Preface

Permissions Standard Pre-draft | Notion

Abstract

In this document, I am not highlighting how the interface to requesting permission will look like. The standard should be built on top of a ETH JSON RPC like eth_requestPermission defined above can be used or any other standard that we eventually settle on.

The purpose of this doc is to solve only one problems for AA wallets:

  1. How will Dapp create and send a user operation.

For a dapp to create a user operation these three things are necessary:

  1. Nonce
  2. CallData
  3. signature

If a dapp has a way to build the above three things, a dapp with valid permissions will be able to create and send user operations.

Flow

  1. Dapp calls eth_requestPermissions
    1. Request:
      1. A valid public key that can be used as an identifier of the dapp when dapp signs the user operation.
      2. Valid permissions array, a permission definition is up for debate and one of the example is listed in the doc above.
      3. session key signing algorithm - secpk1 | secpr1 . We will have to define all the possible values here. Though wallet can chose to reject this if they don’t support the specific signing method for session key.
    2. Response
      1. grantedPermissions - list of granted permissions
      2. permissionsContext - bytes that encode the permissions that have been granted to the Dapp - this is wallet specific information and standard has no limitation on how this is encoded. Use of these bytes:
        1. send to encodeCallData to help wallet decide how to encode the call data.
        2. sent to getHashToSign to help wallet generate a unique reply protection hash that will be signed by the dapp’s session key
        3. passed in signature field to help wallet know the permissions to validate, this field can also have information about which algorithm is used by the dapp to sign the user operation and the public key of dapp which has access to sign the user operation on user’s behalf.
      3. nonceKey - a valid nonce key valid only for this Dapp
  2. Dapp make a call request to smart account address getNonce
    1. Request:
      1. nonceKey
    2. Response
      1. nonce a valid nonce valid for the user operation
  3. Dapp make a call request to smart account address encodeCallData
    1. Request:
      1. txns - Array of transactions with to, data, value
      2. permissionsContext - this can encode info if some module transaction has to be sent and callData can be modified accordingly
    2. Response:
      1. encoded call data for this specific