Overview

💡 The support for smart-session is included in a separate package Appkit SDK. Please follow the instruction in order to install it

Smart Sessions allow developers to easily integrate session-based permission handling within their decentralized applications (dApps). Using the grantPermissions method, can send permission requests to wallets.

For users, this means a simpler experience. Instead of approving every action individually, they can allow access for a single session, making it faster and easier to use apps without dealing with constant pop-ups or interruptions.

With Smart Sessions, approved actions are carried out by the app’s backend during the session. This allows transactions to be processed automatically, making the experience even more seamless while ensuring that everything stays within the permissions set by the user.

This guide will walk you through on how to use the grantPermissions method, including the basic setup and an example of how to request permissions from a wallet.

Implementation

AppKit Example with Smart Session

Clone this Github repository and follow the readme to try it locally.

For a step-by-step implementation, please refer to our Smart Session guide.

Install the library

npm install @reown/appkit-experimental

How to use the permissions

The dApp must call the following RPC calls to https://rpc.walletconnect.org/v1/wallet?projectId=<PROJECT-ID>

  1. wallet_prepareCalls - Accepts an EIP-5792 wallet_sendCalls request. Responds with the prepared calls (in the case of Appkit Embedded Wallet, an Entrypoint v0.7 user operation), some context, and a signature request.
  2. wallet_sendPreparedCalls - Accepts prepared calls, a signature, and the context returned from prepareCalls if present. Returns an EIP-5792 calls ID.

Steps to follow for executing any async action by the dApp backend.

  1. Dapp makes the wallet_prepareCalls JSON RPC call. It’s Accepts an EIP-5792 wallet_sendCalls request, and returns the prepared calls according to the account’s implementation.

    Parameter

type PrepareCallsParams = [{
from: `0x${string}`
chainId: `0x${string}`
calls: {
    to: `0x${string}`
    data: `0x${string}`
    value: `0x${string}`
}[];
capabilities: Record<string, any>
}]

Return value

type PrepareCallsReturnValue = [{
    preparedCalls: {
        type: string
        data: any
        chainId: `0x${string}`
    }
    signatureRequest: {  
        hash: `0x${string}`
    }
    context: `0x${string}`
}]
  1. App developers are expected to Sign the signatureRequest.hash returned from wallet_prepareCalls call using the dApp key (secp256k1 or secp256r1)

  2. dApps makes the wallet_sendPreparedCalls JSON RPC call. The RPC accepts the prepared response from wallet_prepareCalls request along with a signature, and returns an EIP-5792 call bundle ID.

Currently supported Permission types

ContractCallPermission

export enum ParamOperator {
  EQUAL = 'EQUAL',
  GREATER_THAN = 'GREATER_THAN',
  LESS_THAN = 'LESS_THAN'
}

export enum Operation {
  Call = 'Call',
  DelegateCall = 'DelegateCall'
}

export type ArgumentCondition = {
  operator: ParamOperator
  value: `0x${string}`
}

export type FunctionPermission = {
  functionName: string
  args?: ArgumentCondition[]
  valueLimit?: `0x${string}`
  operation?: Operation
}
export type ContractCallPermission = {
  type: 'contract-call'
  data: {
    address: `0x${string}`
    abi: Record<string, unknown>[]
    functions: FunctionPermission[]
  }
}

Advance Examples

Reference