Ayush Bherwani is a Senior Developer Relations manager at MetaMask.
Tüm makaleleri oku
Our newly launched Advanced Permissions—built on ERC-7715 and part of MetaMask Smart Accounts Kit—lets users approve exactly what a dapp can do in a single interaction. Your dapp executes within that scope through a session account. The user's wallet stays in their control.
Subscriptions, DCA, AI agents, vesting, auto-compounding: if you've been waiting for a standard way to build these without stitching together workarounds, this is it.Why we built Advanced Permissions
Crypto wallets historically followed a simple interaction model where every transaction required an explicit user signature. That meant repetitive pop-ups, app-to-wallet switching, and approval fatigue. Over time, users started habitually approving requests without reading them, the opposite of informed consent.There was also no standard way for a dapp to request scoped permissions from a wallet. Without one, entire product categories—subscriptions, AI agents, time-bound access—remained difficult or impossible to build well.Embedded wallets solved some of this friction, but they introduced a different tradeoff. Users ended up with separate balances per dapp, funding and managing assets across multiple addresses. The experience became more fragmented.Advanced Permissions take a different approach: one wallet, scoped access.
What are Advanced Permissions?
Advanced Permissions let users grant a dapp the ability to perform specific, limited actions on their behalf, without giving up full wallet access or signing every transaction.Here's how it works at the protocol level:Your dapp calls wallet_requestExecutionPermissions, requesting a scoped permission from the user's MetaMask wallet.MetaMask displays a human-readable approval screen showing exactly what's being requested: the asset, amount, duration, and any constraints.The user reviews, optionally adjusts the parameters (if your request allows it), and approves.Your dapp executes within the granted scope via a session account, a purpose-built account (EOA or smart account) that your dapp creates and controls. The session account never holds user funds. It redeems permissions through ERC-7710 delegation, executing transactions directly from the user's MetaMask account within the defined limits.
For example, a user can set up a DCA strategy for an AI agent to spend up to 10 USDC per day to buy ETH for 30 days. Instead of signing each transaction every day, the user approves a single, scoped permission through MetaMask.The interface clearly outlines the terms, the asset, the amount, and the duration before approval. Once granted, the application can execute on transactions on the behalf of the users within the defined limits.
Supported permission types
ERC-7715 defines the specifications and standards for the permissions that should be requested, and the rules that should be applied to these permissions.The Smart Accounts Kit builds on this with four implementation-level permission types:Category | Permission types | What it does | Example use cases |
Periodic | erc20-token-periodic, native-token-periodic | Per-period allowance for token transfers; resets each period | Subscriptions, DCA strategies, recurring gas budgets |
Streaming | erc20-token-stream, native-token-stream | Linear streaming allowance with configurable start, rate, and cap | Vesting, continuous payments, gradual unlocks |
Revocation | erc20-revocation | Allows a dapp to revoke ERC-20 token approvals on the user's behalf | Cleaning up stale or risky approve allowances |
Each permission type accepts respective parameters with expiry, a human-readable permission justification, and isAdjustmentAllowed. See the Advanced Permissions reference for the full schema.
What you can build
Advanced Permissions shift the model from repeated approvals to intent-based execution: a user defines scoped permissions once, and actions are carried out within that scope over time.Automated and recurring flows: Subscriptions, DCA strategies, and auto-compounding can run after a one-time approval. Map these to erc20-token-periodic or native-token-periodic permissions with a periodDuration that matches your billing or execution cycle.Agent-based execution: AI agents can trade, rebalance, or take actions within user-defined boundaries. The agent controls the session account's key and executes through the delegation—the user's main wallet is never exposed, and the agent can only operate within the granted scope. No separate wallet funding required.Time-bound access: Permissions accept startTime and expiry parameters, supporting use cases like vesting schedules, scheduled executions, or in-session game actions. Combine with streaming permissions for gradual token releases.
Advanced Permissions security model
Advanced Permissions are enforced onchain through Smart Accounts Kit's Smart Contracts. Here's what that means in practice:
Scoped by design: Each permission defines exactly what the session account can access: asset, amount, time window, and transfer type. The Delegation Framework's caveat enforcers reject any execution that falls outside scope.Human-readable approval: MetaMask displays a rich confirmation UI showing the full permission parameters before the user grants anything.User-adjustable: If your permission request sets isAdjustmentAllowed: true, users can modify the parameters (e.g., reduce the amount or shorten the duration) before approving.Revocable: Users can revoke any active permission at any time through MetaMask's Dapp connections option.Session accounts don't hold funds: Execution happens via delegation redemption from the user's Smart Account. The session account is a signing key, not a custody point.
Ready to build? Get started with Advanced Permissions in the Smart Accounts Kit today.
Additional Advanced Permissions resources
Advanced Permissions developer documentation: Find out how ERC-7715 and ERC-7710 work together, and how Advanced Permissions compares to regular delegations.
Perform executions on a MetaMask user's behalf: Set up a session account, request permissions, and redeem them.
Advanced Permissions (ERC-7715) Extension for Scaffold-ETH 2: Explore a drop-in starter project with a working example.
ERC-7715 spec: Read the full proposal for wallet_requestExecutionPermissions.
Bu makalenin yazarı:
- Ayush Bherwani
- REHBERLER
RWA categories in 2026: tokenized Treasuries, stocks, commodities, and more
Compare six tokenized real-world asset categories by current market data, key products, and practical considerations for each.
- EĞİTİM
What is staking? How do I do it?
A deep dive into how token lockups and network staking work across web3
- REHBERLER
Real‑world asset tokens: What crypto wallet users need to know in 2026
Explore how RWAs use blockchain technology to enable the trading of tokenized assets including stocks, bonds, and funds.
