Hello I'm making smart contracts via ink!rust and usingdotenv` as well.

While locally testing in my file directory I can reference my .env file so all is fine, but when I deploy I have to drag and drop the <contract name>.contract into the polkadot UI to deploy.

When this happens, it seems like the .env file variables are no longer available. I want to restrict access of the smart contracts to only users who know an access mnemonic (like a pass code) so that everyone can't just spam the smart contract.

my current implementation uses dotenv to read the mnemonic saved in the .env file, but after noticing the above, I don't think this will work.

Is there a way to include the .env metadata into the files generated by cargo +nightly contract build ?
if not, how else can I limit the access of the smart contract? I guess I can check for the caller address = contract address and only allow the contract's private key to signAndSend a transaction which would mean I need to deploy the contract in my code so I can immediately grab the ABI and Address. But then I get this recursive issue of the address that I want to check against would not be defined until the contract is deployed, but when the contract is deployed it is assigned a new address and therefore keyring.

what should I do?

here is my implementation so far:

nevermind I’m just going to allow only a specific account to call.

Actually now that I think about it a .env file should never be used with a smart contract even if it can because it's really not going to be secret anymore if it's included as metadata somehow so I guess dotenv should never be used with ink! in general... my calls to the smart contract was supposed to be adjustable via .env so I wanted to make the smart contract adjustable too but it really doesn't make senes to have an adjustable smart contract... but it was fun to learn!