://yondon.blog/2019/01/01/how-not-to-use-ecdsa/
-    if (rs[0] <= 0 || rs[0] > HIGH_R_MAX || rs[1] <= 0 || rs[1] > LOW_S_MAX) {
+    if (rs[0] == 0 || rs[0] > HIGH_R_MAX || rs[1] == 0 || rs[1] > LOW_S_MAX) {
       return false;
     }