Account Permissions & Session Keys
An account recognizes only two types of actors: Session Keys and Admins.
Admins have unrestricted access to the account; call any functions on the contract, use the contract without going through the ERC-4337 infrastructure (bundlers, EntryPoint, etc.), withdraw the account's native token balance, and so on.
Assigning Admin Permissions
Existing admins on the account can add new admins, remove existing admins or renounce their own admin status.
In React and React Native, you can use the
useAddAdmin hook to add a new admin:
2. Session Keys
Session Keys are additional authorized signers that must go through ERC-4337 infrastructure (bundlers, EntryPoint, etc.) to use an account to execute transactions. Session keys can use an account under certain restrictions.
Assigning Session Key Permissions
Each individual session key has its own permissions to use the account. Only admins can set the permissions for session keys.
Session keys can be assigned the following permissions:
- Allow interaction with specific contracts with the account.
- Have a maximum amount of native tokens that can be transferred per transaction.
- Have access to the account only during a specific time window.
These restrictions are set in the
To set the permissions for a given signer, the
setPermissionsForSigner function is called.
From a React application, you can use the