About the authentication / authorization context in GA contracts

Hello, I am using this contract for testing ga accounts:

contract BlindAuth =
      record state = { owner : address }

      entrypoint init(owner' : address) = { owner = owner' }

      stateful entrypoint authorize(r: int) : bool =
        // r is a random number only used to make tx hashes unique 
        switch(Auth.tx_hash)
          None          => abort("Not in Auth context")
          Some(tx_hash) => true


      entrypoint to_sign(h : hash, n : int) : hash =
        Crypto.blake2b((h, n))

I modified from the contract in the documentation at protocol/ga_explained.md at master · aeternity/protocol · GitHub

When I use the above contract for a GA account, the GAMetaTx(s) fail with the error in the node logs that says ... cannot be applied due to an error authentication_failed

when I change the contract to (omiting the switch on Auth.tx_hash):

contract BlindAuth =
      record state = { owner : address }

      entrypoint init(owner' : address) = { owner = owner' }

      stateful entrypoint authorize(r: int) : bool =
        // r is a random number only used to make tx hashes unique 
        true


      entrypoint to_sign(h : hash, n : int) : hash =
        Crypto.blake2b((h, n))

the transaction goes trough. How would be the correct way to use the switch statement in this context?

The first version looks good (though you could drop to_sign it doesn’t seem to be used).

Just checking for silly mistakes, are you passing enough gas to the authentication function? If it runs out of gas it will count as a failed authentication.

What is it the max gas allowed for an auth_fun ?
The node logs report {error,too_much_gas_for_auth_function} and the tx is refused if I use 1000000000 as gas limit.

got it , it’s 50000